www.offermate.us Open in urlscan Pro
2604:a880:2:d0::867:1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Submission: On April 10 via manual (April 10th 2023, 6:52:43 pm UTC) from US — Scanned from US

Summary HTTP 132 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 1 countries across 15 domains to perform 132 HTTP transactions. The main IP is 2604:a880:2:d0::867:1, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.offermate.us. The Cisco Umbrella rank of the primary domain is 680782.
TLS certificate: Issued by R3 on March 22nd 2023. Valid for: 3 months.

This is the only time www.offermate.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2604:a880:2:d... 2604:a880:2:d0::867:1	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
18	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::54	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:264	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c0c::5e	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:400d:c01::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c02::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c02::71	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 7	2607:f8b0:400... 2607:f8b0:400d:c0d::93	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
35	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2006	15169 (GOOGLE) (GOOGLE)
1	172.217.222.157 172.217.222.157	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400d:c03::5e	15169 (GOOGLE) (GOOGLE)
2	142.250.65.163 142.250.65.163	15169 (GOOGLE) (GOOGLE)
132	23

15 2604:a880:2:d0::867:1 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.offermate.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::54 (Morganton, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:264 (United States)

ASN13335 (CLOUDFLARENET, US)

na.leafletscdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0c::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:400d:c01::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c02::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:400d:c0d::93 (Morganton, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2006 (Nutley, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f157.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c03::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.163 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net

p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	667 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335	206 KB
15	offermate.us www.offermate.us — Cisco Umbrella Rank: 680782	198 KB
10	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 87 adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	79 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com	45 KB
7	leafletscdns.com na.leafletscdns.com — Cisco Umbrella Rank: 848897	595 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	292 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 407	13 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	258 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	136 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	105 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	602 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	76 KB
132	15

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	www.offermate.us pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	www.offermate.us	www.offermate.us
7	www.google.com	4 redirects www.offermate.us tpc.googlesyndication.com
7	na.leafletscdns.com	www.offermate.us
6	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.offermate.us
3	fonts.googleapis.com	www.offermate.us googleads.g.doubleclick.net
2	p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com
2	www.facebook.com	www.offermate.us
2	connect.facebook.net	www.offermate.us connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.offermate.us
1	accounts.google.com	www.offermate.us
132	22

This site contains links to these domains. Also see Links.

Domain
d34seexzbffcio.cloudfront.net
b2b.kimbino.green

Subject Issuer	Validity	Valid
offermate.us R3	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-03` - `2023-09-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-18` - `2023-04-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Frame ID: DEDEDD1861651E9C02D285F71C993FF9
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: 331F33523F4D14543855C32A32007A51
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1681152757&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757139&bpp=5&bdt=198&idt=133&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5796386909567&frm=20&pv=2&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165
Frame ID: 8A669815372DBD7E724F4F858D8EEB0F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=1866642601&adk=3085869979&adf=1188995862&pi=t.ma~as.1866642601&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757144&bpp=3&bdt=202&idt=165&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LnhQ0fyLWL&p=https%3A//www.offermate.us&dtd=173
Frame ID: B51839041A0157F6F2FBC3156B8EC397
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196
Frame ID: 4F4A254CB66A49F20234DF434ED57EC0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=250&slotname=3237410500&adk=3264548296&adf=3927350558&pi=t.ma~as.3237410500&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=12&format=870x250&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&fwrattr=true&rh=250&rw=870&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757149&bpp=1&bdt=207&idt=230&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=etJGpPSDl9&p=https%3A//www.offermate.us&dtd=241
Frame ID: 4E1211F4BA87320A84EBEDD70A06EC3F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5067521015&adk=228389958&adf=1888551357&pi=t.ma~as.5067521015&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=870x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757150&bpp=1&bdt=208&idt=416&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=WqvgapeOnd&p=https%3A//www.offermate.us&dtd=424
Frame ID: A607EB9A3A3E65D2ACEF04DC254A2C5B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2971270540&pi=t.ma~as.3636510535&w=300&fwrn=4&lmt=1681152757&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&efwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757154&bpp=1&bdt=213&idt=472&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250%2C870x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=6&uci=a!6&fsb=1&xpc=L7Hd3OC0ja&p=https%3A//www.offermate.us&dtd=478
Frame ID: A7750393E55A2B680684F1F1FB790E69
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D309B011338D882F84235D3D85B780AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C8B10642BD57F059C597BEE21D8E223E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 146A0685961F521A259D7B3ABBA50F43
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77CBFBF34AE616AAC45EF374061A0138
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: 2D57D7A99CAA89D101CE7F58E4C5C6BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 90764DEF4685F90FD18ABDEC31F0310B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: 45D3A0D28816861C70F01435F90648E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: 1C54EE8C865606DD0D3CC0DB40935733
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9A832DE8D66FAD0F5425CE10AB8C4908
Requests: 2 HTTP requests in this frame

Frame: https://p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 03E2E52EE7F2FE46FBD528231282E550
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5689F867C09A5F1AFD1BBA1968A7838
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 40F556188308C57EC29E64A8788BB86A
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: C47C044A73EDB818283E31A785F3F241
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js
Frame ID: EBFA32D33DC5F938754F1810FE0E5FED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79C5C0B6CA8D8DC31DFD413A75C5B0F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB63A8FF86F58CCAB7CB889C235A1605
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jewel Osco Weekly Ad - Chicago from 04/05/2023 >> Flyer

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
accounts\.google\.com/gsi/client

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

/yii\.(?:validation|activeForm)\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Page Statistics

132
Requests

100 %
HTTPS

91 %
IPv6

15
Domains

22
Subdomains

23
IPs

1
Countries

2437 kB
Transfer

5513 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://d34seexzbffcio.cloudfront.net/a94464aff8a69ba3b7b48aee44397d866191662a65485.pdf
Title: the terms of use

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/f99397dcc5231c8fb6021fd90ae44dd0642d143f9d072.pdf
Title: to the processing of personal data

Search URL Search Domain Scan URL

URL: https://b2b.kimbino.green/
Title: For partners

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

132 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/ 141 KB
31 KB 496ms
79ms Document
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

787acc0e7c2fbe3c820cd41fe8533c1167aef40fafb6e16b379cd548af50e830

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 29780
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 10 Apr 2023 18:52:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: []
server: nginx
strict-transport-security: max-age=10; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Hyperia
x-proxy-cache: HIT
x-proxy-cache-type: nl30m
x-proxy-date: Mon, 10 Apr 2023 18:51:21 GMT
x-proxy-date-now: Monday, 10-Apr-2023 18:52:36 GMT
x-upstream-backend: letakomat-sfo2-w009
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 81ms
62ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72f3151ab60ee889d73411e5d38edf10eeb5cdffba22f3ad815a5aa2081fc8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47987
x-xss-protection: 0
server: cafe
etag: 17245820299113672219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:37 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 194 KB
77 KB 65ms
29ms Script
application/javascript 2607:f8b0:400d:c0e::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::54 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d976bc845dc7f3e90c950f8fb28e94c0ef817547972a254c55a5a31be6d3dc1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-AaEoVU1db_ZBnzlZTyoZqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-AaEoVU1db_ZBnzlZTyoZqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 10 Apr 2023 18:52:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 39ms
20ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd3940c8e2f55d326a95e8d2bd7d67c93b84bcdb68be24a438a00444560a0e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 17:06:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 18:52:37 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7368f0ad139592962f015c33a985f9114e12b422d986707d7986c1fc882b0151

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 external.min.js Show response
www.offermate.us/js/joined/ 135 KB
52 KB 74ms
73ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/external.min.js?t=f67a0169a3f4590ae0dde7743f45f70d
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 801239b879b1dd730f81ce9d02da51f46c9a0b12bf0c1bb58c3b5618e42bc7aa

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 17:02:01 GMT
last-modified: Fri, 07 Apr 2023 16:46:49 GMT
server: nginx
expires: 31556926
etag: "643048f9-cf08"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
content-length: 53000
x-proxy-cache: HIT

GET
H2 200 common_co.min.js Show response
www.offermate.us/js/joined/ 53 KB
19 KB 146ms
146ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/common_co.min.js?t=3cbedabf1c9e357be3de1eedf2a7ee31
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ce0a4c3d8abbff57982c2f9b9f29d47fd14221e73f7bf64716792c7c225ff5ac

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 17:02:01 GMT
last-modified: Fri, 07 Apr 2023 16:46:49 GMT
server: nginx
expires: 31556926
etag: "643048f9-48d1"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
content-length: 18641
x-proxy-cache: HIT

GET
H2 200 brochure.min.js Show response
www.offermate.us/js/joined/ 13 KB
5 KB 145ms
144ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/brochure.min.js?t=b9671feab1f31cacb9d95d295c268ced
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 856cb15653c67940d3609b09f61b979bf307d4f8c239bcc6ddb16425a3266295

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 17:02:02 GMT
last-modified: Fri, 07 Apr 2023 16:46:49 GMT
server: nginx
expires: 31556926
etag: "643048f9-130f"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
content-length: 4879
x-proxy-cache: HIT

GET
H2 200 typeahead.bundle.min.js Show response
www.offermate.us/js/ 38 KB
13 KB 146ms
145ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/typeahead.bundle.min.js?t=978b5ff044747adbcb48a59d99655591
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b3818928a6dda2320971814d38378a48da9430d8936b7b46466d3f9117d6a017

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 17:02:01 GMT
last-modified: Fri, 07 Apr 2023 16:46:49 GMT
server: nginx
expires: 31556926
etag: "643048f9-33fe"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
content-length: 13310
x-proxy-cache: HIT

GET
H2 200 ads.js Show response
na.leafletscdns.com/us/assets/cca6003e/js/ 625 B
524 B 50ms
12ms Script
application/javascript 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://na.leafletscdns.com/us/assets/cca6003e/js/ads.js
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9fd337433b7dba6a978c3b55e0c1e7227cb2b057fc02bae8196448d33817c47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: 31556926
date: Mon, 10 Apr 2023 18:52:37 GMT
x-proxy-date: Wed, 08 Mar 2023 15:33:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2863128
cf-polished: origSize=650
x-from-origin: true
x-proxy-cache: MISS
x-proxy-date-now: Wednesday, 08-Mar-2023 15:33:49 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 07:48:23 GMT
server: cloudflare
etag: W/"64083dc7-28a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD3RQDUk3iofL7s%2B96wegSnXW2gAsr%2FIjD80FLAie4sSv1BYGCyYJ0hUSenwitHK3%2FdsBMTzF6xADGWWVw%2FVSUxzE4%2F98DAgOqoVumSWM39Lqt9qopanBu1HNkJH9CFkmiGBUJB0fYjf0BmV%2F8tq%2FKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7b5d301bb9e14211-EWR
x-proxy-cache-type: 5

GET
H2 200 check_hp.js Show response
na.leafletscdns.com/us/assets/cca6003e/js/ 2 KB
1 KB 47ms
10ms Script
application/javascript 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://na.leafletscdns.com/us/assets/cca6003e/js/check_hp.js
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0834eea807d48a76d68ea89324166ef76d9383865df524f1627835a82d05b6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: 31556926
date: Mon, 10 Apr 2023 18:52:37 GMT
x-proxy-date: Wed, 08 Mar 2023 15:33:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2863128
cf-polished: origSize=2607
x-from-origin: true
x-proxy-cache: MISS
x-proxy-date-now: Wednesday, 08-Mar-2023 15:33:49 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 08 Mar 2023 07:48:23 GMT
server: cloudflare
etag: W/"64083dc7-a2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kzlj6zkuEuMbFOVEF2s%2FpU8t%2Fa2oqXNxke51TTIRU%2BV%2BcByU%2FcyvYp5GFVQloD4gVECxJOgdlLAca56nSW6bACoqc7BBTAopQTJK0UGEDg%2BTCZMS1CzPZr1wYHi18sgBg38ugp4O51xXVN3blDjvWgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7b5d301bb9e24211-EWR
x-proxy-cache-type: 5

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 56ms
16ms Font
font/woff2 2607:f8b0:400d:c0c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 03:28:34 GMT
x-content-type-options: nosniff
age: 55443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 03:28:34 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 60ms
20ms Font
font/woff2 2607:f8b0:400d:c0c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:10:22 GMT
x-content-type-options: nosniff
age: 546135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 11:10:22 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7493bc8f10ecb323c57fb310ad1c1ad920509bacfcaca6bb678b5a47e29fce3b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 57ms
56ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0ac7d25da4ba2881fb1cbaf23cd4effda8a64ba5a964df001ab7d37cd8e235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118918
x-xss-protection: 0
server: cafe
etag: 2519962766914618213
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame 331F 10 KB
5 KB 55ms
16ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 20154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 13:16:43 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 13:16:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
76 KB 50ms
29ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/common_co.min.js?t=3cbedabf1c9e357be3de1eedf2a7ee31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0fe4f099b4159706d7cae698832bf701167f447f3f348115ccdbdd6a04079d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77382
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Apr 2023 18:52:37 GMT

GET
H2 200 fontello.css
www.offermate.us/fonts/fontello/css/ 4 KB
2 KB 76ms
73ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c1e0c28137c42797a894fe2267653af646136000fc5c53cb82c0f85971a1b45

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 12:43:20 GMT
last-modified: Fri, 07 Apr 2023 16:46:10 GMT
server: nginx
expires: 31556926
etag: W/"643048d2-1165"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-proxy-cache: HIT

GET
H2 200 global.css
www.offermate.us/css/ 127 KB
27 KB 77ms
72ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/global.css?t=50fc2539e0494bd9315d950dac4f0ae5
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 514b22d187b5ec053c4baaf6d5abbf6fdf2201ce02c1b72492dda2be76de32e4

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 11:23:40 GMT
last-modified: Fri, 07 Apr 2023 16:46:49 GMT
server: nginx
expires: 31556926
etag: W/"643048f9-1fab1"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-proxy-cache: HIT

GET
H2 200 letak.css
www.offermate.us/css/ 45 KB
10 KB 78ms
73ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/letak.css?t=b6d42e88eec6043bea9da1380ce2de27
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c95a021be6940b62b4a1f5c7aa47f87ca7835e014d1d3fe2305c8a15ab703797

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 07:42:07 GMT
last-modified: Fri, 07 Apr 2023 16:46:48 GMT
server: nginx
expires: 31556926
etag: W/"643048f8-b48f"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-proxy-cache: HIT

GET
H2 200 globalDefer.css
www.offermate.us/css/ 22 KB
6 KB 81ms
76ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/globalDefer.css?t=ad25e0c36a249b1c0698f4262665f084
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 525c30de31f527ed4da748ce39fa25b110a1a3f74226e8863f48740026ba3e3c

Request headers

Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 06:28:21 GMT
last-modified: Fri, 07 Apr 2023 16:46:47 GMT
server: nginx
expires: 31556926
etag: W/"643048f7-59f9"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-proxy-cache: HIT

GET
H2 200 / Show response
www.offermate.us/ajax/get-email-signup/ 3 KB
3 KB 77ms
75ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/ajax/get-email-signup/?shop_id=66

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=f67a0169a3f4590ae0dde7743f45f70d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

9d771edb5d93e0032c86e5ab0a2a2ea206c3795339ef2a0387218c2825853593

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
X-CSRF-Token: gAGaRoAJO4e9v2cex4rWs4U7bCVtWgJNLfQrUpXA5nm5d-k-0lZ98O7eMUy9x5mCtlJZCAUyUTpk2Wc64vffGw==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Mon, 10 Apr 2023 18:52:37 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 18:13:01 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-upstream-backend: letakomat-sfo2-w002
content-length: 1226
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:13:01 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-email-signup/?shop_id=66
x-proxy-cache-type: nl30m

GET
H2 200 logo.webp
na.leafletscdns.com/us/data/66/ 4 KB
5 KB 293ms
291ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/66/logo.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1210caa06ec3f9e31bdba20a7675004b2615e599dca6c90b98816e7375ab35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
cf-cache-status: MISS
last-modified: Sun, 03 Jul 2022 00:26:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nxZQt0YlHNXAdJxpB2isVjzxDRkFkD6NCMBv1goYIFu5LHUXtIJPi8NK2RC9ahM31IY%2FwvZtSXIUc3RGTHHi%2FpzfpViSzJaI14LnEQ1M2zkY2jtuSmEj00nge1HKK7F%2BHqGeDSJyP7zkgTiUFskKUTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 7b5d301cbb214211-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 0.webp
na.leafletscdns.com/us/data/66/39843/ 570 KB
571 KB 424ms
422ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/66/39843/0.webp?t=1680603026
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fdc0a090d95d821f71fbc49af3fc01c2d657cb057d1b2772a0577477b073f75

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 10:10:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ao4NytQS7nWf5MSRZPYL%2BMOhHXi2YnpnZWp6WBB68zONuYl4oIIhEZ3CVVYqpGgxDcLIb2P4jDbwJTgwwPE6z%2BRxYqSxS3TC7KVo%2B2SeqngrJNj6R%2B0yKfXkwCT9r4omKsYpL2WZcJQStdEVk%2FOirRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7b5d301cbb1c4211-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 583952
expires: 31556926

GET
H2 200 135x110.webp
na.leafletscdns.com/us/data/66/39845/ 5 KB
6 KB 290ms
289ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/66/39845/135x110.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 324455f9c539173e6eb201f51955704cf429c9bea2a3e4cfce3ec09ee41f2686

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 10:10:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2RJpsqQXCOcM3Uv85JBK8%2FK0PPl1Tf1%2BL0G5CCuXP9QR3QLfPT28xivuTIw1B6tI22jqhMw%2BTrLlnGy6nIFBdaSQgeEFrwbgfjA3JVibXU0UBH%2FNvetAfXAQzUpE8nVL%2B4MQvLB7Eq6sxvjiLJCGUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7b5d301cbb204211-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5544
expires: 31556926

GET
H2 200 135x110.webp
na.leafletscdns.com/us/data/66/39844/ 5 KB
6 KB 288ms
286ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/66/39844/135x110.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb68d78a867e6b4e17ccf89b9f80a328f34f5e2bdce4748ff38c57f10bd7286

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 10:10:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEGmSdqzJKSfC7VFpGeUueNIt%2F8RukKl5f9r5nYt7MEQCUGQl1leGN9dI3dZaQsSmT1z04YvPOtu125m13d0IlcyHRM8GxlfWaIlQd6t%2F8PGBq9NjCG9LSAVX5Mue2LG9hROpRamXUkdjvk%2BmDxtc7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7b5d301cbb234211-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5508
expires: 31556926

GET
H2 200 135x110.webp
na.leafletscdns.com/us/data/66/39842/ 5 KB
6 KB 291ms
290ms Image
image/webp 2606:4700:20::681a:264
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/66/39842/135x110.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:264 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb97ffb4146fd2303ff524b7f93fa394b48a6d2d45c3967b98e8829285f75df5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Apr 2023 10:10:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bP2iDdMMC%2F14cSnKx%2FMAkje6L2BlQ3%2FiJDQmxk2vs4xAw2ajqOAub7pr7vx0y%2Fu6I2o2mYn8%2Bry1K47QHyo6oSw%2FOoyDpUla2KBTCX4okOh7b94lFUito%2F24HINpw%2BgGeAZf33E0TG33yQ8bxZJ2%2BLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 7b5d301cbb244211-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5528
expires: 31556926

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
602 B 72ms
18ms Script
text/javascript 2607:f8b0:400d:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.offermate.us&callback=_gfp_s_&client=ca-pub-1447540957213601

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3881745cc24e76f8ab2cadf3dd45bc57efed57a4779f120728c29e5482b0117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 54ms
29ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offermate.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A66 154 KB
45 KB 1391ms
1389ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1681152757&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757139&bpp=5&bdt=198&idt=133&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5796386909567&frm=20&pv=2&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=165

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c49a49bd3cce2c711de59906275e6a6a9b2190ae9881778341f99a19074ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45751
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
expires: Mon, 10 Apr 2023 18:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B518 74 KB
30 KB 1309ms
1308ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=1866642601&adk=3085869979&adf=1188995862&pi=t.ma~as.1866642601&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757144&bpp=3&bdt=202&idt=165&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LnhQ0fyLWL&p=https%3A//www.offermate.us&dtd=173

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce0bc44c22ab6cb2b2a8a4cf8d7eb5c952a008bb471fed9d6d779776da0a0dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30246
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
expires: Mon, 10 Apr 2023 18:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.offermate.us/ajax/get-menu-items/ 6 KB
4 KB 74ms
73ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/ajax/get-menu-items/

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=f67a0169a3f4590ae0dde7743f45f70d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

51d8ea7b1cbd063ab7730fbb7d2fb39690110c061c2d8c8305459c104b89f66f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
X-CSRF-Token: gAGaRoAJO4e9v2cex4rWs4U7bCVtWgJNLfQrUpXA5nm5d-k-0lZ98O7eMUy9x5mCtlJZCAUyUTpk2Wc64vffGw==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 10 Apr 2023 18:52:37 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 18:47:05 GMT
x-powered-by: Hyperia
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-upstream-backend: letakomat-sfo2-w004
content-length: 2507
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Apr 2023 18:47:06 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-menu-items/
x-proxy-cache-type: a30m

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F4A 75 KB
30 KB 1645ms
1644ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47c1af565102048c12a05218d2c3ed76bfc8fb7ecf5fc353713bf38bb3aa6e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
expires: Mon, 10 Apr 2023 18:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fontello.woff2
www.offermate.us/fonts/fontello/font/ 9 KB
9 KB 74ms
74ms Font
application/octet-stream 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/fonts/fontello/font/fontello.woff2?51555792
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bdee25441d23d999ce7010694fcaf06b184e8ed8b21393af67ce1b31d96637e

Request headers

Referer: https://www.offermate.us/fonts/fontello/css/fontello.css?t=304e9d8f4e8c1417a13c1de7fd809634
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
x-proxy-date: Mon, 10 Apr 2023 12:43:20 GMT
expires: 31556926
last-modified: Fri, 07 Apr 2023 16:46:10 GMT
server: nginx
etag: "643048d2-23d8"
x-from-origin: true
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
accept-ranges: bytes
content-length: 9176
x-proxy-cache: HIT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E12 75 KB
30 KB 1148ms
1147ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=250&slotname=3237410500&adk=3264548296&adf=3927350558&pi=t.ma~as.3237410500&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=12&format=870x250&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&fwrattr=true&rh=250&rw=870&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757149&bpp=1&bdt=207&idt=230&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=etJGpPSDl9&p=https%3A//www.offermate.us&dtd=241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab5a38c9fb0e60be24da73acdc9093f3d8846bb8cca8e1a985aaa5d23be43de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
expires: Mon, 10 Apr 2023 18:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 yii.validation.js Show response
www.offermate.us/assets/5944586e/ 17 KB
4 KB 74ms
73ms XHR
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/assets/5944586e/yii.validation.js
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=f67a0169a3f4590ae0dde7743f45f70d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
X-CSRF-Token: gAGaRoAJO4e9v2cex4rWs4U7bCVtWgJNLfQrUpXA5nm5d-k-0lZ98O7eMUy9x5mCtlJZCAUyUTpk2Wc64vffGw==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: 31556926
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 12:44:13 GMT
last-modified: Fri, 07 Apr 2023 17:01:03 GMT
server: nginx
x-proxy-cache: HIT
etag: W/"64304c4f-4413"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-proxy-cache-type: s24h

GET
H2 200 yii.activeForm.js Show response
www.offermate.us/assets/5944586e/ 36 KB
9 KB 74ms
73ms XHR
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/assets/5944586e/yii.activeForm.js
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=f67a0169a3f4590ae0dde7743f45f70d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/
X-CSRF-Token: gAGaRoAJO4e9v2cex4rWs4U7bCVtWgJNLfQrUpXA5nm5d-k-0lZ98O7eMUy9x5mCtlJZCAUyUTpk2Wc64vffGw==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: 31556926
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 12:44:13 GMT
last-modified: Fri, 07 Apr 2023 17:01:03 GMT
server: nginx
x-proxy-cache: HIT
etag: W/"64304c4f-9046"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
x-proxy-cache-type: s24h

GET
H2 200 maskot-main-happy-xs-subscribe.png
www.offermate.us/img/maskot/ 2 KB
3 KB 74ms
73ms Image
image/png 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offermate.us/img/maskot/maskot-main-happy-xs-subscribe.png
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/css/global.css?t=50fc2539e0494bd9315d950dac4f0ae5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/css/global.css?t=50fc2539e0494bd9315d950dac4f0ae5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: gzip
x-proxy-date: Mon, 10 Apr 2023 12:45:20 GMT
last-modified: Fri, 07 Apr 2023 16:46:10 GMT
server: nginx
expires: 31556926
etag: "643048d2-917"
x-from-origin: true
content-type: image/png
cache-control: public, max-age=31556926
x-proxy-date-now: Monday, 10-Apr-2023 18:52:37 GMT
content-length: 2327
x-proxy-cache: HIT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A607 105 KB
33 KB 1047ms
1046ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5067521015&adk=228389958&adf=1888551357&pi=t.ma~as.5067521015&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=870x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757150&bpp=1&bdt=208&idt=416&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=WqvgapeOnd&p=https%3A//www.offermate.us&dtd=424

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e78f51a928b0ee821c3bc5fd122ff6d24966883ffeaccb1ab790849860d1684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
expires: Mon, 10 Apr 2023 18:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
17ms Script
text/javascript 2607:f8b0:400d:c02::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Apr 2023 18:35:34 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1023
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 10 Apr 2023 20:35:34 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 37ms
19ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 10 Apr 2023 18:52:36 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1F4C74BCA92E4D638121E37809F8B141 Ref B: EWR311000105017 Ref C: 2023-04-10T18:52:37Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 20ms
3ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Apr 2023 18:52:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8il/2bZ6AzSdLkBnP9xYK78Xk+DanXpmtkcBe+is7d/xP0/Zp83wfdXGI+3BDv2NdgNwHMxwbSOvFB7uGIW2MA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/ 2 KB
1 KB 123ms
123ms Script
text/javascript 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/?random=1681152757621&cv=11&fst=1681152757621&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&hn=www.googleadservices.com&frm=0&tiba=Jewel%20Osco%20Weekly%20Ad%20-%20Chicago%20from%2004%2F05%2F2023%20%3E%3E%20Flyer&auid=71934003.1681152758&uamb=0&uaw=0&data=AdBlock%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d33148c997df4a3722cd1287ae3b774c635c94c8a7173b0e0435571b283978e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A775 57 KB
27 KB 1373ms
1371ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2971270540&pi=t.ma~as.3636510535&w=300&fwrn=4&lmt=1681152757&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&efwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757154&bpp=1&bdt=213&idt=472&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250%2C870x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=6&uci=a!6&fsb=1&xpc=L7Hd3OC0ja&p=https%3A//www.offermate.us&dtd=478

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82298cba640fc44358fd59fa91c5ecfe7f83cd33457d857de10f039e1858ba18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28085
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
expires: Mon, 10 Apr 2023 18:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 478813288996064 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478813288996064?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eedfbf3a26a7e74155ac5acef6d965941cfa216616e56612bff13011501f4fa4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 10 Apr 2023 18:52:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110198
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zvF1uT+3z5gIP0rUS8WwtPv2LbO+YKGTMM63tFo3lnQZqyy7L/4vfHYLyIJy62ruEWjVucbfZPYgEh7W9h2Y5A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 27016625.js Show response
bat.bing.com/p/action/ 0
117 B 23ms
23ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27016625.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 10 Apr 2023 18:52:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 84CE7E6701644E7CB7790E3469020133 Ref B: EWR311000105017 Ref C: 2023-04-10T18:52:37Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
362 B 62ms
61ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27016625&tm=gtm002&Ver=2&mid=e6fa5dd2-0660-48f6-a01f-f2d48448bee4&sid=dcdbd7c0d7d011ed8d5eb3275bdf6dce&vid=dcdc2d80d7d011ed9d926fd2c325402a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Jewel%20Osco%20Weekly%20Ad%20-%20Chicago%20from%2004%2F05%2F2023%20%3E%3E%20Flyer&kw=Jewel%20Osco%20latest%20offers,%20Jewel%20Osco%20special%20offers,%20Jewel%20Osco%20offers,%20special%20offer%20Jewel%20Osco,%20Jewel%20Osco%20offer%20of%20the%20week,%20Jewel%20Osco%20flyer,%20Jewel%20Osco%20weekly%20ads,&p=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&r=&lt=787&evt=pageLoad&sv=1&rn=892978

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 10 Apr 2023 18:52:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BDB3E811E36D4F888A9118557EEB5F70 Ref B: EWR311000105017 Ref C: 2023-04-10T18:52:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 17ms
4ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=PageView&dl=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&rl=&if=false&ts=1681152757714&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1681152757713.1209913558&it=1681152757656&coo=false&rqm=GET

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 10 Apr 2023 18:52:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 20ms
20ms XHR
text/plain 2607:f8b0:400d:c02::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2061053222&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&ul=en-us&de=UTF-8&dt=Jewel%20Osco%20Weekly%20Ad%20-%20Chicago%20from%2004%2F05%2F2023%20%3E%3E%20Flyer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=2098103362&gjid=445522664&cid=838146466.1681152757&tid=UA-24834420-23&_gid=474971670.1681152758&_r=1&_slc=1&gtm=45He3430n81TDZSNKH&cg5=brochure%2Findex&cd1=proj%3AL%3Bcountry%3AUS%3Bshop%3A66%3Bid%3A39843%3Bmonth%3A04%2F2023%3Bpg%3A11%3Bcut%3A0%3B&cd2=0&cd3=39843&cd5=66&cd6=11&z=420048691

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c02::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/868040956/ 42 B
455 B 61ms
25ms Image
image/gif 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868040956/?random=1681152757621&cv=11&fst=1681149600000&bg=ffffff&guid=ON&async=1&gtm=45He3430&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&frm=0&tiba=Jewel%20Osco%20Weekly%20Ad%20-%20Chicago%20from%2004%2F05%2F2023%20%3E%3E%20Flyer&data=AdBlock%3D0&fmt=3&is_vtc=1&random=2724137655&rmt_tld=0&ipr=y

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
348 B 43ms
19ms XHR
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-24834420-23&cid=838146466.1681152757&jid=2098103362&gjid=445522664&_gid=474971670.1681152758&_u=YAhAAEAAAAAAACAAI~&z=1354367342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 10 Apr 2023 18:52:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 27ms
26ms Image
image/gif 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-24834420-23&cid=838146466.1681152757&jid=2098103362&_u=YAhAAEAAAAAAACAAI~&z=1629585749

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame D309 0
73 B 5ms
4ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.offermate.us
Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.offermate.us
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 8560092566719227782
tpc.googlesyndication.com/simgad/ Frame 4E12 21 KB
22 KB 59ms
22ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8560092566719227782?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnbAf8EU_r7UpxgfGMNnrMF0LBTbQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=250&slotname=3237410500&adk=3264548296&adf=3927350558&pi=t.ma~as.3237410500&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=12&format=870x250&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&fwrattr=true&rh=250&rw=870&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757149&bpp=1&bdt=207&idt=230&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=etJGpPSDl9&p=https%3A//www.offermate.us&dtd=241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd930a6b6a388e8c29b983c876ae043b9f9352c5f670d9a26d7bafcd6d8ebaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 19:57:35 GMT
x-content-type-options: nosniff
age: 82503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21872
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 18:34:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Apr 2024 19:57:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 4E12 22 KB
9 KB 52ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:51:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 4E12 3 KB
1 KB 51ms
21ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 23:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 23:48:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 4E12 20 KB
8 KB 49ms
18ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 18:45:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E12 159 KB
49 KB 63ms
32ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:38 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 4E12 32 KB
13 KB 67ms
37ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13331
x-xss-protection: 0
server: cafe
etag: 1527815087941412852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:02:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4E12 0
0 40ms
40ms Fetch
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNMmP9Vo0ZIvTGbWEvPIPr_iJ4AP51crBb_iiqq7nD7PE3MCVHBABIOz4qCNgycapi8Ck2A-gAeaSp8cDyAECqAMByAPJBKoEiAJP0M2ZllCqh2BvUE1wQpZVY7NcQz0eDRd5MgYa905tl3TEZ9v18OanRwAryrivJiwGZ3fpVxaHdgnYit41AXKach5uyszEqDI2F4SOuT2FGol835ntdtc5XyUQIeiYnDEIuJaa6bwtICnlvuYuGniS5TGnLCr0sDZry0wv9dTbB1xVvs5vvQwi0NFoDt6CjKTpHrKOQ68XylpoRaiB-i0r5f_TLqndT21jds1G1ZdYU6J9I5ELbUL7D3Morsn-ANm7rvFdixuTV6LCImMIKpEpVbuUh6jUIz2M2elmoRGJEATTL-nEMSXOQ81FObCKAyvfl5a8p_mbGqa94NsjcM4RurJb0O1XBPLABN2W39PSA5IFBAgEGAGSBQQIBRgEoAYCgAeC7dg4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQu7DVAdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNDQ3NTQwOTU3MjEzNjAxGAA&sigh=sel2pet1vlE&uach_m=[UACH]&cid=CAQSGwDUE5ymny1M-tAfU3PZoKXVwzgQajhOH6KJuRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=250&slotname=3237410500&adk=3264548296&adf=3927350558&pi=t.ma~as.3237410500&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=12&format=870x250&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&fwrattr=true&rh=250&rw=870&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757149&bpp=1&bdt=207&idt=230&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=etJGpPSDl9&p=https%3A//www.offermate.us&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 18:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 10 Apr 2023 18:52:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8B1 143 B
166 B 22ms
19ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=250&slotname=3237410500&adk=3264548296&adf=3927350558&pi=t.ma~as.3237410500&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=12&format=870x250&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&fwrattr=true&rh=250&rw=870&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757149&bpp=1&bdt=207&idt=230&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=etJGpPSDl9&p=https%3A//www.offermate.us&dtd=241
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:37:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4E12 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10325636f6b47ec7cf8a279c6b420d173a6b50f66bc16052c5924b2919e3468b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 18199705191632616825
tpc.googlesyndication.com/daca_images/simgad/ Frame A607 91 KB
91 KB 19ms
19ms Image
image/jpeg 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/18199705191632616825

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5067521015&adk=228389958&adf=1888551357&pi=t.ma~as.5067521015&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=870x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757150&bpp=1&bdt=208&idt=416&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=WqvgapeOnd&p=https%3A//www.offermate.us&dtd=424

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ba0dc9e8cb33e7307566325973584e9f72f087916ac29dec19801b7c432baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:21:06 GMT
x-content-type-options: nosniff
age: 595892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93102
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 23:34:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 Apr 2024 21:21:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame A607 22 KB
9 KB 17ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:51:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A607 3 KB
1 KB 19ms
18ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 23:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 23:48:50 GMT

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame A607 67 B
91 B 25ms
24ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 02:07:37 GMT
x-content-type-options: nosniff
server: cafe
age: 60301
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Tue, 11 Apr 2023 02:07:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A607 20 KB
8 KB 18ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 18:45:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A607 159 KB
49 KB 25ms
22ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:38 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A607 32 KB
13 KB 20ms
18ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13331
x-xss-protection: 0
server: cafe
etag: 1527815087941412852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:02:38 GMT

GET
H2 200 17455896847549980101
tpc.googlesyndication.com/simgad/ Frame B518 7 KB
7 KB 20ms
18ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17455896847549980101?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qli8AAxIm_mztCkWJ8yfhBTTU4kcg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=1866642601&adk=3085869979&adf=1188995862&pi=t.ma~as.1866642601&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757144&bpp=3&bdt=202&idt=165&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LnhQ0fyLWL&p=https%3A//www.offermate.us&dtd=173

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ce6675f8190c5115c5ac05ae5953c05463d1222c1032b4f74ce33dd4757d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:12:39 GMT
x-content-type-options: nosniff
age: 16799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7415
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 21:59:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 14:12:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame B518 22 KB
9 KB 18ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:51:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame B518 3 KB
1 KB 23ms
22ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 23:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68628
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 23:48:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame B518 20 KB
8 KB 20ms
19ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 18:45:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B518 159 KB
49 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:38 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame B518 32 KB
13 KB 24ms
23ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13331
x-xss-protection: 0
server: cafe
etag: 1527815087941412852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:02:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A607 0
0 40ms
40ms Fetch
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cp1Gd9Vo0ZNLlJICMvPIPg-iB-APfyZ3zb6Ok-9u4EN3ZHhABIOz4qCNgycapi8Ck2A-gAf-wpKMDyAECqQLNNjTtr7q0PqgDAcgDyQSqBJACT9BBBNlRMhWKbtM7DKCVZYtFlsqH-QWp0-r6gMyWi58tZZPI7orJMM08KdQ94b3wUTAtIelEAGJejxqP35CRScn4dS1fV-aE_DrrokkBoiOb9IpJ2V8Jg0IMk8haTnAmmpkM-g87exxNSGKIihNOC5ijmm8KCk13O3Xy6QOMJpaq7vdDGWTttU9eHITrZ0-zZmi9Qktf5dkD25ApK-PHRYkqjpdli25Lsmqiv12AMQZE235mhEkByzhtddXlJtmj46nD-f-jx20a8wBbgivd-SOJuyN6dY5y7JbjTy6GJiXmGUZ91QTWzEqBM3SGkC6aeTkcy3ni-zT_Q3gwP-CK-Psw1tbAU6filvE-JhlKTjrABNnK5pORBJIFBAgEGAGSBQQIBRgEoAYCgAeahJ0cqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQj6NG0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTE0NDc1NDA5NTcyMTM2MDEYAA&sigh=mqFLpxV9AK8&uach_m=[UACH]&cid=CAQSGwDUE5ym2Zoit83TJu3qy0I9ggam8o-Jo-3tKRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5067521015&adk=228389958&adf=1888551357&pi=t.ma~as.5067521015&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=870x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757150&bpp=1&bdt=208&idt=416&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=WqvgapeOnd&p=https%3A//www.offermate.us&dtd=424
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 18:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B518 0
0 42ms
41ms Fetch
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5ebT9Vo0ZMKEFb3mxtYP5OO5iAP51crBb5fb3tfYDrPE3MCVHBABIOz4qCNgycapi8Ck2A-gAeaSp8cDyAECqAMByAPJBKoEiAJP0OnUvyDW3t8OXJTJcOSBicDN26xbfPu9rF06Yp6SqWir9jQm3KbBtuATdysf9AHqyxkfQccffTzaXL2e5Sm6JCr40IQ9bpOWe5tUi7wjpoUiW59UjoEXD3omFyre9enk4GnYTzChpeBVKU_13HKIPRAocz6RYWW3ZVqIV1rUqKQY6B7yQsvO-4Kp3Temrujc4ix3P-8wxOGYs68Wu1tcUVX9xZCLYqDuTYptzbTcrAsRUp5r8o8jJfDQ6obUkeyCUsN2QRmdbju6CwID8_VgsiAJ0R3u2vFRZts1yGOmc1tKDrRBHOH6Sals6r952yuzwkTMbgmQYHCdbXCI-mNCiP7buy1nC4XABN2W39PSA5IFBAgEGAGSBQQIBRgEoAYCgAeC7dg4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQttW6BNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xNDQ3NTQwOTU3MjEzNjAxGAA&sigh=ykTL3t0Mnvw&uach_m=[UACH]&cid=CAQSGwDUE5ymUVDMXCViDibKtb6WLAzXxIny5EuWGxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=1866642601&adk=3085869979&adf=1188995862&pi=t.ma~as.1866642601&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757144&bpp=3&bdt=202&idt=165&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LnhQ0fyLWL&p=https%3A//www.offermate.us&dtd=173
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 18:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 146A 143 B
166 B 19ms
17ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5067521015&adk=228389958&adf=1888551357&pi=t.ma~as.5067521015&w=870&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=870x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757150&bpp=1&bdt=208&idt=416&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=3319&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=WqvgapeOnd&p=https%3A//www.offermate.us&dtd=424
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:37:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77CB 143 B
166 B 18ms
17ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=1866642601&adk=3085869979&adf=1188995862&pi=t.ma~as.1866642601&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757144&bpp=3&bdt=202&idt=165&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=LnhQ0fyLWL&p=https%3A//www.offermate.us&dtd=173
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:37:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 45ms
44ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js?bust=31073710

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9c81177091a435d0ac7c0787d8586c95949cdd0593b5566e2b4a492ea9a1795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52046
x-xss-protection: 0
server: cafe
etag: 1770003673425744721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C8B1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
19ms

Document
text/html

2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
expires: Mon, 10 Apr 2023 18:52:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D57 36 KB
14 KB 11ms
10ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 20:42:23 GMT

GET
DATA 200
OK truncated
/ Frame A607 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47021ba0c002bc52bd1c6649c24512a6748446db5ccc08b1ba4f6120d29b4f8c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B518 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 258fd1ccc14bbcb95ffdf70cc3e14375b35f3e52b22e10484e2b780bb326e3c8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 146A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
20ms

Document
text/html

2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
expires: Mon, 10 Apr 2023 18:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 77CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
expires: Mon, 10 Apr 2023 18:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 25ms
24ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offermate.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 9076 10 KB
4 KB 17ms
16ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 66024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 00:32:15 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 00:32:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 45D3 36 KB
14 KB 6ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 20:42:23 GMT

GET
H3 200 17455896847549980101
tpc.googlesyndication.com/simgad/ Frame 4F4A 7 KB
7 KB 23ms
18ms Image
image/png 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17455896847549980101?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qli8AAxIm_mztCkWJ8yfhBTTU4kcg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ce6675f8190c5115c5ac05ae5953c05463d1222c1032b4f74ce33dd4757d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:12:39 GMT
x-content-type-options: nosniff
age: 16800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7415
x-xss-protection: 0
last-modified: Thu, 14 Jan 2021 21:59:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 14:12:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 4F4A 22 KB
9 KB 21ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:51:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 4F4A 3 KB
1 KB 22ms
18ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 23:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 23:48:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 4F4A 20 KB
8 KB 20ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 18:45:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F4A 159 KB
49 KB 34ms
30ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:39 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 4F4A 32 KB
13 KB 22ms
18ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:02:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17401
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13331
x-xss-protection: 0
server: cafe
etag: 1527815087941412852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 14:02:38 GMT

GET
H2 200 2141758791854865789
s0.2mdn.net/simgad/ Frame A775 105 KB
105 KB 31ms
5ms Image
image/jpeg 2607:f8b0:4006:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2141758791854865789

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2971270540&pi=t.ma~as.3636510535&w=300&fwrn=4&lmt=1681152757&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&efwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757154&bpp=1&bdt=213&idt=472&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280%2C420x280%2C870x250%2C870x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=531&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=6&uci=a!6&fsb=1&xpc=L7Hd3OC0ja&p=https%3A//www.offermate.us&dtd=478

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2006 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee38163272f23a6edbc20bae46aff4df87c76b35fb2dc719dd41d1f7e8f2d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 14:01:15 GMT
x-content-type-options: nosniff
age: 363084
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107194
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 08:28:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Apr 2024 14:01:15 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A775 35 KB
14 KB 18ms
17ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17f720141de6df944afa49248f0db71fdfadb3d2d4ca70a4c123f09f94770cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 02:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13971
x-xss-protection: 0
server: cafe
etag: 10086586046277578797
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 02:56:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A775 3 KB
1 KB 24ms
23ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 23:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 23:48:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame A775 20 KB
8 KB 17ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 18:45:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A775 159 KB
49 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame A775 22 KB
9 KB 23ms
22ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:51:43 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C54 36 KB
14 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 20:42:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4F4A 0
0 44ms
40ms Fetch
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8GkE9Vo0ZMvZFrKQvPIPgKOk6AP51crBb5fb3tfYDrPE3MCVHBABIOz4qCNgycapi8Ck2A-gAeaSp8cDyAECqAMByAPJBKoEiAJP0J6Yl4a258GeXiI-AKdkfNssQpxCNiLalWY5SGA2tON6oaRkv1oZ2oE7VJB7ND-9I2lEpJQam7HsKCrU9ogWz_kjCal_bBw_EpdfapanUh7fpaDtL6CKGOJa3oa5bro1pJNi6VfukE05r5bIIxGOuoHnA6WwSt8fR7qMzNH1iWY7CLrEEAqhc8WLntAd8SUQfuwxTutkqSz8iwipSenzqJwuuSSv3rLOMKxOyKC3yDwA2V7jSNo1r8tWB_Qn4jtRXZkgEUNZN_j90Zp9DyzYlPJxSHjdHT4Iq-gBTYU6iF2rRpHPBf80NgeQWxsfgap6k9201nQGiGeoriiwIiJAtS8l8-5y8IzABN2W39PSA5IFBAgEGAGSBQQIBRgEoAYCgAeC7dg4qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQh7M_0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTE0NDc1NDA5NTcyMTM2MDEYAA&sigh=E_WRfRb-dqQ&uach_m=[UACH]&cid=CAQSGwDUE5ymljYNhWTnq14_nMqnNqxdRoiZQlptTRgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 18:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A775 0
0 105ms
40ms Fetch
image/gif 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgapM9rzSfXkUMS_ZUpl2EaG-k9pSwuqDYE-mUKl_MALK-10z2FS1XDxN2sPUkshNZDw7EIe85BqIAv98BUXzxFowZcLowDOSMYSPRN8vQr7EjBe90GELaQ3ynlVlIk3GmDmg9fnwxWrKq9PR7vQMQPg37MRB1EWQPCMP0GRF0zT42VbyUDpPvIeO_SL9fIL5SipyGS2h1ofUti11ZXGRTY-b1ADsP_yGDcsp2Kk1rOHGITmcwtpvRgHB-bZ2LiJ6t5T7M4ZWEDw34nJFe7APy4Q1rWcAA6--D8oyW6QZalF9uZOxqRjQeYf4CdYQxDkvUc8Aet2VihmOD9m9PppsEdMqf0pDV3V1XTzCeNXdi4jBg9OJyGakSOVb34meBraCe4_u8tL0LLglA_3VPg5KB3UZeb4Oy85MyDBekm367ZBaFzCx_weNQwWKq6tBPsrakZy8mxoYDcSmnwe0i1TewBEDReRvu59GbAG-17GBAYrR4UNZgWQ6YeUNurV_pU-uFETLoUoHCxScFYQ2ftoyclV4RfhtIZ7iRSzRPUA43wqIwi-cl8jiXjxWE5ndl-F76_5drh3mYTIWIi3HCrips_t3vROfnutxPo3bhuUSfu3v73zebPNc5v__RB1VebzZo2DpzL_TF1g7WEnFOntW2vAplg8E45Wkt-vUYe2JQBMuYfSU0WfY-klGhzLGLVaJRFrNwCUyA7CNOZDi-pBicPutTG24H5V7tEO8Z8ALgEaBzfUG4WmYdk8UaleXj7r7_4_5Fekj3R6FBp13THrMEGdGgOxHA7ZrFROz_eqMcfpbBIKdMVC2japHhP9mjevnWeqSlJGvwIL8B7HjlppIaBPqRl2ytDe1r-hAxq-vmd8qJrPYZuaP2oHyMI9LStZEDv4ljci_MlOXYUyT5Kai5noLtyILvDZ49KT_m9wpQB0JSPvBi6Wd5zB-viWFQ8Qoz5_nlsFUIf8FQKPY47zLQNyvzb3sQsitAnTeWHK89tZqFdXan3ftVJNHn7El1Xdvn1oJ9moJYwE11eTSToLONMeB9G1-egJ7OgpT-eMCDEbh53T3r1aNWo2J9BAsOMNtD3ebwixLdxr4PPiq_atC5et1CnNec6xxZYag&sai=AMfl-YQHmrWQkwyY8iR0lBOqLus3pcrBjZ8a3vHd3nGXNBCsS_Hwpho44ZtQHvX0tPyqLJefpVnSb5QAZV-lAUF3pbXjJaPXclfT3Bwcn2_rAy8npCoYVxwDWI72V7WCA5o_qabWN9-ZDwSYpu5OvIZSnD53GplPuh6HoJuARopXPO-sq1DOX2Al--QQ_-ZbkblieW2uPL4BbmB2zrlQfd0CPa3S4VzHd3tl8BazvQOPK4w&sig=Cg0ArKJSzCpFplCTsS5AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 18:52:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A775 41 KB
15 KB 19ms
18ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 08:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125229
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Apr 2024 08:05:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9076 4 KB
728 B 21ms
19ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 18:41:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 18:52:39 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9076 205 B
651 B 54ms
18ms Image
image/png 2607:f8b0:400d:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 12:22:24 GMT
x-content-type-options: nosniff
age: 109815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Apr 2024 12:22:24 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9076 604 B
695 B 54ms
19ms Image
image/png 2607:f8b0:400d:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 17:22:11 GMT
x-content-type-options: nosniff
age: 91828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 08 Apr 2024 17:22:11 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 9076 19 KB
8 KB 17ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:42:30 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A83 143 B
166 B 18ms
16ms Document
text/html 2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:37:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 03E2 247 B
870 B 70ms
20ms Document
text/html 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

sffe /

Resource Hash

44240070922b176fc314fa46d0eeddb492e597c362b0b6b38b6b8fbaf8456dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 206
content-security-policy-report-only: script-src 'nonce-Jho33328lia_0ASZ_NH9qg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4F4A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1c8f629bded5a9e73a12252218fa307038df1c9fbf4fa12d8dee69a5f2beaa8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A775 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98a1a222028f6a69b51f8456dd8d5623369fbf896b243ffe80a01084ff54378c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B568 22 KB
8 KB 17ms
16ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 107824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 09 Apr 2023 12:55:35 GMT
expires: Mon, 08 Apr 2024 12:55:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 40F5 8 KB
893 B 19ms
19ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 17:08:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 18:52:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 40F5 2 KB
772 B 16ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 04:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52814
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 04:12:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 40F5 22 KB
9 KB 16ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:51:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 40F5 3 KB
1 KB 17ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 23:48:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 23:48:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 40F5 20 KB
8 KB 18ms
16ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 18:45:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40F5 159 KB
49 KB 29ms
27ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 18:52:39 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 40F5 34 KB
14 KB 18ms
17ms Script
text/javascript 2607:f8b0:400d:c03::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 22:41:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:59:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 22:41:04 GMT

GET
H2 200 iframe.html Show response
p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 03E2 5 KB
2 KB 20ms
19ms Document
text/html 142.250.65.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f3.1e100.net

Software

sffe /

Resource Hash

b43a7f0382cb35e43f0eb14c4edee4dcd01e84063c27e9e6efa236d662cc6efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1985
content-security-policy-report-only: script-src 'nonce-43Y-0c59hg2vLA1Z_rrsyg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9A83
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
18ms

Document
text/html

2607:f8b0:400d:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::9c Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
expires: Mon, 10 Apr 2023 18:52:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame B568 36 KB
14 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 20:42:23 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 47ms
36ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139427c64ccd672a7772bf0ee797b878e7cb3bf351e826789ee97feb6d3bfa9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11258
x-xss-protection: 0

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame C47C 36 KB
14 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/jewel-osco/weekly-ad-chicago-from-wednesday-05-04-2023-39843/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 20:42:23 GMT

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame EBFA 36 KB
14 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&h=280&slotname=5320648369&adk=3652501875&adf=624127488&pi=t.ma~as.5320648369&w=420&fwrn=4&fwrnh=100&lmt=1681152757&rafmt=1&format=420x280&url=https%3A%2F%2Fwww.offermate.us%2Fjewel-osco%2Fweekly-ad-chicago-from-wednesday-05-04-2023-39843%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681152757147&bpp=2&bdt=205&idt=192&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C420x280&nras=1&correlator=5796386909567&frm=20&pv=1&ga_vid=838146466.1681152757&ga_sid=1681152757&ga_hid=2061053222&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=256&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071756%2C31073710&oid=2&pvsid=1157753964812804&tmod=2126003963&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gc79IlI4Hu&p=https%3A//www.offermate.us&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 20:42:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js?bust=31073710

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 18:52:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4E12 42 B
64 B 69ms
69ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEq3rWXheGz4nL5KQjwkVL4kfTaWC2_Xh1avFjeIH3fW_3cPp7H5-VcSo-fV0L9BY9p011vRAL4cJU7tjeY16gorbb7JoZ88sD7QeZ5n2QDUufcFadMcthEzX2y-9MIRIa1Dc&sai=AMfl-YQm8siBwDPvudvRVCE2PEjPovkNuR4HGVZztnsWJ7bCRv02u3RjYUNhkCudcA75ietFniNRbNet6Ujb&sig=Cg0ArKJSzI7yvO_DMY1gEAE&cid=CAQSGwDUE5ymny1M-tAfU3PZoKXVwzgQajhOH6KJuRgB&id=lidar2&mcvt=1062&p=0,0,224,870&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3264548296&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681152757392&rpt=1310&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79C5 13 KB
5 KB 21ms
17ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:45:53 GMT
expires: Tue, 09 Apr 2024 18:45:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB63 783 B
535 B 78ms
77ms Document
text/html 2607:f8b0:400d:c0d::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0d::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41f7ec9a10b2f35b7a03d39f70e87d57b4c4e4b99059152be0de809923341b9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-83CgJjvLQJAe_ruRdiNl5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-83CgJjvLQJAe_ruRdiNl5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 18:52:39 GMT
expires: Mon, 10 Apr 2023 18:52:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 79C5 36 KB
14 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 20:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 339016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 20:42:23 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B518 42 B
64 B 68ms
68ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrmhnrBUSMur5SsmTcZV2TPCe_sTYw1QF7EITqZUk3FfKZHYq-KQ18YOKjgMigxKFJU19EdYuM-2UN-nc3CGxCmcvJYIORdO87hbbqYXAXqNl9DJyU8TIGaFaF7ac88O43MZY&sai=AMfl-YQNiqXhZwWxOc2gbFEynydIyPStipJDKjrelCYHwMYNieQwfQUMwf80QRgIjYuu5ZLMqxXu7KRaW93q&sig=Cg0ArKJSzLiJ-GwDXdCJEAE&cid=CAQSGwDUE5ymUVDMXCViDibKtb6WLAzXxIny5EuWGxgB&id=lidar2&mcvt=1028&p=0,7,280,413&mtos=1028,1028,1028,1028,1028&tos=1028,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3085869979&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681152757318&rpt=1584&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B568 0
20 B 68ms
67ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRCD09Vo0ZJmcKJiQvPIP_7uE8AMAAAAAOAHgBAI&bg=!HR6lHkrNAAYIJb0jKCU7ADkAdvg8WvzZL0ITELfs9DcsR5atoBkN_p_ZyucRx724A0SNQYVGrsyq8TiyhZOEPV-7RMZXBRcXSzACAAABFFIAAAAEaAEHmQLBe9hq56b5Ky3RBl8mX1e5WujN4JmvIsZZA287DOlb8CDEoOAlb-mIdk2UY31d0hXMzIzynafXjGvOV7RHjFz9Z8yqOuQFyoKSfGBy5aG0d8CrvfsfJIPDX3qR1ThI8miW2D-iLWWj_Jrv-Gp5Hm0OHkmkjwEm5tgf5RE__EJ7_b9h4lmNgWwUJ3wihlmYqdJp1fQgUT40DT3WXpxEI9_sd86a0SbUSyVKEJdVn8irEMaEKaDYbkfzXKuDV_gNpKKccRUlabEK8ksWYPtRHbovMWyUgzDGqFR0oEFpR4Yd_vuUNarsEGUdMZR3AThLKRhEkfV-nIbPu53TVxiYlh0_yXqh0ZRWMgrNhYbQJrA3jXQWQFGRe7xfdvwEQxTf3RrAoJ4tmIS2VaPGoJqEMofDEBmJ-JmaIiFItb6mWKOQ-UMjU_g1S7NQoAFvsTwhGrrMGAxguzPkKAs2sJLHs0yz5shM1BQqNkOg2esizWNRTAA7Rzp359hSiLKqr1L2253gP3Xn56Y9bKEgKtazEJdl-bBAdGairFZmHzIMgkf-ifWVoYqJQUJZoSSeUAG2eeLXmLc3JO1krmRDVq6q8ljBcaSu8WmigJsW16TCdnMgjFhjyvXiKmb4B0TF82DZ4kfAF58UMYG_2cR8DwH0iAj5YQn0E6FoUH6XLdJv8-TL0e5v5qg5-Aq1sQWljtb79looY7KwZ6H3x4YIuHZoYeP9vuM-eABhLb-KuW-R33NDiU4O9IFizMX_rABi2P_PkT0AoRhlp41C2XFZjuGA1pQJYAfIzGpDL9npoXiTrGB0cZrlIAGoxZjv_pR3QHXLFNAewZKKLaf9HuY08DoUUEq36dhC-ymXnYa3fqQRYbVyPKkXz9UuzH6YN7T51izm5lzAHl7U2QPMxT8RTE0yy1PC6pkIfT5RlBun9bTROz78o9qN

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB63 0
0 62ms
62ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230405&jk=1157753964812804&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 79C5 0
12 B 16ms
16ms Image
text/plain 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KREq-g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 18:52:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A775 42 B
64 B 68ms
68ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMsTmPVH3GqNBuMuTpjmu_I6zcCObcammWqGU2_iBm3fgs7rkexnZl0IhGOCO9mue_rAEG2LrthZ_uIqw-J9qS5N0rK7apwtN2_F8JEC8nmhbRKt7n-P0KqsI0droJMpfgNJkjTJhK1C0Y3RBMickePdBRePc-GHBCoXcYoIaQj57K-xBdnrQLuytxl18&sai=AMfl-YT1bbHeWUNcVRCedWSsKaua40PYHZwZYCjT2ICnSsMcYg1adAvpD6aF4CiiOjyZRNLG4kccLBmy5rJZ&sig=Cg0ArKJSzILNs5nkiZoyEAE&cid=CAQSGwDUE5ym4-SpuxVN8oGax2jvOlPKB3nA5DjclRgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2725862456&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681152757633&rpt=1761&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4F4A 42 B
64 B 74ms
74ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH_wg6ZpSzo7OIUEs_jDyH-Ae-c0NUUcDvvuOGkHMtLSdmlO62PA_xt3TrN-AxwNH9sQDFLbm10BoZ_r6TktgqUIw1EVLbxX3I4oMaMJahwSbU5SaV5D5ka2zyREB3cmkAbec&sai=AMfl-YRqjCKxEF_F7U7TOsuYxbN7h9xpCrltXDUbrBgrL20foI0AMijZe65a26_9KfHBWTNd5oUIzoaMyp_1&sig=Cg0ArKJSzMzIZmZOVZnIEAE&cid=CAQSGwDUE5ymljYNhWTnq14_nMqnNqxdRoiZQlptTRgB&id=lidar2&mcvt=1002&p=0,7,280,413&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3652501875&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681152757345&rpt=2015&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 18:52:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230405&jk=1157753964812804&bg=!zc6lzprNAAYIJb0jKCU7ADkAdvg8WqxQfrrSnwXdnoP0Ki1B27Dwiyi_D5K6sfvWYtk79ViOzLHj6pIQ2qRIK6yAn4ZpMsABbCwCAAAAiVIAAAAEaAEHCgBkn6EEPsFuVOaUWgE5sctXsyrwrrm_v662F7KuyID0-CA-LTMm2mF6ENPliVnQj-FIjMHITj8xXoJbt3JhZwfZq7GNue_p07RAc4Rzs2523dAb5Zh140YNLB734STNoRqUJ5UfFpkCmceyK7qr_QxBrdKqUyuxuU5tbuQJGMr-nZn0uPwHutbbd2_qzvkaI837hlspLhP10HAJv7r733j7iLgBcqN8hOkPPe_At9qHxMSTv9RaEqFeBejHgcuquz2tEYVJHDarYBDXziXKqm5kARvh3xI-iM1J2l5_AnVhVNOkkBQ1doRh8YlnHyBCiNpwGhmCHr3KU1WlKFhH5EaHhqXQC8q7ByPbf4CKjLPSHSryxWjbm9n0sZ2m7xejhdPGPXYddqnXNGBIflBV98fjJzG9TgtNTeS6nIT_Qw8fPuBVVAnDvStDiCuVNz2LvFrdKOuuF8He6kwiD0DP8JM3MHXNcje3hLNyOSqLIpb1RVwF3nk3zQbpdHQWuZzNvK1IXdmvGTg-hjUgCkSlSevhjrkMrvuWdqWoa6W6ZMSweqIcZ_Hu0WRnSOLXOcqCLiGNh7BdfkQh9ncS9i2C4LBA3-tE5LvVYxjvrgHpw3gWxBd7tOMCjOkjciaBrSDrvb3U0Ya8VgAjL4e54D2yNBIthLh52VsPewo7TLGvMdkMPXqn_ZCbcv001esx7WXa733Qmrxuk-gqVTYdVHdJ5gSJE5qI6LElCTq0hGqIOSIeTwfmCO7lh0V1_MrYUWB98S57iUbfLUnY4Liz55Hz4nCiNwZMeJrbzmV8XNnR5xqCT_fHaLNBXJLPyNzzOXaqKqRd8-cETRG9IMB5vQhFGZkBdbVNJFA1qFC7zD_HZX8zmZJKtyx_zgImzcpyAljWwllOxUbWNj2XdwR58eOIK1umlgu0mR2B_rbFuPvQr58cElcsJO8wLPVO7iuxYI-MqA7F_rEMlCNC3vrxZFVCDnM8RVX6Xkfa165m1Y6aRCWP1o_0AAgfGEG9CGpFPZ8CBaJD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.offermate.us/	1970-01-20 19:44:48	Name: SrvCch Value: 0
www.offermate.us/	1969-12-31 23:59:59	Name: _csrf Value: efc612a201c2a8746057f6e48285d5cb0b87cb7497d713ee46637ee0521174e9a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%229vsxR_FwSaVRzMO13i5-hhSwI-Lhw79b%22%3B%7D
www.offermate.us/	1969-12-31 23:59:59	Name: PHPSESSID Value: ioo6099rifqjjnccqaohbp86a4
.offermate.us/	1970-01-20 13:08:48	Name: _gcl_au Value: 1.1.71934003.1681152758
.offermate.us/	1970-01-20 20:20:48	Name: __gads Value: ID=ce4c7011846a097c-228f17900adf00d6:T=1681152757:RT=1681152757:S=ALNI_MbP30C3cB9rQkR03QJuIo-QHM2pJA
.offermate.us/	1970-01-20 20:20:48	Name: __gpi Value: UID=00000a47da32f4a8:T=1681152757:RT=1681152757:S=ALNI_MbFWf-ntuNW0QeY9EAaTh0TH6Eozw
.offermate.us/	1970-01-20 11:00:39	Name: _uetsid Value: dcdbd7c0d7d011ed8d5eb3275bdf6dce
.offermate.us/	1970-01-20 20:20:48	Name: _uetvid Value: dcdc2d80d7d011ed9d926fd2c325402a
.offermate.us/	1970-01-20 13:08:48	Name: _fbp Value: fb.1.1681152757713.1209913558
.offermate.us/	1970-01-20 20:35:12	Name: _ga Value: GA1.2.838146466.1681152757
.offermate.us/	1970-01-20 11:00:39	Name: _gid Value: GA1.2.474971670.1681152758
.offermate.us/	1970-01-20 10:59:12	Name: _gat_UA-24834420-23 Value: 1
.bing.com/	1970-01-20 20:20:48	Name: MUID Value: 24EE83D38B4E62F23AB1913C8A2C6385
.bat.bing.com/	1970-01-20 11:09:17	Name: MR Value: 0
.doubleclick.net/	1970-01-20 20:35:12	Name: IDE Value: AHWqTUnGjJwLAIf4MrR2LSiMw-bo2Csj-7UVZHtyHQTm2soqobnBMwW5IeFVi4WOwgI
.doubleclick.net/	1970-01-20 10:59:13	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 10:59:16	Name: DSID Value: NO_DATA

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
na.leafletscdns.com
p4-ccff3d4v37gjq-ugbobmywrmjkkfgo-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.offermate.us
142.250.65.163
172.217.222.157
2604:a880:2:d0::867:1
2606:4700:20::681a:264
2607:f8b0:4004:c17::9c
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:81c::2006
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::2002
2607:f8b0:4006:823::200a
2607:f8b0:400d:c01::9c
2607:f8b0:400d:c02::71
2607:f8b0:400d:c02::9b
2607:f8b0:400d:c03::5e
2607:f8b0:400d:c0c::5e
2607:f8b0:400d:c0d::84
2607:f8b0:400d:c0d::93
2607:f8b0:400d:c0e::54
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35
0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564
0fe4f099b4159706d7cae698832bf701167f447f3f348115ccdbdd6a04079d57
10325636f6b47ec7cf8a279c6b420d173a6b50f66bc16052c5924b2919e3468b
10ce6675f8190c5115c5ac05ae5953c05463d1222c1032b4f74ce33dd4757d42
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139427c64ccd672a7772bf0ee797b878e7cb3bf351e826789ee97feb6d3bfa9a
17f720141de6df944afa49248f0db71fdfadb3d2d4ca70a4c123f09f94770cce
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1c1e0c28137c42797a894fe2267653af646136000fc5c53cb82c0f85971a1b45
258fd1ccc14bbcb95ffdf70cc3e14375b35f3e52b22e10484e2b780bb326e3c8
2b0ac7d25da4ba2881fb1cbaf23cd4effda8a64ba5a964df001ab7d37cd8e235
2d976bc845dc7f3e90c950f8fb28e94c0ef817547972a254c55a5a31be6d3dc1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
324455f9c539173e6eb201f51955704cf429c9bea2a3e4cfce3ec09ee41f2686
3e78f51a928b0ee821c3bc5fd122ff6d24966883ffeaccb1ab790849860d1684
41f7ec9a10b2f35b7a03d39f70e87d57b4c4e4b99059152be0de809923341b9b
44240070922b176fc314fa46d0eeddb492e597c362b0b6b38b6b8fbaf8456dea
47021ba0c002bc52bd1c6649c24512a6748446db5ccc08b1ba4f6120d29b4f8c
47c1af565102048c12a05218d2c3ed76bfc8fb7ecf5fc353713bf38bb3aa6e5a
4bdee25441d23d999ce7010694fcaf06b184e8ed8b21393af67ce1b31d96637e
4d1210caa06ec3f9e31bdba20a7675004b2615e599dca6c90b98816e7375ab35
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514b22d187b5ec053c4baaf6d5abbf6fdf2201ce02c1b72492dda2be76de32e4
51d8ea7b1cbd063ab7730fbb7d2fb39690110c061c2d8c8305459c104b89f66f
525c30de31f527ed4da748ce39fa25b110a1a3f74226e8863f48740026ba3e3c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fdc0a090d95d821f71fbc49af3fc01c2d657cb057d1b2772a0577477b073f75
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66c49a49bd3cce2c711de59906275e6a6a9b2190ae9881778341f99a19074ffc
72f3151ab60ee889d73411e5d38edf10eeb5cdffba22f3ad815a5aa2081fc8a1
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7368f0ad139592962f015c33a985f9114e12b422d986707d7986c1fc882b0151
7493bc8f10ecb323c57fb310ad1c1ad920509bacfcaca6bb678b5a47e29fce3b
787acc0e7c2fbe3c820cd41fe8533c1167aef40fafb6e16b379cd548af50e830
801239b879b1dd730f81ce9d02da51f46c9a0b12bf0c1bb58c3b5618e42bc7aa
82298cba640fc44358fd59fa91c5ecfe7f83cd33457d857de10f039e1858ba18
856cb15653c67940d3609b09f61b979bf307d4f8c239bcc6ddb16425a3266295
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06
94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83
98a1a222028f6a69b51f8456dd8d5623369fbf896b243ffe80a01084ff54378c
9d33148c997df4a3722cd1287ae3b774c635c94c8a7173b0e0435571b283978e
9d771edb5d93e0032c86e5ab0a2a2ea206c3795339ef2a0387218c2825853593
9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4
9ee38163272f23a6edbc20bae46aff4df87c76b35fb2dc719dd41d1f7e8f2d70
a1ba0dc9e8cb33e7307566325973584e9f72f087916ac29dec19801b7c432baf
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a3881745cc24e76f8ab2cadf3dd45bc57efed57a4779f120728c29e5482b0117
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab5a38c9fb0e60be24da73acdc9093f3d8846bb8cca8e1a985aaa5d23be43de6
adb68d78a867e6b4e17ccf89b9f80a328f34f5e2bdce4748ff38c57f10bd7286
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b
b1c8f629bded5a9e73a12252218fa307038df1c9fbf4fa12d8dee69a5f2beaa8
b3818928a6dda2320971814d38378a48da9430d8936b7b46466d3f9117d6a017
b43a7f0382cb35e43f0eb14c4edee4dcd01e84063c27e9e6efa236d662cc6efd
bd930a6b6a388e8c29b983c876ae043b9f9352c5f670d9a26d7bafcd6d8ebaa5
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c0834eea807d48a76d68ea89324166ef76d9383865df524f1627835a82d05b6a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c95a021be6940b62b4a1f5c7aa47f87ca7835e014d1d3fe2305c8a15ab703797
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb97ffb4146fd2303ff524b7f93fa394b48a6d2d45c3967b98e8829285f75df5
ce0a4c3d8abbff57982c2f9b9f29d47fd14221e73f7bf64716792c7c225ff5ac
ce0bc44c22ab6cb2b2a8a4cf8d7eb5c952a008bb471fed9d6d779776da0a0dc3
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dd3940c8e2f55d326a95e8d2bd7d67c93b84bcdb68be24a438a00444560a0e50
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
eedfbf3a26a7e74155ac5acef6d965941cfa216616e56612bff13011501f4fa4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9c81177091a435d0ac7c0787d8586c95949cdd0593b5566e2b4a492ea9a1795
f9fd337433b7dba6a978c3b55e0c1e7227cb2b057fc02bae8196448d33817c47

www.offermate.us Open in urlscan Pro 2604:a880:2:d0::867:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

91 %IPv6

15 Domains

22 Subdomains

23 IPs

1 Countries

2437 kBTransfer

5513 kBSize

17 Cookies

3 Outgoing links

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.offermate.us Open in urlscan Pro
2604:a880:2:d0::867:1 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

91 %
IPv6

15
Domains

22
Subdomains

23
IPs

1
Countries

2437 kB
Transfer

5513 kB
Size

17
Cookies

132 HTTP transactions
7 data transactions