urlscan.io logo urlscan.io
SecurityTrails logo

zoom.orangeoffer.com Open in urlscan Pro
2606:4700::6812:12da  Public Scan

Go To Rescan Add Verdict Report
URL: https://zoom.orangeoffer.com/
Submission Tags: 0xscam
Submission: On November 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 10 domains to perform 77 HTTP transactions. The main IP is 2606:4700::6812:12da, located in United States and belongs to CLOUDFLARENET, US. The main domain is zoom.orangeoffer.com.
TLS certificate: Issued by E6 on October 25th 2024. Valid for: 3 months.
This is the only time zoom.orangeoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 142.251.40.226 15169 (GOOGLE)
2 142.250.80.100 15169 (GOOGLE)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
11 142.250.80.78 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 52.184.215.111 8075 (MICROSOFT...)
2 172.67.167.50 13335 (CLOUDFLAR...)
4 142.250.65.162 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 142.250.72.98 15169 (GOOGLE)
1 216.239.34.178 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
77 17
32    2606:4700::6812:12da (United States)

ASN13335 (CLOUDFLARENET, US)
zoom.orangeoffer.com
cdn-assets.orangeoffer.com
cdn.orangeoffer.com
www.orangeoffer.com
3    2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
5    142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.80.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f4.1e100.net
www.google.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
11    142.250.80.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f14.1e100.net
fundingchoicesmessages.google.com
2    2607:f8b0:4006:808::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    52.184.215.111 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
j.clarity.ms
2    172.67.167.50 (United States)

ASN13335 (CLOUDFLARENET, US)
sentry.impressionfox.xyz
4    142.250.65.162 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net
googleads.g.doubleclick.net
2    2606:4700::6812:13da (United States)

ASN13335 (CLOUDFLARENET, US)
www.orangeoffer.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
ep1.adtrafficquality.google
1    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
Apex Domain
Subdomains		 Transfer
34 orangeoffer.com
zoom.orangeoffer.com
cdn-assets.orangeoffer.com
cdn.orangeoffer.com
www.orangeoffer.com
735 KB
16 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
www.google.com — Cisco Umbrella Rank: 3
194 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 634
j.clarity.ms — Cisco Umbrella Rank: 16621
c.clarity.ms — Cisco Umbrella Rank: 1236
30 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
309 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
172 KB
2 impressionfox.xyz
sentry.impressionfox.xyz
1 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 190
770 B
77 10
Domain Requested by
24 cdn-assets.orangeoffer.com zoom.orangeoffer.com
14 fundingchoicesmessages.google.com zoom.orangeoffer.com
pagead2.googlesyndication.com
6 zoom.orangeoffer.com zoom.orangeoffer.com
cdn-assets.orangeoffer.com
5 pagead2.googlesyndication.com zoom.orangeoffer.com
pagead2.googlesyndication.com
cdn-assets.orangeoffer.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.orangeoffer.com zoom.orangeoffer.com
3 j.clarity.ms www.clarity.ms
zoom.orangeoffer.com
3 www.google-analytics.com cdn-assets.orangeoffer.com
www.googletagmanager.com
zoom.orangeoffer.com
3 www.googletagmanager.com zoom.orangeoffer.com
cdn-assets.orangeoffer.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 c.clarity.ms 1 redirects
2 sentry.impressionfox.xyz zoom.orangeoffer.com
2 www.clarity.ms zoom.orangeoffer.com
www.clarity.ms
2 www.google.com zoom.orangeoffer.com
ep2.adtrafficquality.google
1 ep1.adtrafficquality.google zoom.orangeoffer.com
1 c.bing.com 1 redirects
1 cdn.orangeoffer.com zoom.orangeoffer.com
77 17
Subject Issuer Validity Valid
orangeoffer.com
E6		 2024-10-25 -
2025-01-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
impressionfox.xyz
WE1		 2024-09-14 -
2024-12-13		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://zoom.orangeoffer.com/
Frame ID: 78AE897C069CD4E3138427E59B15845E
Requests: 71 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-5P5M9GV4
Frame ID: E558651BF0BCD863D2A3A78D3EEF120F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html
Frame ID: E2047C627FADA6827D7E8E4EF1393AFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731068617&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fzoom.orangeoffer.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731068617249&bpp=3&bdt=815&idt=315&shv=r20241106&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5411572171715&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=152&eid=44759876%2C44759927%2C31088669%2C42531706%2C95344188%2C31088653%2C95345966&oid=2&pvsid=3185805199051077&tmod=1288220262&uas=0&nvt=1&fsapi=1&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=337
Frame ID: 10454096625683CAAD2D84B715F171EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&h=120&slotname=5841751240&adk=1606449256&adf=2416941911&pi=t.ma~as.5841751240&w=880&abgtt=6&lmt=1731068617&rafmt=11&format=880x120&url=https%3A%2F%2Fzoom.orangeoffer.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731068617253&bpp=2&bdt=820&idt=352&shv=r20241106&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5411572171715&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=919&biw=1600&bih=1200&scr_x=0&scr_y=152&eid=44759876%2C44759927%2C31088669%2C42531706%2C95344188%2C31088653%2C95345966&oid=2&pvsid=3185805199051077&tmod=1288220262&uas=0&nvt=1&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=364
Frame ID: 361E37A16088A6EE0AFD82D530CD12F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html
Frame ID: 4175C1A29D40F666A8838BB6B3A0207B
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 4478FDE0B2DAF3E64E9783D33A99A85C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F46E61978692A144DF23A1F0F7DB475
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

70% OFF | Zoom Black Friday Discount Codes & Coupon Codes | November 2024

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

77
Requests

97 %
HTTPS

47 %
IPv6

10
Domains

17
Subdomains

17
IPs

1
Countries

1481 kB
Transfer

5680 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CB18E284B7D34211BA5145995D4348C0&RedC=c.clarity.ms&MXFR=33EF427B099966362AF3574A0D99689C HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB18E284B7D34211BA5145995D4348C0&MUID=0A4B66F279126234237F73C378AC6305

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zoom.orangeoffer.com/ 		438 KB
68 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a6aec4f0b4970740ebed3eb53ee45f9051a0208f082f034ec8b6225a1ebbf8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8df589023c24db09-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 08 Nov 2024 12:23:36 GMT
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		276 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YQW93GBH6X
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
618723fe521b7f5bebe73047756c24b928ab7a9d68f441496eaa6107d1a12201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 08 Nov 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98394
x-xss-protection
0
server
Google Tag Manager
pub-8170686022786770
fundingchoicesmessages.google.com/i/ 		196 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-8170686022786770?ers=1
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01e17dd9e6ea41afedcb6feaaa5a16732fe510cbbcfdfcde0d8eb800768f6445
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eAvAGcGdMN4evXgQGvBkYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4TrTu2MkmMOHyx61MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgamegam8QUGAI8HQCg"
content-security-policy
script-src 'report-sample' 'nonce-eAvAGcGdMN4evXgQGvBkYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8170686022786770
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
3aff2e0a423b1f79a303b6c9543f64219437425dc6c290caa12f7a6372135718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://zoom.orangeoffer.com
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
br
etag
15784913264666660734
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53877
x-xss-protection
0
server
cafe
ads.js
www.google.com/adsense/search/ 		145 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
sffe /
Resource Hash
ab8ab8d5ebe9a15bd2808f1933ba2f6d86274b5a7b1be0d060d6369df4c98d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
etag
"4890164289374687209"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
accept-ranges
bytes
x-xss-protection
0
server
sffe
runtime.d1ba6.js
cdn-assets.orangeoffer.com/_nuxt/ 		22 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/runtime.d1ba6.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6999d9f384e3d5c7b8d16b4936a16026c001286cd1b7d2513a6e617b0bdf65ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"596e-1930ba43860"
age
498
cf-ray
8df589051fabdb09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:58:52 GMT
vary
Accept-Encoding
server
cloudflare
268.9c0e8.js
cdn-assets.orangeoffer.com/_nuxt/ 		263 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/268.9c0e8.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f846fed93f07921ca8bd9d1aa80243acb14c8f5260fde6c930b554c0777a0d8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"41cf2-192f66e6920"
age
357122
cf-ray
8df589051fa8db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 04 Nov 2024 09:08:04 GMT
vary
Accept-Encoding
server
cloudflare
1660.6a78c.js
cdn-assets.orangeoffer.com/_nuxt/ 		293 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1660.6a78c.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3dc63b428130ff4326db3da509e98136a1b17213c08e354fcfb4a517e83fbd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"49527-1930b6ed468"
age
4061
cf-ray
8df589051fafdb09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
1667.5f007.js
cdn-assets.orangeoffer.com/_nuxt/ 		141 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1667.5f007.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5e4b1cc6d2f2385a9b1f10c1435d734413df238caacdb25d2eece4f41a4edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"234e2-1930b6ed468"
age
4061
cf-ray
8df589051facdb09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
267.13b33.js
cdn-assets.orangeoffer.com/_nuxt/ 		608 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/267.13b33.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e329ec4b7e2d3d3f701c18814d7b91d8735be670d413e2fa44f99ed98a022e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"980b9-1930ba43478"
age
498
cf-ray
8df589051faddb09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:58:51 GMT
vary
Accept-Encoding
server
cloudflare
1662.4544b.js
cdn-assets.orangeoffer.com/_nuxt/ 		67 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1662.4544b.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7e3e6283acc0df924ae641be3e447f26bc3ce898a102a8a5b2589d5ae9e425b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"10c82-1930ba43860"
age
498
cf-ray
8df589054809db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:58:52 GMT
vary
Accept-Encoding
server
cloudflare
0.4b687.js
cdn-assets.orangeoffer.com/_nuxt/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/0.4b687.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b2c40d906b89bc435ed6ee053be0e82c95760013ed1938b35e96aa91ccca0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"123ea-192f568cc78"
age
373686
cf-ray
8df589054802db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 04 Nov 2024 04:22:19 GMT
vary
Accept-Encoding
server
cloudflare
65.cf987.js
cdn-assets.orangeoffer.com/_nuxt/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/65.cf987.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5c3e0f4127773e44078ef71e196692fc4330217ca4f8ddf913714177c4fe2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"56ff-1930b6ed468"
age
4060
cf-ray
8df589051fb2db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
1554.06b36.js
cdn-assets.orangeoffer.com/_nuxt/ 		338 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1554.06b36.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b141ef66f166cbc44af885dabca84f1680110225dc5241b24a518e4f44ef662

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"54658-1930b95bd58"
age
1983
cf-ray
8df589054800db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:43:03 GMT
vary
Accept-Encoding
server
cloudflare
2.d7fe7.js
cdn-assets.orangeoffer.com/_nuxt/ 		767 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/2.d7fe7.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fa07da18ddadb5e1a62752d3d5c5e8dd884edfd5f2af4857316b811f950d84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"bfd4a-1930b6ed468"
age
4060
cf-ray
8df589054805db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
1.4aa00.js
cdn-assets.orangeoffer.com/_nuxt/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1.4aa00.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4daa46c10315926f3d2391b5feaaa1c3207d8d656198f2d65bf53e80e20b72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6597-1930b6ed468"
age
4060
cf-ray
8df589054803db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
8.3326f.js
cdn-assets.orangeoffer.com/_nuxt/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/8.3326f.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9c002ebf52e1d8d10357dc692b335fbdd0f380324cca40af4a46d661067d2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"a774-1930b95bd58"
age
1983
cf-ray
8df589051fb1db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:43:03 GMT
vary
Accept-Encoding
server
cloudflare
275.5361a.js
cdn-assets.orangeoffer.com/_nuxt/ 		124 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/275.5361a.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee08909c3cd7ec002ccdf3c7e706bbd05d9d29c85086668edec3a33605187731

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1f069-1930b6ed468"
age
4060
cf-ray
8df589054807db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
277.42738.js
cdn-assets.orangeoffer.com/_nuxt/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/277.42738.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4dcad93e150ea963b3bdd86721dfc4ae1b0484eea986a8723cefac7a05cf8be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"104b9-1930b6ed468"
age
4060
cf-ray
8df589051fb4db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
17.d913f.js
cdn-assets.orangeoffer.com/_nuxt/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/17.d913f.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c8eaa6eae4b134422551caef23773eeca64c6ddd0b8d06bab2f8c34d923917

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6399-1930b6ed468"
age
4060
cf-ray
8df589051fb0db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
304.c38bb.js
cdn-assets.orangeoffer.com/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/304.c38bb.js
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe740f7d8e23108477c840dc118726630a742ce0475bdf8c77a3d90636fe9dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"842-1930b6ed468"
age
4059
cf-ray
8df589051fb3db09-MIA
expires
Sat, 08 Nov 2025 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:00:33 GMT
vary
Accept-Encoding
server
cloudflare
pub-8170686022786770
fundingchoicesmessages.google.com/b/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-8170686022786770
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c54e2e5a2e8829536ecabcebdb5c46318306e12389a7d75c7ad911566c8d976
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-crgbtcaoCEfPHHfiwwYoNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4TrTu2Mkm8ODav01MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgamegam8QUGAKHaQIg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-crgbtcaoCEfPHHfiwwYoNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
mxdplpjsrz
www.clarity.ms/tag/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mxdplpjsrz
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8798e067c0edba3e31604b4f68625f8df67238ad56da968e2b3b57557cee988d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/x-javascript
x-azure-ref
20241108T122336Z-16465697dfdft8xqhC1MIAcp6000000003dg00000000aah0
gtm.js
www.googletagmanager.com/ 		211 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5P5M9GV4
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2bcca3578440562ddcf782755d1e601235576c8797b79af80ae6e3a5102304a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 08 Nov 2024 12:23:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 08 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76486
x-xss-protection
0
server
Google Tag Manager
icon-fold.webp
cdn-assets.orangeoffer.com/img/orangeoffer/ 		638 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/orangeoffer/icon-fold.webp
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c569bf5a42380717bdb0b34cf71333ac0a0e21cdfee3cb0bc3eea45a9e99a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"27e-1930b9d52c0"
cf-ray
8df58906895fdb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
638
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/webp
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
orangeoffer.com.svg
cdn-assets.orangeoffer.com/img/siteLogo/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/siteLogo/orangeoffer.com.svg
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf36c6dc43022c7818de7f04aa136898adf786ab669730311ece2a084bd13ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1fd8-1930b9d52c0"
cf-ray
8df58905984ddb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/svg+xml
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
icon-search.webp
cdn-assets.orangeoffer.com/img/promocodie/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/promocodie/icon-search.webp
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f21cf13348fb20852c706a01c315b235b62a0c3fc2c8583d533f23afa9f7fdc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"4e0-1930b9d52c0"
cf-ray
8df589069974db09-MIA
expires
Mon, 09 Dec 2024 12:23:37 GMT
accept-ranges
bytes
content-length
1248
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
image/webp
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
icon-search.webp
cdn-assets.orangeoffer.com/img/orangeoffer/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/orangeoffer/icon-search.webp
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5aece22048654ac8c3bfca412a112f12ad5b11cf2e11a99d63f5cfb427b657

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"4de-1930b9d52c0"
cf-ray
8df58905984adb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
1246
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/webp
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
dcs_img_1691986302_441e26d7df19ac8a92ec4074b76698ff.webp
cdn.orangeoffer.com/ccsimg/dcs/img_tools/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.orangeoffer.com/ccsimg/dcs/img_tools/dcs_img_1691986302_441e26d7df19ac8a92ec4074b76698ff.webp
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94b2b02942961a9753a42e739eec6efe64e9bc96fe829eb0b1c1cbf2c56ee42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

x-amz-id-2
Jc6TWrEQfXqE7scSDCq6CXW/8s7p9pMUQZ1ga4VH8vjo1CfbnpRlwXuZcRjz1GtEJ6gNvwdKYEU=
cache-control
public, max-age=2678400
cf-ray
8df589055811db09-MIA
cf-cache-status
HIT
etag
"fb20a6e59b93940c7cc79be0f127c426"
x-amz-request-id
QKGC6WN73VYF25GE
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
13648
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/webp
last-modified
Mon, 14 Aug 2023 04:11:51 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
icon-verified-de.webp
zoom.orangeoffer.com/img/promocodie/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zoom.orangeoffer.com/img/promocodie/icon-verified-de.webp
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c091ae3ca8d585c275c123e5b6c93bd753eb7963fce14325bb6b5bb30a25822b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"3de-1930b9d52c0"
cf-ray
8df58905480adb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
990
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/webp
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		482 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de5ed8d76a9341be08c77c870d81fca3ec75264601934583bcf00f4d6895dac1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
icon-verified.webp
cdn-assets.orangeoffer.com/img/orangeoffer/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/orangeoffer/icon-verified.webp
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c091ae3ca8d585c275c123e5b6c93bd753eb7963fce14325bb6b5bb30a25822b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"3de-1930b9d52c0"
cf-ray
8df58905984bdb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
990
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/webp
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
blackfriday-info.svg
zoom.orangeoffer.com/img/holiday/orangeoffer/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zoom.orangeoffer.com/img/holiday/orangeoffer/blackfriday-info.svg
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef3e0fb5047c67085b78b981430d10248cee1b1acc2b61ce22528b99d4674d34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
cf-cache-status
MISS
etag
W/"22a5-1930b9d52c0"
cf-ray
8df58905480bdb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/svg+xml
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
star_active.png
cdn-assets.orangeoffer.com/img/cpw/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/cpw/star_active.png
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9081a46e5d6e34efd25190223cfd90a18d71aff550b9d1c69a95693a33f5cc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"49c-1930b9d52c0"
cf-ray
8df589059849db09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
1180
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/png
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
star_half.png
cdn-assets.orangeoffer.com/img/cpw/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/cpw/star_half.png
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a331f40b7d989a28f8b567fb4456df6f84016b2f2be9c2efb59deb6b2485781e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"547-1930b9d52c0"
cf-ray
8df58905984cdb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
1351
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/png
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
star_black.png
cdn-assets.orangeoffer.com/img/cpw/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/cpw/star_black.png
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a5df4a40357c26a643745efb611532c94d369de74773c658c52a3c7652379b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"487-1930b9d52c0"
cf-ray
8df58905984fdb09-MIA
expires
Mon, 09 Dec 2024 12:23:36 GMT
accept-ranges
bytes
content-length
1159
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
image/png
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
clarity.js
www.clarity.ms/s/0.7.49/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.49/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mxdplpjsrz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

x-azure-ref
20241108T122336Z-16465697dfdft8xqhC1MIAcp6000000003dg00000000aah5
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCF3CA14C9A428"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
2c4603de-901e-007b-71fd-2f6c47000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 01:20:43 GMT
AGSKWxXCcg-_e0z2JdR9tNaAJazTVCpvxOGI7Pf7PFVwMROzsSomFaG4x48eVXxAb5ONx5rIZ31pv-JsRFh-uEiO5b-_ng==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXCcg-_e0z2JdR9tNaAJazTVCpvxOGI7Pf7PFVwMROzsSomFaG4x48eVXxAb5ONx5rIZ31pv-JsRFh-uEiO5b-_ng==
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e5IcictEu3Rgm83vWmDkpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uE40bpjJ5vAgRNvpzMruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQwMzPQOz-AIDAD7WKP0"
content-security-policy
script-src 'report-sample' 'nonce-e5IcictEu3Rgm83vWmDkpA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zoom.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxV_Nk6jUlabHmrwEZ4kwFIWohoMkIowfb20f06bL-wNCyWmjtBGPnFR9XcXSitceLxGB1zUTKZIforlJ3mUSYJBSzW32e1KCx6CEPs-kJ4zATTLZRAjs0ZuemcKX72VUUPSBYARTQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV_Nk6jUlabHmrwEZ4kwFIWohoMkIowfb20f06bL-wNCyWmjtBGPnFR9XcXSitceLxGB1zUTKZIforlJ3mUSYJBSzW32e1KCx6CEPs-kJ4zATTLZRAjs0ZuemcKX72VUUPSBYARTQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMDY4NjE2LDg3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly96b29tLm9yYW5nZW9mZmVyLmNvbS8iLG51bGwsW1s4LCJIMWJweW8xOE1RZyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.H1bpyo18MQg.es5.O/am=GAw/d=1/rs=AJlcJMwOqqBF3J1McV_Y8QRFkg827WSIOA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
961ddb6f7c2b650629e9f1eaabf81fcc9bf242713e9bcd9e36d09b7c46ff7f32
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-s_pyho9OenPxkAk5bJY3qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4TrTu2MkmcODqtZ3MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgamegam8QUGAJdbQEk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-s_pyho9OenPxkAk5bJY3qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/267.13b33.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
age
1053
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 14:06:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
ns.html
www.googletagmanager.com/ Frame E558 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-5P5M9GV4
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/268.9c0e8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://zoom.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 12:23:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
1668.ba2aa.js
zoom.orangeoffer.com/_nuxt/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.d1ba6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae9b0dcdbabfe8d123030842dedf1eb0a03fd9fe8d5d12c64bcea24395e2941

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2c596-1930ba43860"
cf-ray
8df589087b8ddb09-MIA
expires
Sat, 08 Nov 2025 12:23:37 GMT
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:58:52 GMT
vary
Accept-Encoding
server
cloudflare
1666.1b1d1.js
zoom.orangeoffer.com/_nuxt/ 		2 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zoom.orangeoffer.com/_nuxt/1666.1b1d1.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.d1ba6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f982c2d49bf5361852c1a849fadb731de8e3f507fd9adb10cef379fab0fc8667

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66d-1930ba43860"
cf-ray
8df589087b90db09-MIA
expires
Sat, 08 Nov 2025 12:23:37 GMT
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:58:52 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
1340.1cb0b.js
zoom.orangeoffer.com/_nuxt/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zoom.orangeoffer.com/_nuxt/1340.1cb0b.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.d1ba6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db51a71ab979770ba69cdb511af11f3d8e424db8faa026ee23a4e2a803fd378

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"c21-1930ba43860"
cf-ray
8df589098cdedb09-MIA
expires
Sat, 08 Nov 2025 12:23:37 GMT
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 08 Nov 2024 11:58:52 GMT
vary
Accept-Encoding
server
cloudflare
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8170686022786770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
236aa58f4f1164cc5587345a53880e638286344d90176cd9daa6ed7cc7f58ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
br
etag
6264119781077604158
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 12:23:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147797
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		158 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/1662.4544b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
d51653e2e881962bfdef1722cf67927778183ae996d92b73e75c8d1e6b2c1757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://zoom.orangeoffer.com
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
br
etag
17266459353119705169
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 12:23:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53873
x-xss-protection
0
server
cafe
AGSKWxVzgfggdokMRRDzxpo2rGblsSDHCSnAPBorZ9-XYY2juK3dem4Akv8--6nZlsExPOSWiSXhSWMaPAXk6AXfmCROPoEIkJK5C1cgzpzyAcSb2zcg0VUzDmDIe7T2nhJnAlHGbmn5ig==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVzgfggdokMRRDzxpo2rGblsSDHCSnAPBorZ9-XYY2juK3dem4Akv8--6nZlsExPOSWiSXhSWMaPAXk6AXfmCROPoEIkJK5C1cgzpzyAcSb2zcg0VUzDmDIe7T2nhJnAlHGbmn5ig==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMDY4NjE3LDMyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vem9vbS5vcmFuZ2VvZmZlci5jb20vIixudWxsLFtbOCwiSDFicHlvMThNUWciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.H1bpyo18MQg.es5.O/am=GAw/d=1/rs=AJlcJMwOqqBF3J1McV_Y8QRFkg827WSIOA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
b314e282b8f2ee26fb85e5244215cc4cea96aa9fc5234cf33327828a61a51d22
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hkGqlR3IvS5pcBpWYQZT5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4Trbu2MkmsOD41O2MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhgamegam8QUGAHlRP8c"
content-security-policy
script-src 'report-sample' 'nonce-hkGqlR3IvS5pcBpWYQZT5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YQW93GBH6X&gtm=45je4b70v9168395566za200&_p=1731068616465&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101823848~101925629~102067555&cid=2027778982.1731068617&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1731068617&sct=1&seg=0&dl=https%3A%2F%2Fzoom.orangeoffer.com%2F&dt=70%25%20OFF%20%7C%20Zoom%20Black%20Friday%20Discount%20Codes%20%26%20Coupon%20Codes%20%7C%20November%202024&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1469
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YQW93GBH6X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://zoom.orangeoffer.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
text/plain
server
Golfe2
collect
j.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.49/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.215.111 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://zoom.orangeoffer.com/

Response headers

Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin
https://zoom.orangeoffer.com
Date
Fri, 08 Nov 2024 12:23:37 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
sentry.impressionfox.xyz/api/7/envelope/ 		41 B
757 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.impressionfox.xyz/api/7/envelope/?sentry_key=cbc9fcc6991ec6e954f338a62d732681&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.108.0
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf4725cf33af8d617848d74ac1e831957e646d2af222d2735e8c5ec6b5de778

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
cross-origin-resource-policy
cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9tiFgVngtgfsNWZzsDtPNWpwQX%2FuSLKaaUMWKsjS2CrpVIVY2ObqU%2FSxyTUaEwMOcDsBZM%2BFi4WoYzOrIi8eYYCRwnfD33Ex4CMWHnUqg%2Bvay616LbzRxNp4lmcskvdhTZkc1f6GQopzzE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df5890b5a28dad1-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
41
server-timing
cfL4;desc="?proto=QUIC&rtt=30369&sent=15&recv=13&lost=0&retrans=0&sent_bytes=4226&recv_bytes=7846&delivery_rate=495&cwnd=12000&unsent_bytes=0&cid=ec6437874e173d8d&ts=241&x=1", cfHdrFlush;dur=0
date
Fri, 08 Nov 2024 12:23:37 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
cloudflare
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/ Frame E204 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoom.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
1844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 11:52:53 GMT
etag
4475648825157136472
expires
Fri, 22 Nov 2024 11:52:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1045 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1731068617&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fzoom.orangeoffer.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731068617249&bpp=3&bdt=815&idt=315&shv=r20241106&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5411572171715&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=152&eid=44759876%2C44759927%2C31088669%2C42531706%2C95344188%2C31088653%2C95345966&oid=2&pvsid=3185805199051077&tmod=1288220262&uas=0&nvt=1&fsapi=1&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=337
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoom.orangeoffer.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
53605
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 12:23:38 GMT
expires
Fri, 08 Nov 2024 12:23:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 361E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&h=120&slotname=5841751240&adk=1606449256&adf=2416941911&pi=t.ma~as.5841751240&w=880&abgtt=6&lmt=1731068617&rafmt=11&format=880x120&url=https%3A%2F%2Fzoom.orangeoffer.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1731068617253&bpp=2&bdt=820&idt=352&shv=r20241106&mjsv=m202410300101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5411572171715&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=919&biw=1600&bih=1200&scr_x=0&scr_y=152&eid=44759876%2C44759927%2C31088669%2C42531706%2C95344188%2C31088653%2C95345966&oid=2&pvsid=3185805199051077&tmod=1288220262&uas=0&nvt=1&fc=1920&brdim=340%2C340%2C340%2C340%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=364
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoom.orangeoffer.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
54670
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 12:23:38 GMT
expires
Fri, 08 Nov 2024 12:23:38 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
j.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.215.111 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://zoom.orangeoffer.com/

Response headers

Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin
https://zoom.orangeoffer.com
Date
Fri, 08 Nov 2024 12:23:38 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
components
www.orangeoffer.com/api/ 		30 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.orangeoffer.com/api/components
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f60a90cfd1df0a601554f3f4f3cb629b3a0b23650fcb1d5159ea416517d723

Request headers

Referer
https://zoom.orangeoffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarydcw3UOJOUA6RBbpA

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8df58910299d9ab9-MIA
access-control-allow-origin
*
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
components
www.orangeoffer.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.orangeoffer.com/api/components
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Origin
https://zoom.orangeoffer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8df5890f28529ab9-MIA
content-encoding
gzip
content-type
application/json
date
Fri, 08 Nov 2024 12:23:38 GMT
server
cloudflare
vary
Accept-Encoding
getban.php
fundingchoicesmessages.google.com/f/AGSKWxWRNaFVGBt5ll6MBA8TMVQRSPy0s99H4V4PHIr5v2GcnTYC168kQbV8BPI3CzJ2erBcGjc9YZsKXJcO2APlOXvZmth20gT61AX2XFMs7oPgVUuyai4OTLab4ltNy3ojhqbLvIndR-bny-w79aPDxoOz74UNM... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWRNaFVGBt5ll6MBA8TMVQRSPy0s99H4V4PHIr5v2GcnTYC168kQbV8BPI3CzJ2erBcGjc9YZsKXJcO2APlOXvZmth20gT61AX2XFMs7oPgVUuyai4OTLab4ltNy3ojhqbLvIndR-bny-w79aPDxoOz74UNMJOAM4NC0jyvuBeWqpZSLk12VgUF-pgj/__tile_ad_/getban.php?_live/ad//adblockdetect.-banner-768.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.H1bpyo18MQg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyO8lp7k1bbIM32C3cRbu-Pixb-QQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
1309aa3579154db0cf22b78d1d3f206b43f479dfad122f227167a7c59e59508d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QZUA8dy-iJuWQeehzAwA9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIW4OU617tjJJjDjxHMzJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQwNTPQPT-AIDAGYXRKs"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QZUA8dy-iJuWQeehzAwA9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.H1bpyo18MQg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyO8lp7k1bbIM32C3cRbu-Pixb-QQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
br
etag
13036835877489095579
age
2366
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 11:44:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 08 Nov 2024 11:44:12 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
42
x-xss-protection
0
server
cafe
AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ob-RBdG9j_2A44Ps7VgIxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uY41bpjJ5vAjaXbTZVckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGhgZmegVl8gQEAAQgoWA"
content-security-policy
script-src 'report-sample' 'nonce-Ob-RBdG9j_2A44Ps7VgIxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zoom.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jKFJFpDXQkjtZqJNtDRU4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uY41bpjJ5vAjSf7Q5VckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGhgZmegVl8gQEAH2wowg"
content-security-policy
script-src 'report-sample' 'nonce-jKFJFpDXQkjtZqJNtDRU4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zoom.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i69-97ZFPcx3ysV7JfBaVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uY41bpjJ5vAigXbE5VckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiaGhgZmegVl8gQEABAEoXQ"
content-security-policy
script-src 'report-sample' 'nonce-i69-97ZFPcx3ysV7JfBaVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zoom.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LTiYR-ZcCLYFtaJ6Ki6Ixg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uY41bpjJ5vAgYZDCUouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxNDQwEzPwCy-wAAAAuYoWw"
content-security-policy
script-src 'report-sample' 'nonce-LTiYR-ZcCLYFtaJ6Ki6Ixg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zoom.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXKINUq0oZfEvRtgnoKroHu82OdhtrKxTkP3dNVGKhOMkN0mqESAViRMwThJsdncnsb_h7SimKEPV_8Q6iV7KnNE0tbgrToGuYH_IigFpSaAn68BtG4rsml5ioEPU4L058faRU32A==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXKINUq0oZfEvRtgnoKroHu82OdhtrKxTkP3dNVGKhOMkN0mqESAViRMwThJsdncnsb_h7SimKEPV_8Q6iV7KnNE0tbgrToGuYH_IigFpSaAn68BtG4rsml5ioEPU4L058faRU32A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxMDY4NjE4LDE2MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly96b29tLm9yYW5nZW9mZmVyLmNvbS8iLG51bGwsW1s4LCJIMWJweW8xOE1RZyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.H1bpyo18MQg.es5.O/am=GAw/d=1/rs=AJlcJMwOqqBF3J1McV_Y8QRFkg827WSIOA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
b730482898b91902e0be3332250a71cd419ba8ff3d7bfd2d52ec0ce22c212264
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rQY7UmhuvYN4Q9jQ4Yls0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhbg5TrXu2MkmsKFnUpqSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiaGhgamegWl8gQEAMhE_Rw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rQY7UmhuvYN4Q9jQ4Yls0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxU0NE2y0PfDZmZfIScV_pSc9V3wr6TXSG27--K62ZlRjA2smwUzyiBpDAzzc8P2NkK0xGr4PmisDnIDXuathHdk1aV598a6u8s0vi7N7Agj4-_GZV4bLYthVUDC9GFYHwW19lMKJQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU0NE2y0PfDZmZfIScV_pSc9V3wr6TXSG27--K62ZlRjA2smwUzyiBpDAzzc8P2NkK0xGr4PmisDnIDXuathHdk1aV598a6u8s0vi7N7Agj4-_GZV4bLYthVUDC9GFYHwW19lMKJQ==
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EneGW-MOHJBkAlRt6SVQIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uE41bpjJ5vAhPnLJzIquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDQwMzPQOz-AIDABJqKF8"
content-security-policy
script-src 'report-sample' 'nonce-EneGW-MOHJBkAlRt6SVQIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zoom.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/ 		179 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/reactive_library_fy2021.js?bust=31088653
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
2325b28767ea8694d5b450e24cf2e0e14b73d2eb64711881ffbcaf2583ab0560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
br
etag
592859090816675906
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 12:23:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
61015
x-xss-protection
0
server
cafe
AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXVEI7iOHHY-j9_BPT6iLTXyBNOWunp2Xnk8DMon6GJYMD9_j7DgxjHWki84H8USMtoPB66BR0ZJvwFiGVpKdVI92BRl6DnaC7WsZY8-moienCg5C3P_y6OQbZrPxgHdocjSqfo5g==
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rFIGc3-PRsFHeuUCfiDXdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uE41bpjJ5vAj0s9C5iUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhoYGZnoFZfIEBADecKOQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rFIGc3-PRsFHeuUCfiDXdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zoom.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
ca-pub-8170686022786770
fundingchoicesmessages.google.com/i/ 		196 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8170686022786770?href=https%3A%2F%2Fzoom.orangeoffer.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
ESF /
Resource Hash
03f6dca3b16e02d73bbda3cf5fc26f69f3362877a94b8550c83affd8e17752e9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-o1vsmw_siTUF0vETSeVjJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:38 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0JBiOHHrNtMFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OE617tjJJvBjZvsKJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQ0MDUz0D0_gCAwCq0ET0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-o1vsmw_siTUF0vETSeVjJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/ Frame 4175 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241106/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoom.orangeoffer.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
1844
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4134
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 11:52:53 GMT
etag
4475648825157136472
expires
Fri, 22 Nov 2024 11:52:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
sentry.impressionfox.xyz/api/7/envelope/ 		41 B
732 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.impressionfox.xyz/api/7/envelope/?sentry_key=cbc9fcc6991ec6e954f338a62d732681&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.108.0
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.167.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
990f8cc0bd7788d6f0e1a8bc22e0798f8bc570e104ac96fe2dfaef1a637fbf6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://zoom.orangeoffer.com/

Response headers

access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
cross-origin-resource-policy
cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTA%2BZFah5EM7Eeg2F7urFiW5nhQPXhdq%2Fn806Tap%2FnZ6izJ2wWgbN9lDi%2F0y%2FfcAJJMrKTB%2BTLZx%2Bu7BgV%2Fubon4c%2FYQyPbSTTNLRKKrex%2BA4jA8Fl8GcrN1CJ%2BNy3riuj45es9upzPWkDU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8df58918f9d9dad1-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
41
server-timing
cfL4;desc="?proto=QUIC&rtt=31737&sent=60&recv=64&lost=0&retrans=0&sent_bytes=6020&recv_bytes=67364&delivery_rate=331&cwnd=12000&unsent_bytes=0&cid=ec6437874e173d8d&ts=2468&x=1", cfHdrFlush;dur=0
date
Fri, 08 Nov 2024 12:23:39 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
cloudflare
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CB18E284B7D34211BA5145995D4348C0&RedC=c.clarity.ms&MXFR=33EF427B099966362AF3574A0D99689C
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB18E284B7D34211BA5145995D4348C0&MUID=0A4B66F279126234237F73C378AC6305
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB18E284B7D34211BA5145995D4348C0&MUID=0A4B66F279126234237F73C378AC6305
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 08 Nov 2024 12:23:39 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CB18E284B7D34211BA5145995D4348C0&MUID=0A4B66F279126234237F73C378AC6305
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 59CA3BE5A54043E0BA387E74E7C45416 Ref B: MIAEDGE2017 Ref C: 2024-11-08T12:23:40Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 08 Nov 2024 12:23:39 GMT
x-powered-by
ASP.NET
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241106&st=env
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
b74229ce70a2f41617f4554d90ea509eccb5f8a66dfed1a89ced7e56f05afa5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12888
date
Fri, 08 Nov 2024 12:23:39 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YQW93GBH6X&gtm=45je4b70v9168395566za200&_p=1731068616465&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101823848~101925629~102067555&cid=2027778982.1731068617&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEI&sid=1731068617&sct=1&seg=0&dl=https%3A%2F%2Fzoom.orangeoffer.com%2F&dt=70%25%20OFF%20%7C%20Zoom%20Black%20Friday%20Discount%20Codes%20%26%20Coupon%20Codes%20%7C%20November%202024&_s=2&tfd=3829
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://zoom.orangeoffer.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:39 GMT
content-type
text/plain
server
Golfe2
favicon.ico
www.orangeoffer.com/ 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.orangeoffer.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db660f9b501d752a085a60c61ad93d3652eb10cd824a1b2c342c2f2df450b48c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"672dfb38-25be"
age
107
cf-ray
8df589198bf5db09-MIA
expires
Mon, 09 Dec 2024 12:23:39 GMT
date
Fri, 08 Nov 2024 12:23:39 GMT
content-type
image/x-icon
last-modified
Fri, 08 Nov 2024 11:51:20 GMT
vary
Accept-Encoding
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410300101/show_ads_impl_fy2021.js?bust=31088653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://zoom.orangeoffer.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 08 Nov 2024 12:23:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 08 Nov 2024 12:23:40 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
collect
j.clarity.ms/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://j.clarity.ms/collect
Requested by
Host: zoom.orangeoffer.com
URL: https://zoom.orangeoffer.com/_nuxt/1668.ba2aa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.215.111 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://zoom.orangeoffer.com/

Response headers

Request-Context
appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
Access-Control-Allow-Origin
https://zoom.orangeoffer.com
Date
Fri, 08 Nov 2024 12:23:39 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 4478 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoom.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
56
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 12:22:44 GMT
expires
Fri, 08 Nov 2024 13:12:44 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0F46 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-h1ejwQpQFZujtyd1MiRWcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zoom.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-h1ejwQpQFZujtyd1MiRWcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Nov 2024 12:23:40 GMT
expires
Fri, 08 Nov 2024 12:23:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241106&jk=3185805199051077&bg=!zs2lzYLNAAYQZ9WPMGc7ADQBe5WfOCecEGWMM6hGGYoAZuCekscmB1CsVcRmcViP6OSKTMxNod6Mx_MP9sibEvI6HUnwAgAAAFdSAAAABGgBB34ANjrs-dCQe_Vop7P3mLAnWt0vxktMw9DsZKWuxoNLyDhw0sXVRlglgQzh_RnFfegsVDgB93p1ZAoAnfxoNUPb8vXju8hFhLscO2ktEDpA_FGN2w2KiTPh7Dy3ViEF6_B-RFnB0wo9fFIZE02SSayfDJGDoRRu-YId39K234OJ5dFOmx2q2N6C3Rp7J5Dsb7toRyMSzLgdG_r6CPEUSpeMeRPTyi1QzYkWdgtMtJrweOPKWTsTSYeRuuQyJB00AtyaFyf-ustBUw0joyY91-3KYruiefEVJmGZAp4WdIJ8o0TKcStn7Mrg-nTL_xCZ3QVV8qKCisvTfcsxd2x6i8Tcd2ubj1w1Z-PUO6uWJ-gBCDBj8xhej-T7JpC3bWUhzOflRQvgBV12qgFB6ImEpYuMkVqNpwGoQol2qvk2nzM2YWYUqg-oUnfwM95PpbDGYK2tje1b606AS7U3kAo1QpPy7I6PwQnUEIwgafOpmOxu5YCeUrM-jxXu6l6Ut9rxo2-5IgvSIvlJJNplVsaEbLun7ynNyJ3C_aBcvoHvsxF44V18Hq5A55zHM1t3B6DqM_W5HMxFGfNV2zESbYixuStUwl-3wKcMCyyaQtmnIVnx5hibU4Xq78UqjPSRp9ciM2Ci-oV4cf88Y52EB8yIpqyQpt0bZ2-XSiKCnF-bLxVUuGxy5NPSKhF4Ji95BLUKIs2WU5RkQD8eRVmGRVI_eduErVGfB2h6PY9dIXHeRleMHsXTsZOCrsDWOKa2U-29qGR9xcEsCKt6xXDuukbQTOD7QOPUDwS_Qq8UxQAZWcoBHdkMFkjifE5fQczWD9NJiTeH7919nfyRPE8bQa3hLRl1TV6012KlpB3wF8_HcEYQDufAicNF1NFGbxSTgqr7MUdbFxd7C02Zs9CpJECiugotP0cuxKENaKzN3ZM7JpJCTQ6aeEOiz9Y4EKlCSoWBAOmHPzuClg-Re5eS10mElWYcjEz9B4lrfyLSebCspHgUbUPm72KDo_njHorMrCiHc1dnNM7Ndaf5dVLCgMhG0_nCdYj9p3Zi2u2S5iEtX6mSGHg-vTxNOxiwQ776D8zVW-mjFJWdUUQkHDeXcn94uywcaN_7N8y23k69FQUw9C5wN72gLNPX_vtjdXSCSUhs9dudCR8c_Nwv4-CzNO8J1Di_miQ7c0el1Gme

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| gtag object| dataLayer function| __h82AlnkH6D91__ function| _googCsa function| clarity object| adsbygoogle object| __NUXT__ function| __p4qa8r1lb17__ string| cHViLTgxNzA2ODYwMjI3ODY3NzA= object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef object| ggeac string| YTllMGY4MGRhZjFhZGMzOGxvYWRlcl9qcw== string| YTllMGY4MGRhZjFhZGMzOGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady string| GoogleAnalyticsObject function| ga function| _ object| $nuxt number| googleNDT_ number| googleAltLoader object| google object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| gaplugins object| gaGlobal object| gaData object| googletag object| __SENTRY__ function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_empty_script_included boolean| 223d22aa-23d9-4720-bfa3-e67c52298431 object| google_llp boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| google_image_requests

38 Cookies

Domain/Path Name / Value
zoom.orangeoffer.com/ Name: merchantInfo
Value: %7B%22id%22%3A6937%7D
.zoom.orangeoffer.com/ Name: __cf_bm
Value: J_4SQ3.vKu_s6YdxkndoKlRrGFJbdYh_pH7HSzlDpfs-1731068616-1.0.1.1-lWeEk2phsaIsBNMbQnn7nns8mHdvknEFz1yF1DXxD2iKq9EQG8DCsPV2TMkdFCEDM3b6Htntv7iIuo4yFZuNeg
.cdn-assets.orangeoffer.com/ Name: __cf_bm
Value: oY_HllW_45jGAbLJF6s5etfIZkk6feagH.WNS.KU9UE-1731068616-1.0.1.1-Q5A.iVQ7AidoeCUL_N53_uKpyRcfjfUrEyYT_1X2W4jxJGKcPJu465rjMVHoTbFWnK1XduJ9OD2vLbaBh9tPTA
www.clarity.ms/ Name: CLID
Value: 20ab3224063d4435b4cef70a9d8290c2.20241108.20251108
.orangeoffer.com/ Name: _clck
Value: 4yhlpv%7C2%7Cfqp%7C0%7C1773
.cdn.orangeoffer.com/ Name: __cf_bm
Value: eH9mcNMabiyg7.IU9ZrVfpqd3roEKRJeXNpnRda9rTc-1731068616-1.0.1.1-blu6_Hxg62oCegjlr1LTcMeJhOyBaACWwCzuXLogUcz9RxHOBVL.UkOLRrauH4dDsKKRbM0Vufw447A4.JgMiQ
.orangeoffer.com/ Name: _ivr
Value: 254947091799250
.orangeoffer.com/ Name: td_ray
Value: 8df589023c24db09
.orangeoffer.com/ Name: _gid
Value: GA1.2.1338705643.1731068617
.orangeoffer.com/ Name: _ga
Value: GA1.1.2027778982.1731068617
.orangeoffer.com/ Name: _clsk
Value: 1863yf3%7C1731068617656%7C1%7C1%7Cj.clarity.ms%2Fcollect
zoom.orangeoffer.com/ Name: BUILD_ID
Value: m38olx1v
.orangeoffer.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_yIdtaGs_PbpJ4E4hhj8DmVLY-QGVkEM-CLD2-eBq1MrWq-Ptgfk0wGF38NEd3yfUJuEXoZOhYUmnMIexI-YA3kFMdLc3zT0OI_K8WiHX1aCs4nJhqgDPY6Dqrxw27WyGYPSaz76dbWSyUze24CzA7BwQtEw%3D%3D%22%5D%5D
.doubleclick.net/ Name: IDE
Value: AHWqTUkn8c_C3y5mjuiy-esaeOt0caXcij8EKdF1lFj24udXFErwRvnda3l4H2Vo
.orangeoffer.com/ Name: __gads
Value: ID=ad29f7d34fe40935:T=1731068617:RT=1731068617:S=ALNI_MZnFsFC6QLfpJnTnvOf2SdxaTDuMg
.orangeoffer.com/ Name: __gpi
Value: UID=00000f7d9a640fcd:T=1731068617:RT=1731068617:S=ALNI_MaQR2zUczgbOd7uhbLaHxSov-4eWw
.orangeoffer.com/ Name: __eoi
Value: ID=3e69e1f0c3551cca:T=1731068617:RT=1731068617:S=AA-AfjYg45aFuxILxiU2_dNZ-0JR
.casalemedia.com/ Name: CMPS
Value: 5789
.casalemedia.com/ Name: CMID
Value: Zy4CytHM5VwAAGcIA-ZnugAA
.casalemedia.com/ Name: CMPRO
Value: 5782
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6502583899425772413
.ninthdecimal.com/ Name: ndat
Value: CppJSGcuAstfwAAdr+CuAg==
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1731068619303
.tapad.com/ Name: TapAd_DID
Value: 05cc77a7-7c75-4499-850d-8d9017d685ea
.orangeoffer.com/ Name: _ga_YQW93GBH6X
Value: GS1.1.1731068617.1.0.1731068619.0.0.0
.www.orangeoffer.com/ Name: __cf_bm
Value: VLAUthQL9tAt.qzqKzVEdXU8stqmcXm53vLfeoJV8V4-1731068619-1.0.1.1-jRBZwIxTsF7FrL8FlIphKorfWIalO3l.wIFfliURuHpF8v5ZWN.BvjadcBmSrzKNqmst2ZaMQ6ijwavODUHLmw
.bing.com/ Name: MUID
Value: 0A4B66F279126234237F73C378AC6305
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0A4B66F279126234237F73C378AC6305
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0A4B66F279126234237F73C378AC6305
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: APC
Value: AfxxVi6P_VcWob2O_z4Lf_INbB_6_WDMjr-ewIS4xz10D8nhPzlDZQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn-assets.orangeoffer.com
cdn.orangeoffer.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
j.clarity.ms
pagead2.googlesyndication.com
sentry.impressionfox.xyz
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.orangeoffer.com
zoom.orangeoffer.com
ep1.adtrafficquality.google
142.250.65.162
142.250.72.98
142.250.80.100
142.250.80.78
142.251.40.226
172.67.167.50
20.110.205.119
216.239.34.178
2606:4700::6812:12da
2606:4700::6812:13da
2607:f8b0:4006:808::200e
2607:f8b0:4006:809::2008
2607:f8b0:4006:816::2001
2607:f8b0:4006:820::200e
2620:1ec:bdf::40
2620:1ec:c11::237
52.184.215.111
01e17dd9e6ea41afedcb6feaaa5a16732fe510cbbcfdfcde0d8eb800768f6445
03f6dca3b16e02d73bbda3cf5fc26f69f3362877a94b8550c83affd8e17752e9
09fa04e84d7038cc32f19bedcba454b9e637a35f4de496e8ec9148c47550f0fc
1309aa3579154db0cf22b78d1d3f206b43f479dfad122f227167a7c59e59508d
1db51a71ab979770ba69cdb511af11f3d8e424db8faa026ee23a4e2a803fd378
2325b28767ea8694d5b450e24cf2e0e14b73d2eb64711881ffbcaf2583ab0560
236aa58f4f1164cc5587345a53880e638286344d90176cd9daa6ed7cc7f58ee9
3aff2e0a423b1f79a303b6c9543f64219437425dc6c290caa12f7a6372135718
3f21cf13348fb20852c706a01c315b235b62a0c3fc2c8583d533f23afa9f7fdc
43c569bf5a42380717bdb0b34cf71333ac0a0e21cdfee3cb0bc3eea45a9e99a7
4b5e4b1cc6d2f2385a9b1f10c1435d734413df238caacdb25d2eece4f41a4edc
4c54e2e5a2e8829536ecabcebdb5c46318306e12389a7d75c7ad911566c8d976
618723fe521b7f5bebe73047756c24b928ab7a9d68f441496eaa6107d1a12201
67b2c40d906b89bc435ed6ee053be0e82c95760013ed1938b35e96aa91ccca0a
68a5df4a40357c26a643745efb611532c94d369de74773c658c52a3c7652379b
6999d9f384e3d5c7b8d16b4936a16026c001286cd1b7d2513a6e617b0bdf65ae
8798e067c0edba3e31604b4f68625f8df67238ad56da968e2b3b57557cee988d
8b141ef66f166cbc44af885dabca84f1680110225dc5241b24a518e4f44ef662
8b4daa46c10315926f3d2391b5feaaa1c3207d8d656198f2d65bf53e80e20b72
961ddb6f7c2b650629e9f1eaabf81fcc9bf242713e9bcd9e36d09b7c46ff7f32
96c8eaa6eae4b134422551caef23773eeca64c6ddd0b8d06bab2f8c34d923917
990f8cc0bd7788d6f0e1a8bc22e0798f8bc570e104ac96fe2dfaef1a637fbf6c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d5aece22048654ac8c3bfca412a112f12ad5b11cf2e11a99d63f5cfb427b657
a331f40b7d989a28f8b567fb4456df6f84016b2f2be9c2efb59deb6b2485781e
a3dc63b428130ff4326db3da509e98136a1b17213c08e354fcfb4a517e83fbd9
aaf4725cf33af8d617848d74ac1e831957e646d2af222d2735e8c5ec6b5de778
ab8ab8d5ebe9a15bd2808f1933ba2f6d86274b5a7b1be0d060d6369df4c98d71
b1fa07da18ddadb5e1a62752d3d5c5e8dd884edfd5f2af4857316b811f950d84
b314e282b8f2ee26fb85e5244215cc4cea96aa9fc5234cf33327828a61a51d22
b730482898b91902e0be3332250a71cd419ba8ff3d7bfd2d52ec0ce22c212264
b74229ce70a2f41617f4554d90ea509eccb5f8a66dfed1a89ced7e56f05afa5e
b9081a46e5d6e34efd25190223cfd90a18d71aff550b9d1c69a95693a33f5cc5
b9a6aec4f0b4970740ebed3eb53ee45f9051a0208f082f034ec8b6225a1ebbf8
c091ae3ca8d585c275c123e5b6c93bd753eb7963fce14325bb6b5bb30a25822b
c94b2b02942961a9753a42e739eec6efe64e9bc96fe829eb0b1c1cbf2c56ee42
cae9b0dcdbabfe8d123030842dedf1eb0a03fd9fe8d5d12c64bcea24395e2941
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d0f60a90cfd1df0a601554f3f4f3cb629b3a0b23650fcb1d5159ea416517d723
d51653e2e881962bfdef1722cf67927778183ae996d92b73e75c8d1e6b2c1757
db5c3e0f4127773e44078ef71e196692fc4330217ca4f8ddf913714177c4fe2d
db660f9b501d752a085a60c61ad93d3652eb10cd824a1b2c342c2f2df450b48c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5ed8d76a9341be08c77c870d81fca3ec75264601934583bcf00f4d6895dac1
e2bcca3578440562ddcf782755d1e601235576c8797b79af80ae6e3a5102304a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4dcad93e150ea963b3bdd86721dfc4ae1b0484eea986a8723cefac7a05cf8be
ebe740f7d8e23108477c840dc118726630a742ce0475bdf8c77a3d90636fe9dc
ecf36c6dc43022c7818de7f04aa136898adf786ab669730311ece2a084bd13ce
ee08909c3cd7ec002ccdf3c7e706bbd05d9d29c85086668edec3a33605187731
ee9c002ebf52e1d8d10357dc692b335fbdd0f380324cca40af4a46d661067d2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3e0fb5047c67085b78b981430d10248cee1b1acc2b61ce22528b99d4674d34
f7e3e6283acc0df924ae641be3e447f26bc3ce898a102a8a5b2589d5ae9e425b
f846fed93f07921ca8bd9d1aa80243acb14c8f5260fde6c930b554c0777a0d8e
f982c2d49bf5361852c1a849fadb731de8e3f507fd9adb10cef379fab0fc8667
f9e329ec4b7e2d3d3f701c18814d7b91d8735be670d413e2fa44f99ed98a022e
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99