offer.ru Open in urlscan Pro
45.88.106.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://offer.ru/
Submission: On December 19 via api (December 19th 2024, 3:51:01 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 64 HTTP transactions. The main IP is 45.88.106.25, located in Dronten, Netherlands and belongs to ON-LINE-DATA Zomro B.V., NL. The main domain is offer.ru.
TLS certificate: Issued by R10 on December 18th 2024. Valid for: 3 months.

This is the only time offer.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	45.88.106.25 45.88.106.25	204601 (ON-LINE-D...) (ON-LINE-DATA Zomro B.V.)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:12d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.199.186 172.67.199.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	2a05:d014:776... 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d	16509 (AMAZON-02) (AMAZON-02)
64	9

43 45.88.106.25 (Dronten, Netherlands)

ASN204601 (ON-LINE-DATA Zomro B.V., NL)
PTR: loveread.fun

offer.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:12d (United States)

ASN13335 (CLOUDFLARENET, US)

gadgetstouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.199.186 (United States)

ASN13335 (CLOUDFLARENET, US)

the.gatekeeperconsent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	offer.ru offer.ru	1 MB
7	ezoic.net g.ezoic.net — Cisco Umbrella Rank: 14639	425 B
5	gatekeeperconsent.com the.gatekeeperconsent.com — Cisco Umbrella Rank: 14028	98 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	292 KB
2	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 11915	272 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	gadgetstouse.com gadgetstouse.com	3 KB
1	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	33 KB
64	8

	Domain	Requested by
43	offer.ru	offer.ru
7	g.ezoic.net	offer.ru
5	the.gatekeeperconsent.com	offer.ru
3	www.googletagmanager.com	offer.ru www.googletagmanager.com
2	go.ezodn.com	offer.ru
1	region1.google-analytics.com	offer.ru
1	gadgetstouse.com	offer.ru
1	securepubads.g.doubleclick.net	offer.ru
64	8

This site contains no links.

Subject Issuer	Validity	Valid
offer.ru R10	`2024-12-18` - `2025-03-18`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
ezodn.com WE1	`2024-12-15` - `2025-03-15`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
gadgetstouse.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
gatekeeperconsent.com WE1	`2024-12-17` - `2025-03-17`	3 months	crt.sh
ezoic.net E6	`2024-11-12` - `2025-02-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://offer.ru/
Frame ID: D9FB4BDCC4D152EE71D58912F62B2033
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Мостбет: обзор букмекерской конторы и казино 2024 - регистрация, зеркало, вход

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

1953 kB
Transfer

3781 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
offer.ru/ 199 KB
200 KB 279ms
33ms Document
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: cd0995202ea020edefb243657fd08f87d906f465283caa6f7e6f3d8e48db340e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 19 Dec 2024 03:50:56 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked

GET
H/1.1 200
OK tcf2_stub.js Show response
offer.ru/js/ 1 KB
2 KB 63ms
16ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/tcf2_stub.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 925beb768cc9209c0f4de784f15d6c1dde72232c5b457cb186fdea749d07eae8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-546"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1350
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK boise.js Show response
offer.ru/js/ 824 B
1 KB 65ms
15ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/boise.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-338"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 824
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK abilene.js Show response
offer.ru/js/ 11 KB
11 KB 18ms
15ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/abilene.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 03ac47569a4c49af3204edc42f44be039d22bffa1ce769c53fc90defb3b7e34d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-2a3d"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10813
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK tulsa.js Show response
offer.ru/js/ 13 KB
13 KB 14ms
14ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/tulsa.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: cf9d6d0b36c4e43bb90e28078c16ba093457e2bea78030d65502f9ca66a0f85b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-3444"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13380
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK jquery.min.js Show response
offer.ru/js/ 87 KB
88 KB 73ms
27ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/jquery.min.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-15d9d"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89501
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 103 KB
33 KB 77ms
20ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: offer.ru
URL: https://offer.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

95a148304dd6f7e55a8b1dcde6797d36ba976f90b752e8d58cb1330bca8f1f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

content-encoding: br
etag: 35 / 20076 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options: nosniff
expires: Thu, 19 Dec 2024 03:50:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33455
x-xss-protection: 0
server: cafe

GET
H3 200 dall.js Show response
go.ezodn.com/hb/ 708 KB
233 KB 30ms
16ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-3-111
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b040f67d7ee2041edd4110bcc00c7db68d2c7d495f9b95727a4c5b8cb929b231

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 1736018
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRvNUjaB2VC%2BkEIkZMtXq4tZGMyAKSYu0FVS0EmAsm61pWypA6%2FdbE1QyZm28Jz8fee24VW%2F2rqyAbz467E2cj%2FiWfbUfpQO81uDyVa%2B5qOF6a2qb650H%2BdKc7TXKWA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f446e6e18bad289-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6828&min_rtt=6500&rtt_var=1575&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4106&recv_bytes=4347&delivery_rate=89533&cwnd=12000&unsent_bytes=0&cid=f3c1d92401c194e3&ts=23&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 03:50:56 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Fri, 29 Nov 2024 01:37:18 GMT
priority: u=1,i=?0

GET
H/1.1 200
OK style.min_1.css
offer.ru/css/ 112 KB
112 KB 38ms
31ms Stylesheet
text/css 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/css/style.min_1.css
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-1c012"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114706
Date: Thu, 19 Dec 2024 03:50:56 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK style-index.css
offer.ru/css/ 2 KB
2 KB 20ms
13ms Stylesheet
text/css 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/css/style-index.css
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: b7401399a7d14377381e795d08ae22f82ac7f6190589f62db0b5d9920ace1590

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-6d5"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1749
Date: Thu, 19 Dec 2024 03:50:56 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK style-main-new.min.css
offer.ru/css/ 38 KB
38 KB 39ms
32ms Stylesheet
text/css 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/css/style-main-new.min.css
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: f3954f68a37b99d294258ba83caad8941974dd00af2a86ea9928615aff110232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-9865"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39013
Date: Thu, 19 Dec 2024 03:50:56 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK style.min.css
offer.ru/css/ 6 KB
6 KB 27ms
14ms Stylesheet
text/css 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/css/style.min.css
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: a1c0f126e8c3ef15adc441bfafd3ef39cb860060413c8da748c2999ff54870cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-18ca"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6346
Date: Thu, 19 Dec 2024 03:50:56 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK style.min_2.css
offer.ru/css/ 5 KB
6 KB 38ms
17ms Stylesheet
text/css 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/css/style.min_2.css
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: d30c86402504a0516cf9e037c138674e1d7720063005aa93fc19bc0486d2a106

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-1560"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5472
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 60ms
33ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34559034-3

Requested by

Host: offer.ru
URL: https://offer.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71352cc0cd12c1a196dae93f05eb98773edf427d663aef0ee05a560f8f5291a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 19 Dec 2024 03:50:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 19 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81608
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
106 KB 61ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YSN3RG7784

Requested by

Host: offer.ru
URL: https://offer.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e48dc0bc497b0f08632dad8cea27045a32ce2cf2971b31c6a81a8a3b0eead0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 19 Dec 2024 03:50:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108191
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK lazy_load.js Show response
offer.ru/js/ 14 KB
14 KB 14ms
14ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/lazy_load.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 8dd170013a5961d8e5cecfe293b157f2c27f21cc341997168764478e1c3b49a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-3679"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13945
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK surgeonv2.js Show response
offer.ru/js/ 11 KB
11 KB 13ms
13ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/surgeonv2.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: ee8b3be2dddf3ead4303151e98c78244c0cb2efdbdb01206d474b6d9e8928799

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-2b32"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11058
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK indy.js Show response
offer.ru/js/ 141 KB
141 KB 14ms
14ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/indy.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: f43596f7fe4c61d350362b2dbf26b7b0d9bc4a88b5bce6c30faff14c90c63be1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-23492"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144530
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK screx.js Show response
offer.ru/js/ 6 KB
6 KB 15ms
15ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/screx.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 5b7bc666d9ac260afd55a9956481262a89f12f6bd916b19a5216cc262a4b1696

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-1820"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6176
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK cmp.js Show response
offer.ru/js/ 150 KB
151 KB 16ms
15ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/cmp.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 9202936bc04f3327103c738638ba5f8190401d36f96fa749913219bbc8053663

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-25985"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153989
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 404
Not Found svg%3E
offer.ru/data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20width=%2230%22%20height=%2230%22%3E%3C/ 327 B
327 B 21ms
20ms Image
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20width=%2230%22%20height=%2230%22%3E%3C/svg%3E
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 28695d26fcd43105b9faee82a93a29d35cfa36eaac1ade150d4e1bdd672062ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H/1.1 200
OK 1pwov7ngcp-72.webp
offer.ru/uploads/ 61 KB
61 KB 14ms
14ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/1pwov7ngcp-72.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 6c3f52ef7d0750aea632660d5e559f4e461c2f8f4fd4f43c103209d618a2c7d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702b348-f458"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62552
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 15:56:56 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK eeco836b5x-98.webp
offer.ru/uploads/ 8 KB
8 KB 13ms
13ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/eeco836b5x-98.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: cd94f0599977a9529cf07a75bd18e3baaaedb35b3fbb6a4eeb98b339faa178e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702c1d6-1e02"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7682
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 16:59:02 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK kftan4nofo-91.webp
offer.ru/uploads/ 37 KB
37 KB 15ms
15ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/kftan4nofo-91.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 3a10429d3ecaf95fa82710739a9dce9a05ba0643658ca2290f8b1edb38144a78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702b19a-93a8"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37800
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 15:49:46 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK trtb13t275-52.webp
offer.ru/uploads/ 41 KB
42 KB 14ms
14ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/trtb13t275-52.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 9d0482c2106482ed562c2d2a4b924d80df05f92ee4a1826d87c8d8a4fc2af246

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702bb66-a574"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42356
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 16:31:34 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK nv5z5dusjq-95.webp
offer.ru/uploads/ 50 KB
50 KB 16ms
15ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/nv5z5dusjq-95.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 570b51e81d042f27873a0912b853e44ef1bee0fd00e3fd37ce166b4933aca04b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702aef8-c73c"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51004
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 15:38:32 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK vkujijwv53-64.webp
offer.ru/uploads/ 39 KB
39 KB 19ms
17ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/vkujijwv53-64.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 0fb66a8da379df7c627a1ad36a39dcf7adf27f0c89e07e573a000db538e01f1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702c1d6-9a72"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39538
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 16:59:02 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK 14bc8ihtc3-33.webp
offer.ru/uploads/ 11 KB
12 KB 16ms
16ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/14bc8ihtc3-33.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: b3933333708bcdfeac7e6f6bba31beb1bc61e33c5a827362565f28e3b9c09350

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702b4b6-2dea"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11754
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 16:03:02 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK uzez8w9jta-97.webp
offer.ru/uploads/ 42 KB
43 KB 18ms
18ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/uzez8w9jta-97.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: e039a8d5d8eb27842fb7a6a566ae495027fd440194c22d738d79bb1fd2fd7efb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702c71e-a944"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43332
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 17:21:34 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK tj4tq43u4d-13.webp
offer.ru/uploads/ 41 KB
41 KB 16ms
16ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/tj4tq43u4d-13.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: f064836d5aced3b0b6c0442c4501dc40cf78cf9cfd34f0fcd781ef1729dd5528

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702aef6-a4d0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42192
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 15:38:30 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK vdnquugwsk-43.webp
offer.ru/uploads/ 36 KB
36 KB 17ms
17ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/vdnquugwsk-43.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: a94be14c0d7b5a0226caecd280c3600ec0cd2ebea5c90f8037e574ef777bc90c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702c868-8eee"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36590
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 17:27:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK h406in99il-97.webp
offer.ru/uploads/ 31 KB
32 KB 42ms
41ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/h406in99il-97.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 2b38d7db427ab21e57ae0fecff6ec36666a965a1ffabaaf8a26551a6718c2de4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "6702b348-7db6"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32182
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 15:56:56 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK z7005cya71-99.webp
offer.ru/uploads/ 38 KB
38 KB 57ms
56ms Image
image/webp 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/uploads/z7005cya71-99.webp
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 4aae69a08664247c24444bd61fc9ac4b2832384d45882e73555e6dbec34edea9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "67029ca6-9778"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38776
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/webp
Last-Modified: Sun, 06 Oct 2024 14:20:22 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK email-decode.min.js Show response
offer.ru/js/ 1 KB
1 KB 15ms
14ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/email-decode.min.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-4d7"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1239
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK imagesloaded.min.js Show response
offer.ru/js/ 5 KB
6 KB 19ms
16ms Script
application/javascript 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/js/imagesloaded.min.js
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 1858e2584fc1bb95f69db130ec95f7d3672b71680fc75f317b9f1304792b6f02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-1590"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5520
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 404
Not Found boise.js
offer.ru/detroitchicago/ 0
0 237ms
235ms Script
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/detroitchicago/boise.js?gcb=195-3&cb=5
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H/1.1 404
Not Found abilene.js
offer.ru/parsonsmaize/ 0
0 33ms
33ms Script
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/parsonsmaize/abilene.js?gcb=195-3&cb=0db397a922
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H/1.1 404
Not Found tulsa.js
offer.ru/detroitchicago/ 0
0 26ms
26ms Script
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/detroitchicago/tulsa.js?gcb=195-3&cb=9
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

POST
H/1.1 404
Not Found analytics Show response
offer.ru/ezais/ 213 B
406 B 24ms
24ms XHR
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/ezais/analytics?cb=1
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 3c3f9c038e6c64225ad9de0b2023723e2f1909f39033bb86db904cf344ff7b42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H/1.1 404
Not Found lazy_load.js
offer.ru/tardisrocinante/ 0
0 27ms
27ms Script
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/tardisrocinante/lazy_load.js?gcb=3&cb=6
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H/1.1 200
OK cropped-GTU-Website-Logo.jpg
offer.ru/images/ 5 KB
5 KB 30ms
14ms Image
image/jpeg 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/images/cropped-GTU-Website-Logo.jpg
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: a4027ebfb50ba81509373fdb3d2f04b1589a9553d8774c8bedb0542fb9d07d0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-139a"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5018
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

GET
H/1.1 404
Not Found svg%3E
offer.ru/data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20width=%22300%22%20height=%22169%22%3E%3C/ 329 B
329 B 37ms
21ms Image
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offer.ru/data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20width=%22300%22%20height=%22169%22%3E%3C/svg%3E
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 4312adc097d2967f9ac2162dc5282654da1b2ea29203e48cd714a315b744df3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H/1.1 404
Not Found surgeonv2.js
offer.ru/tardisrocinante/ 0
0 25ms
23ms Script
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/tardisrocinante/surgeonv2.js?gcb=195-3&cb=2
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H3 200 indy.js Show response
go.ezodn.com/detroitchicago/ 141 KB
39 KB 19ms
18ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/detroitchicago/indy.js?cb=19&gcb=0
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f43596f7fe4c61d350362b2dbf26b7b0d9bc4a88b5bce6c30faff14c90c63be1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
content-encoding: zstd
cf-cache-status: HIT
age: 521082
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJ7NptyNUYAdwTOMuYhmvCsdEUd4yVtpwznRIJ8iZyEQctPtrC7igJzBhmbUbehZdTzMqxv7PKHqTQwAPcsCiuzAnU4PBt9kDQ3NR5hmC7ZDTXxVVFKXszT5IMGUkZ4%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8598&min_rtt=6371&rtt_var=825&sent=221&recv=70&lost=0&retrans=0&sent_bytes=247622&recv_bytes=7269&delivery_rate=11005359&cwnd=145200&unsent_bytes=0&cid=f3c1d92401c194e3&ts=185&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 03:50:57 GMT
x-middleton-display: sol-js
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 13 Dec 2024 03:06:15 GMT
priority: u=3,i=?0
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f446e6f19fcd289-FRA
server: cloudflare

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H2 200 fcc73dc8e6362f5092277c17ed223fd5
gadgetstouse.com/ezoimgfmt/secure.gravatar.com/avatar/ 2 KB
3 KB 79ms
46ms Image
image/png 2606:4700:20::681a:12d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgetstouse.com/ezoimgfmt/secure.gravatar.com/avatar/fcc73dc8e6362f5092277c17ed223fd5?s=30&d=mm&r=g&ezimgfmt=rs:94x30/rscb2/ngcb2/notWebP
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:12d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab380bfc0c9e9936a146d17e86f923f2274b5c1bd49fca8f8c00b2e66203587f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

cf-cache-status: DYNAMIC
x-middleton-response: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gx9ART2LGKxOLKYHB2%2Bezs%2BS1LwiM9fGhY0KGd92mQQpkAB0HhhkrYy14%2F1l4qmlnPd1ex7OguDG6SLWstAKSRv5gQ6UrUCFZfCD71zYSU5wB8o4HIuck223297pwwB26aPQ9AK0Oqr%2B8leq%2B6I%3D"}],"group":"cf-nel","max_age":604800}
x-ezoic-cdn-debug-orig-expires: Thu, 19 Dec 2024 03:55:57 GMT
response: 200
server-timing: cfL4;desc="?proto=TCP&rtt=8288&min_rtt=6162&rtt_var=4981&sent=8&recv=11&lost=0&retrans=1&sent_bytes=4021&recv_bytes=2303&delivery_rate=601205&cwnd=255&unsent_bytes=0&cid=2795966e44df859a&ts=55&x=0"
date: Thu, 19 Dec 2024 03:50:57 GMT
x-middleton-display: staticcontent_sol
last-modified: Mon, 12 Feb 2024 13:31:21 GMT
content-type: image/png
x-ezoic-cdn: Miss
content-disposition: inline; filename="fcc73dc8e6362f5092277c17ed223fd5.png"
vary: Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
display: staticcontent_sol
link: <https://gravatar.com/avatar/fcc73dc8e6362f5092277c17ed223fd5?d=mm&r=g&s=30>; rel="canonical"
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-nc: HIT hhn 1
x-sol: pub_site
cf-ray: 8f446e6f48aadc95-FRA
access-control-allow-origin: *
x-origin-cache-control: max-age=300
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
106 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YSN3RG7784&l=dataLayer&cx=c&gtm=457e4cc1za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34559034-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4295f0f09a0f04e82fa95c28109ac130e9a4d8a4eba0ef5513ea2ea8734e0d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 19 Dec 2024 03:50:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108187
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 config.json Show response
the.gatekeeperconsent.com/v2/ 16 KB
3 KB 46ms
33ms XHR
application/json 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://the.gatekeeperconsent.com/v2/config.json?domain=offer.ru&changeLogId=2007250&cb=295

Requested by

Host: offer.ru
URL: https://offer.ru/js/cmp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d57d8dac1e95663d2cde13138d81e1a367946ce8c9ac9a87f549ff94bcc4a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3GO6fMkMQeLfUPEMu0DdJ7x4wwtlGDkTCC729zmCpPpoRaEg7LpObRcaxr0ZQgJMh%2FhNTN7rJX3W68LCOrVWFmI17h05iwrTzAychJKqAXipCT5I0I1NJ5WsLFrgwtirWsQSkL7SDodU11b"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6817&min_rtt=6603&rtt_var=1572&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4150&recv_bytes=4401&delivery_rate=88288&cwnd=12000&unsent_bytes=0&cid=0ea61c120d81d4cb&ts=38&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: application/json
vary: Accept-Encoding
priority: u=1,i
x-frame-options: deny
content-security-policy: default-src 'none'
cache-control: max-age=2592000, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f446e6fbcd43618-FRA
access-control-allow-origin: *
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 38ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YSN3RG7784&gtm=45je4cc1v873577821za200&_p=1734580257072&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1705307561.1734580257&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAAI&_s=1&sid=1734580257&sct=1&seg=0&dl=https%3A%2F%2Foffer.ru%2F&dt=%D0%9C%D0%BE%D1%81%D1%82%D0%B1%D0%B5%D1%82%3A%20%D0%BE%D0%B1%D0%B7%D0%BE%D1%80%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BA%D0%BE%D0%BD%D1%82%D0%BE%D1%80%D1%8B%20%D0%B8%20%D0%BA%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%202024%20-%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D1%8F%2C%20%D0%B7%D0%B5%D1%80%D0%BA%D0%B0%D0%BB%D0%BE%2C%20%D0%B2%D1%85%D0%BE%D0%B4&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=573
Requested by: Host: offer.ru
URL: https://offer.ru/js/tulsa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://offer.ru
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ezqlog Show response
g.ezoic.net/ 0
21 B 41ms
10ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Foffer.ru%2F%22%2C%22name%22%3A%22%2Fdetroitchicago%2Ftulsa.js%22%2C%22path%22%3A%22%2Fdetroitchicago%2Ftulsa.js%3Fgcb%3D195-3%26cb%3D9%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%7D
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
content-length: 0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H2 200 ezqlog Show response
g.ezoic.net/ 0
21 B 38ms
9ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Foffer.ru%2F%22%2C%22name%22%3A%22%2Fparsonsmaize%2Fabilene.js%22%2C%22path%22%3A%22%2Fparsonsmaize%2Fabilene.js%3Fgcb%3D195-3%26cb%3D0db397a922%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%7D
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
content-length: 0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H/1.1 404
Not Found screx.js
offer.ru/tardisrocinante/ 0
0 24ms
24ms Script
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/tardisrocinante/screx.js?gcb=3&cb=5
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H2 200 ezqlog Show response
g.ezoic.net/ 0
21 B 37ms
9ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Foffer.ru%2F%22%2C%22name%22%3A%22%2Ftardisrocinante%2Flazy_load.js%22%2C%22path%22%3A%22%2Ftardisrocinante%2Flazy_load.js%3Fgcb%3D3%26cb%3D6%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%7D
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
content-length: 0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H2 200 ezqlog Show response
g.ezoic.net/ 0
299 B 36ms
8ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Foffer.ru%2F%22%2C%22name%22%3A%22%2Ftardisrocinante%2Fsurgeonv2.js%22%2C%22path%22%3A%22%2Ftardisrocinante%2Fsurgeonv2.js%3Fgcb%3D195-3%26cb%3D2%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%7D
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
content-length: 0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H3 200 gvl.json Show response
the.gatekeeperconsent.com/cmp/ 643 KB
80 KB 75ms
75ms XHR
application/json 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/gvl.json?v=9&lang=en
Requested by: Host: offer.ru
URL: https://offer.ru/js/cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d35d251c824b861932e38327d0343c99e1178de5f14e932718c162472f8bdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

server: cloudflare
cache-control: public, max-age=345600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdvmDQzAAuQnmGuct8pMJNOujaOAnKl5JlUWY2AOGQgQBeTBlsCFoO%2Fc2Hu2eiNBvHmDGS0LXtmknn1D8kGgz82TQ5Gnb8iYuvgxfkP9hlaG3rRJ9dxHGlm%2Ffb6dnqYy5fOSUPp%2FW1%2Fq2PRI"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f446e6fece63618-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6813&min_rtt=6603&rtt_var=692&sent=16&recv=12&lost=0&retrans=0&sent_bytes=7680&recv_bytes=4810&delivery_rate=139981&cwnd=12000&unsent_bytes=0&cid=0ea61c120d81d4cb&ts=118&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: application/json
last-modified: Thu, 19 Dec 2024 03:50:57 GMT
vary: Accept-Encoding
priority: u=1,i

GET 2024-02-13-300x169.jpeg
gadgetstouse.com/wp-content/uploads/2024/06/ 0
0

GET
H2 200 ezqlog Show response
g.ezoic.net/ 0
21 B 9ms
9ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Foffer.ru%2F%22%2C%22name%22%3A%22%2Ftardisrocinante%2Fscrex.js%22%2C%22path%22%3A%22%2Ftardisrocinante%2Fscrex.js%3Fgcb%3D3%26cb%3D5%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%7D
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
content-length: 0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H3 200 gvl.json Show response
the.gatekeeperconsent.com/cmp/ 48 KB
10 KB 29ms
29ms XHR
application/json 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/gvl.json?v=9&lang=de
Requested by: Host: offer.ru
URL: https://offer.ru/js/cmp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27b385d4377a7824e49e83c7c01ece42fe1046528d110f6ac787d74535e6bac1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

server: cloudflare
cache-control: public, max-age=345600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEDj9mEdEQe8IhRaJsf2jcKyCJgl2Vl5sCfEkqRFYxL921DA3XkSOPCuY%2BkFXmhLeXZz2pNTh3IlEjo%2B8zGwZBKCyRCPyEZ51GezJHkxk6cnlxSDTPIcxDbBtg6H%2FRhZdE3EiYGUjmBltvwE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f446e709d1b3618-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7075&min_rtt=6603&rtt_var=321&sent=88&recv=48&lost=0&retrans=0&sent_bytes=90988&recv_bytes=6650&delivery_rate=6322598&cwnd=45600&unsent_bytes=0&cid=0ea61c120d81d4cb&ts=174&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: application/json
last-modified: Thu, 19 Dec 2024 03:50:57 GMT
vary: Accept-Encoding
priority: u=1,i

OPTIONS
H3 200 main_modal_firstpage
the.gatekeeperconsent.com/cmp/v2/ 0
0 18ms
18ms Preflight
text/plain 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domain=offer.ru&region=default&lang=de-DE&cb=295&changeLogId=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://offer.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8f446e70cd3d3618-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Thu, 19 Dec 2024 03:50:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=1,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GW42nINegwv3liLkXjjLCCXAyGQ6ALvXipiI5guL983%2Bjse3Pn4jubb%2Bk6vqLQ3zwMR4i4EZdJciZzPMxMHZ5wnE5EyLLtfu8r5v%2BVSi5xv0qOyChGplv29sDzreNOwpNvg61dNQuxJ2F5SW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=7240&min_rtt=6603&rtt_var=270&sent=98&recv=53&lost=0&retrans=0&sent_bytes=101486&recv_bytes=7206&delivery_rate=388997&cwnd=45600&unsent_bytes=0&cid=0ea61c120d81d4cb&ts=201&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers

GET
H3 200 main_modal_firstpage Show response
the.gatekeeperconsent.com/cmp/v2/ 22 KB
5 KB 131ms
131ms Fetch
text/html 172.67.199.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://the.gatekeeperconsent.com/cmp/v2/main_modal_firstpage?domain=offer.ru&region=default&lang=de-DE&cb=295&changeLogId=0
Requested by: Host: offer.ru
URL: https://offer.ru/js/tulsa.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.199.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2be6a88ff29f3da79721e83f0f319c04ccea672f6268eb074ef8ed20751593

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://offer.ru/

Response headers

access-control-max-age: 1728000
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7mO2xjszw0gE7WRDMKOiAsrFoZ6KMNVJpFN%2FYHbiA6EF6QYvQTRKR62rYTLxhQwme6YQFk0fL712DX5LhgythFQgmN3%2BAniFaSHQ48U6kwGeEA149f4eq26FjysjxwitfrAUBSHVH7gtfhdJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, PUT, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7178&min_rtt=6603&rtt_var=327&sent=100&recv=54&lost=0&retrans=0&sent_bytes=102290&recv_bytes=7579&delivery_rate=41429&cwnd=45600&unsent_bytes=0&cid=0ea61c120d81d4cb&ts=333&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
priority: u=1,i
access-control-allow-headers: Content-Type
last-modified: Thu, 19 Dec 2024 03:50:57 GMT
cache-control: public, max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8f446e70ed573618-FRA
access-control-allow-origin: https://offer.ru
server: cloudflare

GET
H2 200 ezqlog Show response
g.ezoic.net/ 0
21 B 10ms
10ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Foffer.ru%2F%22%2C%22name%22%3A%22%2Fdetroitchicago%2Fboise.js%22%2C%22path%22%3A%22%2Fdetroitchicago%2Fboise.js%3Fgcb%3D195-3%26cb%3D5%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%7D
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
content-length: 0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H/1.1 404
Not Found script_delay.js
offer.ru/tardisrocinante/ 0
0 21ms
21ms Script
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/tardisrocinante/script_delay.js?gcb=3&cb=2
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

GET
H2 200 ezqlog Show response
g.ezoic.net/ 0
21 B 10ms
10ms XHR
text/plain 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezqlog?d=%7B%22url%22%3A%22https%3A%2F%2Foffer.ru%2F%22%2C%22name%22%3A%22%2Ftardisrocinante%2Fscript_delay.js%22%2C%22path%22%3A%22%2Ftardisrocinante%2Fscript_delay.js%3Fgcb%3D3%26cb%3D2%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%7D
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

x-robots-tag: noindex
access-control-max-age: 1728000
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://offer.ru
content-length: 0
date: Thu, 19 Dec 2024 03:50:57 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
server: Apache/2.4.39 (Ubuntu)
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK cropped-GTU-Favicon-1-32x32.png
offer.ru/images/ 707 B
945 B 13ms
13ms Other
image/png 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/images/cropped-GTU-Favicon-1-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: a196145e8c5d805288fe6b05e95d9096de2affc65805eda88d3f1842af4817ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://offer.ru/

Response headers

ETag: "676129a8-2c3"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 707
Date: Thu, 19 Dec 2024 03:50:57 GMT
Content-Type: image/png
Last-Modified: Tue, 17 Dec 2024 07:35:04 GMT
Server: nginx/1.20.2

POST
H/1.1 404
Not Found lcpel.go Show response
offer.ru/cheetah/ 214 B
407 B 23ms
21ms XHR
text/html 45.88.106.25
ON-LINE-DATA Zomr...

General

Check archive.org

Show headers Download Go to

Full URL: https://offer.ru/cheetah/lcpel.go
Requested by: Host: offer.ru
URL: https://offer.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.88.106.25 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Zomro B.V., NL),
Reverse DNS: loveread.fun
Software: nginx/1.20.2 /
Resource Hash: 32d6474e04a204fed3535c8c2804149170cb53fd85ddc992705c5d8708d095bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://offer.ru/

Response headers

Transfer-Encoding: chunked
Date: Thu, 19 Dec 2024 03:50:59 GMT
Content-Type: text/html; charset=iso-8859-1
Server: nginx/1.20.2
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gadgetstouse.com
URL: https://gadgetstouse.com/wp-content/uploads/2024/06/2024-02-13-300x169.jpeg?ezimgfmt=ng:webp/ngcb2

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://offer.ru/data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20width=%2230%22%20height=%2230%22%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/ezais/analytics?cb=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20width=%22300%22%20height=%22169%22%3E%3C/svg%3E Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/detroitchicago/tulsa.js?gcb=195-3&cb=9 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/parsonsmaize/abilene.js?gcb=195-3&cb=0db397a922 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/tardisrocinante/lazy_load.js?gcb=3&cb=6 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/tardisrocinante/surgeonv2.js?gcb=195-3&cb=2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/tardisrocinante/screx.js?gcb=3&cb=5 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/detroitchicago/boise.js?gcb=195-3&cb=5 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/tardisrocinante/script_delay.js?gcb=3&cb=2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://offer.ru/cheetah/lcpel.go Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

g.ezoic.net
gadgetstouse.com
go.ezodn.com
offer.ru
region1.google-analytics.com
securepubads.g.doubleclick.net
the.gatekeeperconsent.com
www.googletagmanager.com
gadgetstouse.com
142.250.185.98
172.67.199.186
188.114.96.3
2001:4860:4802:32::36
2606:4700:20::681a:12d
2a00:1450:4001:811::2008
2a05:d014:776:a63e:ceb:15ad:bbb7:6a9d
45.88.106.25
03ac47569a4c49af3204edc42f44be039d22bffa1ce769c53fc90defb3b7e34d
0fb66a8da379df7c627a1ad36a39dcf7adf27f0c89e07e573a000db538e01f1a
13d35d251c824b861932e38327d0343c99e1178de5f14e932718c162472f8bdb
1858e2584fc1bb95f69db130ec95f7d3672b71680fc75f317b9f1304792b6f02
1c2be6a88ff29f3da79721e83f0f319c04ccea672f6268eb074ef8ed20751593
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27b385d4377a7824e49e83c7c01ece42fe1046528d110f6ac787d74535e6bac1
28695d26fcd43105b9faee82a93a29d35cfa36eaac1ade150d4e1bdd672062ab
2b38d7db427ab21e57ae0fecff6ec36666a965a1ffabaaf8a26551a6718c2de4
32d6474e04a204fed3535c8c2804149170cb53fd85ddc992705c5d8708d095bf
3a10429d3ecaf95fa82710739a9dce9a05ba0643658ca2290f8b1edb38144a78
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502
3c3f9c038e6c64225ad9de0b2023723e2f1909f39033bb86db904cf344ff7b42
4312adc097d2967f9ac2162dc5282654da1b2ea29203e48cd714a315b744df3d
4aae69a08664247c24444bd61fc9ac4b2832384d45882e73555e6dbec34edea9
570b51e81d042f27873a0912b853e44ef1bee0fd00e3fd37ce166b4933aca04b
5b7bc666d9ac260afd55a9956481262a89f12f6bd916b19a5216cc262a4b1696
6c3f52ef7d0750aea632660d5e559f4e461c2f8f4fd4f43c103209d618a2c7d7
71352cc0cd12c1a196dae93f05eb98773edf427d663aef0ee05a560f8f5291a1
8dd170013a5961d8e5cecfe293b157f2c27f21cc341997168764478e1c3b49a0
9202936bc04f3327103c738638ba5f8190401d36f96fa749913219bbc8053663
925beb768cc9209c0f4de784f15d6c1dde72232c5b457cb186fdea749d07eae8
92d57d8dac1e95663d2cde13138d81e1a367946ce8c9ac9a87f549ff94bcc4a9
95a148304dd6f7e55a8b1dcde6797d36ba976f90b752e8d58cb1330bca8f1f20
9d0482c2106482ed562c2d2a4b924d80df05f92ee4a1826d87c8d8a4fc2af246
a196145e8c5d805288fe6b05e95d9096de2affc65805eda88d3f1842af4817ce
a1c0f126e8c3ef15adc441bfafd3ef39cb860060413c8da748c2999ff54870cd
a4027ebfb50ba81509373fdb3d2f04b1589a9553d8774c8bedb0542fb9d07d0e
a4fafcd389d58bbd82e49d9a68e81e9dc8384330ff14ec3283a4d0d11812047b
a94be14c0d7b5a0226caecd280c3600ec0cd2ebea5c90f8037e574ef777bc90c
ab380bfc0c9e9936a146d17e86f923f2274b5c1bd49fca8f8c00b2e66203587f
b040f67d7ee2041edd4110bcc00c7db68d2c7d495f9b95727a4c5b8cb929b231
b3933333708bcdfeac7e6f6bba31beb1bc61e33c5a827362565f28e3b9c09350
b7401399a7d14377381e795d08ae22f82ac7f6190589f62db0b5d9920ace1590
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cd0995202ea020edefb243657fd08f87d906f465283caa6f7e6f3d8e48db340e
cd94f0599977a9529cf07a75bd18e3baaaedb35b3fbb6a4eeb98b339faa178e9
cf9d6d0b36c4e43bb90e28078c16ba093457e2bea78030d65502f9ca66a0f85b
d30c86402504a0516cf9e037c138674e1d7720063005aa93fc19bc0486d2a106
e039a8d5d8eb27842fb7a6a566ae495027fd440194c22d738d79bb1fd2fd7efb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4295f0f09a0f04e82fa95c28109ac130e9a4d8a4eba0ef5513ea2ea8734e0d3
e48dc0bc497b0f08632dad8cea27045a32ce2cf2971b31c6a81a8a3b0eead0c5
ee8b3be2dddf3ead4303151e98c78244c0cb2efdbdb01206d474b6d9e8928799
f064836d5aced3b0b6c0442c4501dc40cf78cf9cfd34f0fcd781ef1729dd5528
f3954f68a37b99d294258ba83caad8941974dd00af2a86ea9928615aff110232
f43596f7fe4c61d350362b2dbf26b7b0d9bc4a88b5bce6c30faff14c90c63be1
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

offer.ru Open in urlscan Pro 45.88.106.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

9 IPs

3 Countries

1953 kBTransfer

3781 kBSize

0 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offer.ru Open in urlscan Pro
45.88.106.25 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

1953 kB
Transfer

3781 kB
Size

0
Cookies

64 HTTP transactions
1 data transactions