insaneoffrsforyou.com Open in urlscan Pro
2606:4700:3030::6815:5059 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3olozqe#c11156EGiln2821754IcTe35HtC1324Qfkg1242/OG5V05AP9J.ZYZOMN9Y33K2OFPND60H.AIP4JSF5AFTROMZP...
Effective URL:
https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&ac...
Submission: On August 02 via api (August 2nd 2021, 4:16:41 pm UTC) from BE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3030::6815:5059, located in United States and belongs to CLOUDFLARENET, US. The main domain is insaneoffrsforyou.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2021. Valid for: a year.

This is the only time insaneoffrsforyou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	23.254.217.227 23.254.217.227	54290 (HOSTWINDS) (HOSTWINDS)
1 1	34.102.211.173 34.102.211.173	15169 (GOOGLE) (GOOGLE)
1 1	13.248.176.207 13.248.176.207	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:303... 2606:4700:3030::6815:5059	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	107.6.155.2 107.6.155.2	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
41	7

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.254.217.227 (United States) 1 redirects

ASN54290 (HOSTWINDS, US)
PTR: cat-email.com

cat-email.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.211.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.211.102.34.bc.googleusercontent.com

www.zincmedenic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.176.207 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb2870044200d04a.awsglobalaccelerator.com

t.trkngoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3030::6815:5059 (United States)

ASN13335 (CLOUDFLARENET, US)

insaneoffrsforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

static-13333.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.6.155.2 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
PTR: newhost003.setupcentral.network

api.secureleadsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	kxcdn.com static-13333.kxcdn.com	704 KB
12	insaneoffrsforyou.com insaneoffrsforyou.com	242 KB
5	gstatic.com fonts.gstatic.com	89 KB
2	cat-email.com 1 redirects cat-email.com	572 B
1	secureleadsnow.com api.secureleadsnow.com	9 KB
1	googleapis.com fonts.googleapis.com	871 B
1	trkngoo.net 1 redirects t.trkngoo.net	2 KB
1	zincmedenic.com 1 redirects www.zincmedenic.com	420 B
1	bit.ly 1 redirects bit.ly	248 B
0	uinames.com Failed uinames.com Failed
41	10

	Domain	Requested by
19	static-13333.kxcdn.com	insaneoffrsforyou.com static-13333.kxcdn.com
12	insaneoffrsforyou.com	cat-email.com insaneoffrsforyou.com static-13333.kxcdn.com
5	fonts.gstatic.com	fonts.googleapis.com
2	cat-email.com	1 redirects
1	api.secureleadsnow.com	static-13333.kxcdn.com
1	fonts.googleapis.com	static-13333.kxcdn.com
1	t.trkngoo.net	1 redirects
1	www.zincmedenic.com	1 redirects
1	bit.ly	1 redirects
0	uinames.com Failed	static-13333.kxcdn.com
41	10

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.secureleadsnow.com AlphaSSL CA - SHA256 - G2	`2020-11-01` - `2021-12-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
Frame ID: F5F42ED0ED800CADC71929712EFE16B4
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3olozqe HTTP 301
http://cat-email.com/rd/ Page URL
http://cat-email.com/track/c11156EGiln2821754IcTe35HtC1324Qfkg1242/OG5V05AP9J.ZYZOMN9Y33K2OFPND60... HTTP 302
https://www.zincmedenic.com/2H24F4C/C3RB9GX/?sub1=8&sub2=1242-11156&sub3=2821754-35-1324 HTTP 302
https://t.trkngoo.net/c?aid=eKvWz5&lpid=Cod3yl&aff_sub4=926&aff_sub2=8&aff_sub5=fa5798fcdbf04ccda8... HTTP 302
https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&af... Page URL

Page Statistics

41
Requests

93 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

7
IPs

4
Countries

1049 kB
Transfer

24836 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3olozqe HTTP 301
http://cat-email.com/rd/ Page URL
http://cat-email.com/track/c11156EGiln2821754IcTe35HtC1324Qfkg1242/OG5V05AP9J.ZYZOMN9Y33K2OFPND60H.AIP4JSF5AFTROMZPGIT5TSVJ6K732ABHJFN60HAG7U0X2E0MCT/ HTTP 302
https://www.zincmedenic.com/2H24F4C/C3RB9GX/?sub1=8&sub2=1242-11156&sub3=2821754-35-1324 HTTP 302
https://t.trkngoo.net/c?aid=eKvWz5&lpid=Cod3yl&aff_sub4=926&aff_sub2=8&aff_sub5=fa5798fcdbf04ccda82270b895fc8361 HTTP 302
https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3olozqe HTTP 301
http://cat-email.com/rd/

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
cat-email.com/rd/
Redirect Chain

https://bit.ly/3olozqe
http://cat-email.com/rd/

235 B
352 B

322ms
291ms

Document
text/html

23.254.217.227
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: http://cat-email.com/rd/
Protocol: HTTP/1.1
Server: 23.254.217.227 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: cat-email.com
Software: /
Resource Hash: e46f3127e1d2d73084efc503b86c3c5ab7091677b493e10d59f0cf4375b9a1e7

Request headers

Host: cat-email.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Mon, 02 Aug 2021 16:16:19 GMT
Content-Length: 235

Redirect headers

server: nginx
date: Mon, 02 Aug 2021 16:16:18 GMT
content-type: text/html; charset=utf-8
content-length: 111
cache-control: private, max-age=90
content-security-policy: referrer always;
location: http://cat-email.com/rd/
referrer-policy: unsafe-url
set-cookie: _bit=l72ggi-3e12bbdd2eb6500d37-00l; Domain=bit.ly; Expires=Sat, 29 Jan 2022 16:16:18 GMT
via: 1.1 google
alt-svc: clear

GET
H2

200

Primary Request / Show response
insaneoffrsforyou.com/btc-era-1-step/
Redirect Chain

http://cat-email.com/track/c11156EGiln2821754IcTe35HtC1324Qfkg1242/OG5V05AP9J.ZYZOMN9Y33K2OFPND60H.AIP4JSF5AFTROMZPGIT5TSVJ6K732ABHJFN60HAG7U0X2E0MCT/
https://www.zincmedenic.com/2H24F4C/C3RB9GX/?sub1=8&sub2=1242-11156&sub3=2821754-35-1324
https://t.trkngoo.net/c?aid=eKvWz5&lpid=Cod3yl&aff_sub4=926&aff_sub2=8&aff_sub5=fa5798fcdbf04ccda82270b895fc8361
https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=...

18 KB
6 KB

369ms
342ms

Document
text/html

2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg

Requested by

Host: cat-email.com
URL: http://cat-email.com/rd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

0dee947bbca7eccdb9a7dbd0756fbf7e30af8bc065bff5f3fdd25d710846f6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: insaneoffrsforyou.com
:scheme: https
:path: /btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://cat-email.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://cat-email.com/rd/#c11156EGiln2821754IcTe35HtC1324Qfkg1242/OG5V05AP9J.ZYZOMN9Y33K2OFPND60H.AIP4JSF5AFTROMZPGIT5TSVJ6K732ABHJFN60HAG7U0X2E0MCT/

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; expires=Mon, 02-Aug-2021 18:16:20 GMT; Max-Age=7200; path=/ c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9; expires=Mon, 02-Aug-2021 18:16:20 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 2
x-powered-by: centminmod
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6OQuneHMgsYtEj3FugSP2IcshILp%2BGM635y0QiuEtW%2B2yPaprfb53MIXfyPDPTR6AD%2F5IQcAHZizpqcl1Hi1YsJEzukc%2FXzN3JLk1RcYxVRD0MZET8aQoyyHpbk%2Bg0l20Hnbbz08PPb1UVjSSnCgk3TkEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67889c2f7de04eb6-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

apigw-requestid: DckNKh7SjoEEMRQ=
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 67889c2d5acbce8b-LHR
content-type: text/html; charset=UTF-8
date: Mon, 02 Aug 2021 16:16:20 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dajfne0E%2FUn8%2BZg8eX3Qf82IQtAcRpaLowFi5C5vk3YYx7YvIdBOQEDp74mKSfzGVLn9LGIrirJ5SackNS%2F4xCpM8f5X%2FxFG%2BlatM8nSkCwcQTu8qwN%2Bg4ExjvafHZBBvuhyTX3MnKRk1ipO1DUviFoJtjsDAgjxEvhbtsvvk%2Fg%3D"}],"group":"cf-nel","max_age":604800}
server: Caddy cloudflare
set-cookie: XSRF-TOKEN=eyJpdiI6Ii9qYkhxd1hOM0pRVWdBY0lBSWF1NUE9PSIsInZhbHVlIjoiWEk2MTZrTmJjVVpkNkFsdWExTis2MUIzZVBGWU5UeTh1ZEIybXFjOFlEY21tVEJiZnQ0dkdEM2F4b1U2Skk4cjkxMmVaek5OM2l3MnZWa1dGaUU5QWxIdlhmdkJxM1lyZ0xVOGplS3JhcGlQUDB4YTlWRWJodFMvbnozZC9abXQiLCJtYWMiOiJiYTY3MDFkZDUxYTk2M2Y5Njg4YzU4ZDYxYTc0NDVkNDk1Mjg4MDMxNWY1OWJjNDY2NjZhY2U3NDc0ZDc1OWIyIn0%3D; expires=Mon, 02-Aug-2021 18:16:20 GMT; Max-Age=7200; path=/; samesite=lax clickbit_session=eyJpdiI6ImtEbWlZTm1qa0VUYlhsVGw4MlFEU1E9PSIsInZhbHVlIjoiS1dXcDdNNVAvYnY0MmdhTThWazBSM2N6SkozMVBqbjVyRUpQYnNXeUdXNGFJaE9LV1VNTm52WS9rM3BFZ1FQSGtHdlNFZDFMeElZbUJuOHNudW1vYWR2NU5oVVB0OFZUTUt3dDBQSVJKSDBYVmtHK0dBTVUwNEZmRXFBSEFFUGEiLCJtYWMiOiIyMTIxYTQzNGZlMWM5ZGIxYmZhNTQzYjM5ZDY3NjE3OTE2M2IxMDM3YWM5ZWViNzdkNzkzZjk5ZmViN2YyMzhjIn0%3D; expires=Mon, 02-Aug-2021 18:16:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax cid=eyJpdiI6ImQ1TDhBRkFRZFVxMlpuaCtaZnI4Q3c9PSIsInZhbHVlIjoiOE9RUDdwdEl3RkViSVM3eWRFYmhJemUzR2JsZFFMY3ZBR3VLZGQxTFhBWFNRSldiczlSVVR4WFNPZis4eVBFaHpvWnZQa0hlQUl3M2phRWg4YW5NTm1XNEYxYk1LZ2o4aEg0U0xzY3gvdWM9IiwibWFjIjoiNjEwZWEwYzRkM2FkYzRkYWFkMDc1ZjdlZTkyMDE4ODBmNzJhYzI3NmYzNjViNGJhOTA2YzU5ZmQyNGJkNjBkNCJ9; expires=Sat, 04-Mar-2073 08:32:40 GMT; Max-Age=1627920980; path=/; httponly; samesite=lax RIGhWv2VHqxxpcW0s7O7aDxgD8ALybYQM4g9Tf1P=eyJpdiI6InphNVpmMklDcG00ODQzYVNIWHA3R1E9PSIsInZhbHVlIjoibHUwdldKYWtvMkp3YW9tZEtkd3FISzcreFdKUzQ0ZFBwN0FwMi9OOHQvdmZ3bW5GdEZvNlEyU051dldEM0grYTNRZnUvaWMwU0JpZzF1cm1FYXE0eTJvdThUT1lCRWExNHUrK2VFRi9POUJtZEVsV0preWEyMDV3NUNVNllRTXd4eGNINS9JVHBmWUpDbGljOUVhOGk0K0NmTkVoTU1sVzdXTXQzODFsdUdIWlZEWFA0Y0k0U2UrSk9oSC9UamgvQlVSUUp2QVowVkNnVm9wdEYybGd0RkVXaldlMExhb2lwVGlvSm1kaHBEL3l1U3BodGdIWkQxcGZwZEV0SEdUWDVXUjFZR3M2QmlHcVoyMVhMNlJzdUZ4akVUTjY4V2tGODV2RExlVjlqSHRvMmNCZC9mRXh3ZlZFS0UrUGJlZ1RLMHQ0ZWJJbDVMV3hzNXJxWTZrMEpmNkE0WmFCN1FOK2FsY1A5YmVCdzcxOUJiTWpJQnZ1OFBnTGNnTDYybHpjSjlwVWdib3FhZHRtVEVkSy9FMjJOaFY3cWZyNTFVZFRjWFBSR2ZhVVQ3SmZEQWQ2K3l0S3dnUCt1WUZrRm9XTWVrMUJNRnFnTFBjbjcyZllQUWZmK21FcGQ4VGJnYUdiVlh2dERBMDVjc009IiwibWFjIjoiYzgyMWFlYTE4Nzc1YzFjMzFjYTA5MGM4NDg4N2UzNzU1NjI3Mzk5NmFkNGQ3MjRlYzFkNTQ2MDA0ZjJlM2M5ZSJ9; expires=Mon, 02-Aug-2021 18:16:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 1306

GET
H3-29 200 forms.css
insaneoffrsforyou.com/css/ 20 KB
4 KB 40ms
20ms Stylesheet
text/css 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/css/forms.css?id=108aa07ef4cadffb88ba

Requested by

Host: insaneoffrsforyou.com
URL: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/forms.css?id=108aa07ef4cadffb88ba
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6945
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 09:53:53 GMT
server: cloudflare
etag: W/"6103cc31-5107"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNCUu4Qq1RnctrJbc%2FE3xrqjjncU0Z0MlW%2FBhaKcMgj7js1QhMLsv3gF4DcEi%2BnrwtpxzlXxJRPu8A53jI2U2JssLTqCUnUUkEyjtNz4SuaCyYIzLtjGN%2F1mU6H460iuu%2BZPmBeMmmv9fG9ALF7J2%2BEUyek%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67889c31cdaa4dd6-FRA

GET
H3-29 200 flow.css
insaneoffrsforyou.com/css/ 385 B
811 B 33ms
14ms Stylesheet
text/css 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/css/flow.css?id=1a2dada5ba76c1b29ae1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/flow.css?id=1a2dada5ba76c1b29ae1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6945
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 09:53:53 GMT
server: cloudflare
etag: W/"6103cc31-181"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZD01cWTX6Wcjkstg6rwUCWaSkgsSpmLeAKXglNTlKNASbNL0uR0QzJOKKHOm6keE%2FZQfBqKodseniESSJc6OVbHT0GQwjXRJ%2FjTsk2Y8nXrEyjko284sbe1tsNZ5jcB%2BryiXxOFdISwLaNpHxZf%2F23vI0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 67889c31cda74dd6-FRA

GET
H2 200 funnel.css
static-13333.kxcdn.com/6482/build/ 86 KB
25 KB 27ms
11ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/6482/build/funnel.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c36627640fd8ab54c7b17824f968a4652bbb57469106f9a5a8656cc1e8dab2ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
content-encoding: gzip
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156cef-006107da09-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
last-modified: Mon, 02 Aug 2021 11:30:06 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"21a7746347caa29e70399e360057e32a"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904732.dop231.fr8.t,1627904732.cds229.fr8.shn,1627904732.dop231.fr8.t,1627904732.cds011.fr8.c
content-type: text/css
access-control-allow-origin: *
x-rgw-object-type: Normal
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 logo.png
static-13333.kxcdn.com/6482/images/ 21 KB
21 KB 26ms
15ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

b8d10960a3b95d49ee478c3961b904afeca854eb6e827d087b552297f6891b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156eb8-006107da0b-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 21482
last-modified: Mon, 02 Aug 2021 11:30:14 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "753d2ce47e70ab63c1429c25a4ad2627"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop224.fr8.t,1627904733.cds246.fr8.shn,1627904733.dop224.fr8.t,1627904733.cds108.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 de.png
static-13333.kxcdn.com/6482/images/flags/ 247 B
757 B 26ms
15ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/flags/de.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

1d42160b431a3e0b00019d4ffa4b3d83a2c97b2dbe927d69a90bb7f0f15bf88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000214fda4-006107da0b-ddba9ba-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 247
last-modified: Mon, 02 Aug 2021 11:30:24 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "abbd4565f7bcef8dc782a07aeaae4d2d"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627905130.dop012.fr8.t,1627905130.cds257.fr8.shn,1627905130.dop012.fr8.t,1627905130.cds276.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 25.jpg
static-13333.kxcdn.com/6482/images/ 6 KB
6 KB 26ms
15ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/25.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

422aa7ce6458e63455a095564312cd35b2a303721d1f4d93715ba7cfc93b67eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156ebc-006107da0b-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 5736
last-modified: Mon, 02 Aug 2021 11:30:35 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "a54c10b498dac58bd99db90ac598782b"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop156.fr8.t,1627904733.cds263.fr8.shn,1627904733.dop156.fr8.t,1627904733.cds285.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H3-29 200 check-icon.png
insaneoffrsforyou.com/images/ 44 KB
45 KB 29ms
24ms Image
image/png 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insaneoffrsforyou.com/images/check-icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /images/check-icon.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6881
x-powered-by: centminmod
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45018
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 09:51:39 GMT
server: cloudflare
etag: "6103cbab-afda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CydyZ3dRDqjxmJtQatf3aSzGrYyAVzstNQHUMBuI775TEfxcUkKhE2HvYwYicQQ80mMHMN1Howh2IB%2B0DFTi1yeFHyubzkIFgltLghTqiMa8B2F0mbEY6RSfNtpk0my%2BAx2qwPOQf4MtnjXeu%2Fv1htuhbhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67889c321e4c4dd6-FRA

GET
H2 200 bitgo.png
static-13333.kxcdn.com/6482/images/ 3 KB
3 KB 25ms
15ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/bitgo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

1fc8e6727261493f50889b598f27917a7602e389c5e5c9673a68d7fe8c7ae690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000214c7a4-006107da0b-dde614e-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 2730
last-modified: Mon, 02 Aug 2021 11:30:33 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "1ea46dc255607b36f58d23153acd85de"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop224.fr8.t,1627904733.cds239.fr8.shn,1627904733.dop224.fr8.t,1627904733.cds041.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 norton.png
static-13333.kxcdn.com/6482/images/ 3 KB
3 KB 25ms
15ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/norton.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

afbde665b6ebecf065a17a2b7c1cdc2829742f917489c42b949899033c3ea31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156eb6-006107da0b-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 2613
last-modified: Mon, 02 Aug 2021 11:30:33 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "d07fc3c785ff256f51c633a4c2415269"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop012.fr8.t,1627904733.cds103.fr8.shn,1627904733.dop012.fr8.t,1627904733.cds134.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 secure-trading.png
static-13333.kxcdn.com/6482/images/ 2 KB
3 KB 25ms
15ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/secure-trading.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ef45d80726b8c990fc92c1ea7f76cd4658720110ee81f4adca1da3b6524e74ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156eb7-006107da0b-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 2522
last-modified: Mon, 02 Aug 2021 11:30:12 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "a69e26a7e05cfbc0a29ddae348fbdd62"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop224.fr8.t,1627904733.cds168.fr8.shn,1627904733.dop224.fr8.t,1627904733.cds134.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 mcafee.png
static-13333.kxcdn.com/6482/images/ 3 KB
3 KB 25ms
16ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/mcafee.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

28364aa92a4fd3114ac1857ea592e4202e58bd8a96b5a2578c58beb438a8e8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx0000000000000021539bd-006107da0b-ddba53c-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 2615
last-modified: Mon, 02 Aug 2021 11:30:15 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "673d010c010b670b41834973abd5ae7c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop156.fr8.t,1627904733.cds011.fr8.shn,1627904733.dop156.fr8.t,1627904733.cds125.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 seenon.png
static-13333.kxcdn.com/6482/images/ 9 KB
9 KB 25ms
16ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/seenon.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c09e7658fcaa7d2089873ea3bed748bf37105d0f282b09b972b97c7587875bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000214fda8-006107da0b-ddba9ba-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 8854
last-modified: Mon, 02 Aug 2021 11:30:15 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "b06ee29cedc8a93dcc842521ae034a7f"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop156.fr8.t,1627904733.cds239.fr8.shn,1627904733.dop156.fr8.t,1627904733.cds133.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 girl-holding-bitcoin.png
static-13333.kxcdn.com/6482/images/ 210 KB
211 KB 25ms
16ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/girl-holding-bitcoin.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

0f4a18f6a6e6072657f1f4155a670cdc1abb13b24dbcac5e64e509fd324f7988

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156ebd-006107da0b-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 215001
last-modified: Mon, 02 Aug 2021 11:30:10 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "eca195c709ea405310215a6d31d87f05"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop156.fr8.t,1627904733.cds003.fr8.shn,1627904733.dop156.fr8.t,1627904733.cds154.fr8.c
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 806.gif
static-13333.kxcdn.com/6482/images/ 18 KB
18 KB 25ms
16ms Image
image/gif 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/806.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000214fdaa-006107da0b-ddba9ba-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 17963
last-modified: Mon, 02 Aug 2021 11:30:11 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "313d1440d21ae95e5dcfa2f447f14456"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop242.fr8.t,1627904733.cds163.fr8.shn,1627904733.dop242.fr8.t,1627904733.cds292.fr8.c
content-type: image/gif
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H3-29 200 sad-face.svg
insaneoffrsforyou.com/media/ 1 KB
1 KB 41ms
33ms Image
image/svg+xml 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insaneoffrsforyou.com/media/sad-face.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /media/sad-face.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6881
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 09:53:55 GMT
server: cloudflare
etag: W/"6103cc33-5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymHMhSw5bYKIkn5K626K%2FR%2BQwc7BxE4%2BWrL9XdIWqIsh2etYdHPntPX0gw%2BGewo70ZIAJcN6d6jqMdfLjoR%2BfLPdW3V0XdGvpQo0dQMf1Fygz9xOYZILqy58iMb7dsiwJD4ZylxguSzCYxsrpB9RTWlZX8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 67889c321e524dd6-FRA

GET
H3-29 200 email-decode.min.js Show response
insaneoffrsforyou.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0ba93ff33700004dd6cb3d0000000001
last-modified: Fri, 30 Jul 2021 12:02:59 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6103ea73-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm8%2Fmr2ndQjG%2BzTNt8FsN6KIj12bX1%2FuSPsa%2B9Jy%2BJ27rYbG39%2BFhtfMvEcyIcQVX4H%2BFep9GxNto0SNwcYtu7S%2BjoUL7nz0zfVRAuedk3IykwO9Vnu%2Bks3iQwGHSiOaf1IY%2FJfMIGmZPkVL4uzr7nY3Kro%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 67889c31fdf94dd6-FRA
expires: Wed, 04 Aug 2021 16:16:20 GMT

GET
H3-29 200 redirect.js Show response
insaneoffrsforyou.com/js/ 3 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/js/redirect.js?id=bd8708e91008076c9ff9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/redirect.js?id=bd8708e91008076c9ff9
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6881
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 09:54:01 GMT
server: cloudflare
etag: W/"6103cc39-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrK10Zr2w7dgHtaWW1YbGXzKoEWOPACOOiM%2F17nLIFTa82htjmdn8qzjprjlXhn1llo1MoH43%2BDKs1P6t6dfFBw8PNfcbVuul915nZgJu8Z8ErPWB8YyRbBpPQDOoVoq2xpnO0uCXtlCqO3pg3xPnCQLoiI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 67889c321e474dd6-FRA

GET
H3-29 200 l.js Show response
insaneoffrsforyou.com/js/ 402 KB
110 KB 53ms
49ms Script
application/javascript 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/js/l.js?id=bd86ffdc708808a99f5f

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

2061764c5f92cb8d1cdbda341933f3555ded9b5728473a63a54dd4aeec9699c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/l.js?id=bd86ffdc708808a99f5f
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6Ijk3aXRlUk9KTFpcL0hHRVVJMVZPUjFBPT0iLCJ2YWx1ZSI6IlhyMkJuY2ZvU3dxaXlzWDFhSzRMTURFMlE3WWE2d3QrdWNVR0M3anZcL3d5S1pTeGZkd1pMMVNCVFllVG5jaEJaIiwibWFjIjoiOTE5M2JjODIyOGQ3ZTVjYjhhNzllOTA5MTViNDAzYTg0M2QxZjhhNDgwMWZlODg0OGE4NWVkOTdjYWFkNmQ5NSJ9; c=eyJpdiI6InA1SGtJQW9kQXdyNENCN3pmSldzWFE9PSIsInZhbHVlIjoiaTdQbUJWbU5GQnQ1cW9EbFJFMkh5K2hISXd0XC9JNVViaW9NajlHT1wvc1BCUFR0dW9kcWN3U29TaUt0cGV3R2NvIiwibWFjIjoiN2Q5OWI1NGI0NzlmNzRjNDNjZjBkMDE1ZTU3YzBiYTFlNzQxZjgxODhmNmY0MDU1OTI1NjRhMDMwYzViNTc1MiJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6881
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 09:53:55 GMT
server: cloudflare
etag: W/"6103cc33-64656"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKoOZu%2BoX8zoGXJQGA4lLLBgZEZ7nYDkWk%2BCf73vyJluq0tTNx01h7%2BgP9%2FkSI9wtgPlxxeDGoBn3ixKvDipkotFRuvpDychrFqRzsNDTtI6AvOFtfocPYqQ4IglolDrbqUApEQWKeCdYXDKapnTYv85cC8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 67889c321e4b4dd6-FRA

GET
H2 200 funnel.js Show response
static-13333.kxcdn.com/6482/build/ 617 KB
214 KB 13ms
2ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/6482/build/funnel.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

9e8d4ba93949832a45e4ba4912c9867125ba5f90670290d2d581e5faf92db771

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
content-encoding: gzip
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000214fc64-006107da09-ddba9ba-ams3c
x-edge-location: defr
x-cache: HIT
last-modified: Mon, 02 Aug 2021 11:30:06 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"dfd20e3ed590f9a8c691e6723fa0b9a6"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904732.dop231.fr8.t,1627904732.cds210.fr8.shn,1627904732.dop231.fr8.t,1627904732.cds135.fr8.c
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
871 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,500,600,700&font-display=swap

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01274fbcd5505da92ecd3a08463ed10de9813f47ce0e9b380512115a72d14415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static-13333.kxcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 16:13:46 GMT
server: ESF
date: Mon, 02 Aug 2021 16:16:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 02 Aug 2021 16:16:20 GMT

GET
H2 200 video-form-blue-bg.jpg
static-13333.kxcdn.com/6482/images/ 84 KB
85 KB 17ms
16ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/video-form-blue-bg.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

b69ca4a846247c287a60bdb773b5f199e8f25fe18b0ac62dd7ec3293144f1c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/6482/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002153a06-006107da0b-ddba53c-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 86082
last-modified: Mon, 02 Aug 2021 11:30:35 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "460a3974f0e1cf310d71762d53e08a01"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop156.fr8.t,1627904733.cds237.fr8.shn,1627904733.dop156.fr8.t,1627904733.cds123.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 form-header-blue-bg.jpg
static-13333.kxcdn.com/6482/images/ 4 KB
5 KB 16ms
16ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/form-header-blue-bg.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

bca01b15a583e0c1db14b95b4759ee832ce1a800858bdf48f33911dad3abbbcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/6482/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002153a0c-006107da0b-ddba53c-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 4345
last-modified: Mon, 02 Aug 2021 11:30:12 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "4c8ba45328d7f2268c448d2e3114a0d2"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop242.fr8.t,1627904733.cds133.fr8.shn,1627904733.dop242.fr8.t,1627904733.cds097.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 form-bg.jpg
static-13333.kxcdn.com/6482/images/ 5 KB
5 KB 17ms
16ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/form-bg.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

26f70b0ea2858061fca2369839f0331c42c44ccef11ca17d4b6a3b91f739f898

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/6482/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156f12-006107da0b-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 4669
last-modified: Mon, 02 Aug 2021 11:30:34 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "e1bb2abb79d82f3b6fe958e39dbe5f15"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop242.fr8.t,1627904733.cds280.fr8.shn,1627904733.dop242.fr8.t,1627904733.cds261.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 join-us-bg.jpg
static-13333.kxcdn.com/6482/images/ 6 KB
6 KB 16ms
16ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/join-us-bg.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ae19f3fb8ffb81594bc21748d0926039e897ef9c6ca6a9e148595c812c3a3a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/6482/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002153a0b-006107da0b-ddba53c-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 5727
last-modified: Mon, 02 Aug 2021 11:30:35 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "dae83a00a2a73ccdb952341dfeec5da9"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop012.fr8.t,1627904733.cds144.fr8.shn,1627904733.dop012.fr8.t,1627904733.cds126.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 pre-footer-bg.jpg
static-13333.kxcdn.com/6482/images/ 6 KB
6 KB 15ms
15ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/pre-footer-bg.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

dd6f27188160854c9b0b400016a4084b5d111bdbba476d17460139a6d80f52eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/6482/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx000000000000002156f01-006107da0b-ddba073-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 5753
last-modified: Mon, 02 Aug 2021 11:30:15 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "452810550349003b24c52a9b3c2c60f4"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904733.dop012.fr8.t,1627904733.cds253.fr8.shn,1627904733.dop012.fr8.t,1627904733.cds285.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,500,600,700&font-display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insaneoffrsforyou.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 08:34:22 GMT
x-content-type-options: nosniff
age: 546118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 08:34:22 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,500,600,700&font-display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insaneoffrsforyou.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:41 GMT
x-content-type-options: nosniff
age: 575979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:41 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,500,600,700&font-display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insaneoffrsforyou.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 571873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 01:25:07 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,500,600,700&font-display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insaneoffrsforyou.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 22:08:26 GMT
x-content-type-options: nosniff
age: 583674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 22:08:26 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Open+Sans:400,500,600,700&font-display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insaneoffrsforyou.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 597010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Jul 2022 18:26:10 GMT

GET
H2 206 bitcoin-de.mp4
static-13333.kxcdn.com/6482/media/ 22 MB
0 7ms
7ms Media
video/mp4 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/6482/media/bitcoin-de.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 02 Aug 2021 16:16:20 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000214ffba-006107da0d-ddba9ba-ams3c
x-edge-location: defr
x-cache: HIT
Content-Range: bytes 0-38006967/38006968
Content-Length: 38006968
last-modified: Mon, 02 Aug 2021 11:30:08 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "2a8f98f493e826febc2b6dc9feb867a5-8"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627905130.dop012.fr8.t,1627905130.cds278.fr8.shn,1627905130.dop012.fr8.t,1627905130.cds168.fr8.c
content-type: video/mp4
access-control-allow-origin: *
x-rgw-object-type: Normal
expires: Tue, 02 Aug 2022 22:05:20 GMT

GET /
uinames.com/api/ 0
0

GET
H2 200 Germany Show response
api.secureleadsnow.com/language/ 40 KB
9 KB 241ms
103ms XHR
application/json 107.6.155.2
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.secureleadsnow.com/language/Germany

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.6.155.2 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),

Reverse DNS

newhost003.setupcentral.network

Software

nginx /

Resource Hash

9935509393ae254c64bf718bd05e761e4340831fcff1df1b447841a7e0042b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://insaneoffrsforyou.com
access-control-expose-headers: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 crypto-prices Show response
insaneoffrsforyou.com/ 478 B
985 B 397ms
397ms XHR
application/json 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/crypto-prices

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/6482/build/funnel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

5a58adceb533cf19224c10a3a235996213e12328f5952a8a47a8ca6182e2a90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /crypto-prices
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: insaneoffrsforyou.com
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:21 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuVHOiluspn4UG%2Bndu4X3CDQVSaNK9rV%2BjbxGbbiJOEGJlwFfn65%2FDvj4tWBHdD5RxvY9EoE5l9ULKIGOY%2Ffsptx6gflYXMVFMWTwBUKp3BcfGCGQiBeHVQ9OxCjT6ljgxSjMlIl%2BKH0HgMwTnNz6%2FX08E8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InBoZ05zRGJPV21JWjlZMUtqaHA1M0E9PSIsInZhbHVlIjoiVzB3OXdiTnBSOFpQOEhyTFJ0bFFHeTVRMGVcL1RQZHRJeUZONDFjZmZmRHpIYzZUcnVLV1ErR1hweExOYVB4RjUiLCJtYWMiOiI3NDExM2M4NzI2YjZmNjg1YWM1NTYyYjllMDI0ZWVjZTlhYjRjNDBlNWZmOTQ1NDk2NDM4MWI4NWI4N2M0YTQzIn0%3D; expires=Mon, 02-Aug-2021 18:16:21 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImJJNlk0UHJ4eGtxZWZJTlRaeE9pdWc9PSIsInZhbHVlIjoic2x6Yk93N1dsK1lKdklXOTlNVzA1cE92WFo0MFM2S3ZZZmIyU0FtQnhWVWVjYnY0ZjNOSTJaaDRuWEtLVDlEZiIsIm1hYyI6IjM2M2Y4YTdiNWZhMGJhYTI0ZTEzZDk5OGEwNmE0ZmExODNkYWQwMDllNjZlZTI3MmExODVkZmI1NmYxMDRkZWQifQ%3D%3D; expires=Mon, 02-Aug-2021 18:16:21 GMT; Max-Age=7200; path=/; httponly
cf-ray: 67889c33add64eb6-FRA

GET
H2 200 locate Show response
insaneoffrsforyou.com/ 150 B
943 B 187ms
186ms XHR
application/json 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/locate

Requested by

Host: insaneoffrsforyou.com
URL: https://insaneoffrsforyou.com/js/l.js?id=bd86ffdc708808a99f5f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

a9444725fb48cd94db4b9c4e1544b3ace3c54ccd0d1a289f124d36b69c9d6a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /locate
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:21 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlWorvNcuiBTZGjJAodYtWiysTVSubGt3R8ovQz3YB9CtDvVLakOhtmT8jVj6Ph6zWTm7ALzyHIyRAsNld2JCONpCZFd%2FF97yPiA1cNTt7ZIcl7xEzQhuPIbMvPq2bc8kxUKn11%2B%2Fd5vtuTGdGpAwyCMats%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IituUFVmRjBwRDhVREVURURPKzRiaUE9PSIsInZhbHVlIjoiS0VlcXNMTjY2R28ramlyK1AzTDc2a3lOckVoK1RUQzlMc2tOd1Nrc3NZelhFaFB0N2V2d0VyVFdvSHdtQlZcL0QiLCJtYWMiOiJmYWM0MjljZDYwN2U1ZmU5ZjBjNDY2NDA4ODY3N2Y5N2M4NzcwYzFmNjM1MzU5YThiMzQ5ODMxMDIyMDkyYjVhIn0%3D; expires=Mon, 02-Aug-2021 18:16:21 GMT; Max-Age=7200; path=/ c=eyJpdiI6InNWdkVHWWRMcXVhYityS0tiV1FQRnc9PSIsInZhbHVlIjoicjVWZUx4MCt6XC9FZUFMZGxKZGVtdFhSc2htQ0FYUTFPN1A2R1dGaVIxVXdIajkyekEwb3JYU2NkcG9PVGhnem8iLCJtYWMiOiIwNWE0NTJmZWNmZWIwYjkxZTI1ZjkxMzVmOTBmYTFkNjI1NDg0YWQxNDY3ZjU5MWQxM2IzNTYxMmU4ZjdiNTE5In0%3D; expires=Mon, 02-Aug-2021 18:16:21 GMT; Max-Age=7200; path=/; httponly
cf-ray: 67889c33addc4eb6-FRA

GET
H2 200 flags.png
insaneoffrsforyou.com/images/vendor/intl-tel-input/build/ 69 KB
70 KB 14ms
14ms Image
image/png 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insaneoffrsforyou.com/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44

Requested by

Host: insaneoffrsforyou.com
URL: https://insaneoffrsforyou.com/css/forms.css?id=108aa07ef4cadffb88ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/css/forms.css?id=108aa07ef4cadffb88ba
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insaneoffrsforyou.com/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:21 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6361
x-powered-by: centminmod
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 70857
x-xss-protection: 1; mode=block
last-modified: Fri, 30 Jul 2021 09:54:01 GMT
server: cloudflare
etag: "6103cc39-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZEyy5C%2B7SUZOntkLzLtWtuZvkT7hALdy2nRS7%2FvwIkLRoXlisRrULStxJcIKXyBfW02xqBHt8vzRq324XZStqXjFbJjyrEhxOcAkr2qtJQ1zoEZUowJMVVDO6ED2%2Fg6nHl5BYAuWMSvWZI%2B%2FLMxIeNZooo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 67889c33ade04eb6-FRA

GET
BLOB 200
OK 6990557a-23a5-425c-a0f0-8790c7ddf3fa
https://insaneoffrsforyou.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://insaneoffrsforyou.com/6990557a-23a5-425c-a0f0-8790c7ddf3fa
Requested by: Host: insaneoffrsforyou.com
URL: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 videothumbnail.jpg
static-13333.kxcdn.com/6482/images/ 80 KB
80 KB 6ms
6ms Image
image/jpeg 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/6482/images/videothumbnail.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

a62988776ec9647d0dc43827b6a2796b220b37cdc7d3cbbfbe0795543e2ca7d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insaneoffrsforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 16:16:21 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-amz-request-id: tx00000000000000214cb56-006107da0f-dde614e-ams3c
x-edge-location: defr
x-cache: HIT
content-length: 81553
last-modified: Mon, 02 Aug 2021 11:30:34 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "12d2ebb1a475164ce356e90db7e982fb"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1627904734.dop242.fr8.t,1627904734.cds277.fr8.shn,1627904734.dop242.fr8.t,1627904734.cds001.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
expires: Tue, 02 Aug 2022 22:05:21 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://insaneoffrsforyou.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

POST
H3-29 201 event Show response
insaneoffrsforyou.com/ 2 B
1 KB 241ms
241ms XHR
application/json 2606:4700:3030::6815:5059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insaneoffrsforyou.com/event?hitid=940efd2c-af62-403a-9944-b3f40f3212c8

Requested by

Host: insaneoffrsforyou.com
URL: https://insaneoffrsforyou.com/js/l.js?id=bd86ffdc708808a99f5f

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://insaneoffrsforyou.com
x-xsrf-token: eyJpdiI6IituUFVmRjBwRDhVREVURURPKzRiaUE9PSIsInZhbHVlIjoiS0VlcXNMTjY2R28ramlyK1AzTDc2a3lOckVoK1RUQzlMc2tOd1Nrc3NZelhFaFB0N2V2d0VyVFdvSHdtQlZcL0QiLCJtYWMiOiJmYWM0MjljZDYwN2U1ZmU5ZjBjNDY2NDA4ODY3N2Y5N2M4NzcwYzFmNjM1MzU5YThiMzQ5ODMxMDIyMDkyYjVhIn0=
accept-language: en-US
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6IituUFVmRjBwRDhVREVURURPKzRiaUE9PSIsInZhbHVlIjoiS0VlcXNMTjY2R28ramlyK1AzTDc2a3lOckVoK1RUQzlMc2tOd1Nrc3NZelhFaFB0N2V2d0VyVFdvSHdtQlZcL0QiLCJtYWMiOiJmYWM0MjljZDYwN2U1ZmU5ZjBjNDY2NDA4ODY3N2Y5N2M4NzcwYzFmNjM1MzU5YThiMzQ5ODMxMDIyMDkyYjVhIn0%3D; c=eyJpdiI6InNWdkVHWWRMcXVhYityS0tiV1FQRnc9PSIsInZhbHVlIjoicjVWZUx4MCt6XC9FZUFMZGxKZGVtdFhSc2htQ0FYUTFPN1A2R1dGaVIxVXdIajkyekEwb3JYU2NkcG9PVGhnem8iLCJtYWMiOiIwNWE0NTJmZWNmZWIwYjkxZTI1ZjkxMzVmOTBmYTFkNjI1NDg0YWQxNDY3ZjU5MWQxM2IzNTYxMmU4ZjdiNTE5In0%3D
content-length: 188
:path: /event?hitid=940efd2c-af62-403a-9944-b3f40f3212c8
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: insaneoffrsforyou.com
referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://insaneoffrsforyou.com/btc-era-1-step/?oid=1&qze=5051&hitid=940efd2c-af62-403a-9944-b3f40f3212c8&aff_sub=&saf=8&cvu=&action=926&aff_sub5=fa5798fcdbf04ccda82270b895fc8361&aff_sub2=8&aff_sub3=&aff_sub4=926&tracker=cg
X-XSRF-TOKEN: eyJpdiI6IituUFVmRjBwRDhVREVURURPKzRiaUE9PSIsInZhbHVlIjoiS0VlcXNMTjY2R28ramlyK1AzTDc2a3lOckVoK1RUQzlMc2tOd1Nrc3NZelhFaFB0N2V2d0VyVFdvSHdtQlZcL0QiLCJtYWMiOiJmYWM0MjljZDYwN2U1ZmU5ZjBjNDY2NDA4ODY3N2Y5N2M4NzcwYzFmNjM1MzU5YThiMzQ5ODMxMDIyMDkyYjVhIn0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 02 Aug 2021 16:16:21 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRM453ArMauKVgwkkQEjiel%2F1yLHpP0dNZY54QZcWNWkMpGveNOskN11wg1nCJPGPfsPqeHS1iT%2BHToh%2FiA7qhcqIlbHLJHd8kmq4QrpK0lvtnDTvGY43cO55vV3qEhWfMofJGFsrr89glURSx7gual4yyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://insaneoffrsforyou.com
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InhXTGowR09aZVBVQTdSNW9QQXVodEE9PSIsInZhbHVlIjoiSEdlcTA4Mmc1SHlkUUlWaERqSHJjKzVTSk1EcW5aSDY4YVwvbGk2bXBcLzNSd2VnY2MzWncxRGk3Y1EydFwvRnFNRCIsIm1hYyI6IjU2MDQzZGVlZTg3ZDZjYzY3ZTFkZDhjMGNjYTY5ZmNmYjk0MTIxMDRjNmRmNmU0NGEzNzQyOTgzOWMyM2MyNzQifQ%3D%3D; expires=Mon, 02-Aug-2021 18:16:21 GMT; Max-Age=7200; path=/ c=eyJpdiI6InBCTmRFZWgzUVAyXC80dEI0ZlFWQVNnPT0iLCJ2YWx1ZSI6IjBzMXo1dkZsM3JsUmcrS2hFeTVZXC9LcHB4MTZ6VkdDQ1FJbDVxTUtOV3BtTmtySkF2RzJIWGplSGV5dVFVUWZlIiwibWFjIjoiMjk3NjEwZDRkYTlkMmM4NGYzZjQwOWRjY2U4NTBiYzIxZDZlNDE3NGEzZGQyMTYyODE5NDlmMzZhM2M3NWJiMCJ9; expires=Mon, 02-Aug-2021 18:16:21 GMT; Max-Age=7200; path=/; httponly
cf-ray: 67889c354d9e4dd6-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uinames.com
URL: https://uinames.com/api/?amount=40&ext&region=Germany

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			insaneoffrsforyou.com/	1970-01-19 20:12:08	Name: c Value: eyJpdiI6InNWdkVHWWRMcXVhYityS0tiV1FQRnc9PSIsInZhbHVlIjoicjVWZUx4MCt6XC9FZUFMZGxKZGVtdFhSc2htQ0FYUTFPN1A2R1dGaVIxVXdIajkyekEwb3JYU2NkcG9PVGhnem8iLCJtYWMiOiIwNWE0NTJmZWNmZWIwYjkxZTI1ZjkxMzVmOTBmYTFkNjI1NDg0YWQxNDY3ZjU5MWQxM2IzNTYxMmU4ZjdiNTE5In0%3D
			insaneoffrsforyou.com/	1970-01-19 20:12:08	Name: XSRF-TOKEN Value: eyJpdiI6IituUFVmRjBwRDhVREVURURPKzRiaUE9PSIsInZhbHVlIjoiS0VlcXNMTjY2R28ramlyK1AzTDc2a3lOckVoK1RUQzlMc2tOd1Nrc3NZelhFaFB0N2V2d0VyVFdvSHdtQlZcL0QiLCJtYWMiOiJmYWM0MjljZDYwN2U1ZmU5ZjBjNDY2NDA4ODY3N2Y5N2M4NzcwYzFmNjM1MzU5YThiMzQ5ODMxMDIyMDkyYjVhIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.secureleadsnow.com
bit.ly
cat-email.com
fonts.googleapis.com
fonts.gstatic.com
insaneoffrsforyou.com
static-13333.kxcdn.com
t.trkngoo.net
uinames.com
www.zincmedenic.com
uinames.com
107.6.155.2
13.248.176.207
23.254.217.227
2606:4700:3030::6815:5059
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
2a0b:4d07:102::1
34.102.211.173
67.199.248.11
01274fbcd5505da92ecd3a08463ed10de9813f47ce0e9b380512115a72d14415
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0dee947bbca7eccdb9a7dbd0756fbf7e30af8bc065bff5f3fdd25d710846f6de
0f4a18f6a6e6072657f1f4155a670cdc1abb13b24dbcac5e64e509fd324f7988
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
1d42160b431a3e0b00019d4ffa4b3d83a2c97b2dbe927d69a90bb7f0f15bf88a
1fc8e6727261493f50889b598f27917a7602e389c5e5c9673a68d7fe8c7ae690
2061764c5f92cb8d1cdbda341933f3555ded9b5728473a63a54dd4aeec9699c0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f70b0ea2858061fca2369839f0331c42c44ccef11ca17d4b6a3b91f739f898
28364aa92a4fd3114ac1857ea592e4202e58bd8a96b5a2578c58beb438a8e8b3
422aa7ce6458e63455a095564312cd35b2a303721d1f4d93715ba7cfc93b67eb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5a58adceb533cf19224c10a3a235996213e12328f5952a8a47a8ca6182e2a90a
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9935509393ae254c64bf718bd05e761e4340831fcff1df1b447841a7e0042b42
9e8d4ba93949832a45e4ba4912c9867125ba5f90670290d2d581e5faf92db771
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a62988776ec9647d0dc43827b6a2796b220b37cdc7d3cbbfbe0795543e2ca7d2
a9444725fb48cd94db4b9c4e1544b3ace3c54ccd0d1a289f124d36b69c9d6a20
ae19f3fb8ffb81594bc21748d0926039e897ef9c6ca6a9e148595c812c3a3a08
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afbde665b6ebecf065a17a2b7c1cdc2829742f917489c42b949899033c3ea31a
b69ca4a846247c287a60bdb773b5f199e8f25fe18b0ac62dd7ec3293144f1c93
b8d10960a3b95d49ee478c3961b904afeca854eb6e827d087b552297f6891b63
bca01b15a583e0c1db14b95b4759ee832ce1a800858bdf48f33911dad3abbbcc
c09e7658fcaa7d2089873ea3bed748bf37105d0f282b09b972b97c7587875bb0
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c36627640fd8ab54c7b17824f968a4652bbb57469106f9a5a8656cc1e8dab2ad
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
dd6f27188160854c9b0b400016a4084b5d111bdbba476d17460139a6d80f52eb
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
e46f3127e1d2d73084efc503b86c3c5ab7091677b493e10d59f0cf4375b9a1e7
ef45d80726b8c990fc92c1ea7f76cd4658720110ee81f4adca1da3b6524e74ec
f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb

insaneoffrsforyou.com Open in urlscan Pro 2606:4700:3030::6815:5059 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

41 Requests

93 %HTTPS

44 %IPv6

10 Domains

10 Subdomains

7 IPs

4 Countries

1049 kBTransfer

24836 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

insaneoffrsforyou.com Open in urlscan Pro
2606:4700:3030::6815:5059 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

93 %
HTTPS

44 %
IPv6

10
Domains

10
Subdomains

7
IPs

4
Countries

1049 kB
Transfer

24836 kB
Size

2
Cookies

41 HTTP transactions
1 data transactions