Submitted URL: http://pinoy-offers.com/
Effective URL: https://www.pinoy-offers.com/
Submission: On June 29 via manual from PH — Scanned from NL

Summary

This website contacted 14 IPs in 4 countries across 10 domains to perform 70 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is www.pinoy-offers.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 28th 2022. Valid for: a year.
This is the only time www.pinoy-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
30 pinoy-offers.com
pinoy-offers.com
www.pinoy-offers.com
880 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
325 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
imasdk.googleapis.com — Cisco Umbrella Rank: 425
126 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
bid.g.doubleclick.net — Cisco Umbrella Rank: 465
53 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 883
r5---sn-h5q7knes.c.2mdn.net
1 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
2 KB
2 gstatic.com
csi.gstatic.com
381 B
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 12272
914 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
645 B
1 trk-consulatu.com
trk-consulatu.com — Cisco Umbrella Rank: 27678
3 KB
70 10
Domain Requested by
29 www.pinoy-offers.com www.pinoy-offers.com
14 pagead2.googlesyndication.com www.pinoy-offers.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
8 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 r5---sn-h5q7knes.c.2mdn.net
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.nl pagead2.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 trk-consulatu.com www.pinoy-offers.com
1 pinoy-offers.com 1 redirects
70 16

This site contains links to these domains. Also see Links.

Domain
trk.adstrck123.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-28 -
2023-05-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.nl
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-06-21 -
2022-08-30
2 months crt.sh

This page contains 8 frames:

Primary Page: https://www.pinoy-offers.com/
Frame ID: 2C0FBB6DA63D29375734F037770DBDCA
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Frame ID: FFDBC2015930757F61EFECF53F75C806
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025979610086129&output=html&adk=2548858943&adf=2513742895&lmt=1656499622&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.pinoy-offers.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656499622253&bpp=3&bdt=312&idt=183&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5895702337117&frm=20&pv=2&ga_vid=797098367.1656499622&ga_sid=1656499622&ga_hid=301043923&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760911%2C42531608&oid=2&pvsid=1041333213195182&tmod=1924107073&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
Frame ID: 663C735FB9785B4B29255DA183E51A4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Frame ID: D02C7F584862AB5E225D03A9DC931947
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6763B1521E0CEFAE3F4B33E548BD2BD6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C71BA2C11AE45F24097042376B8DF9D4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js
Frame ID: A52553E3C81369CDAB90814081F4C8EE
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D1F2D719AFBAB63EC741CFC855A44B4E
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Pinoy OffersPinoy Offers

Page URL History Show full URLs

  1. http://pinoy-offers.com/ HTTP 302
    https://www.pinoy-offers.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mootools.*\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

70
Requests

99 %
HTTPS

80 %
IPv6

10
Domains

16
Subdomains

14
IPs

4
Countries

1391 kB
Transfer

2738 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pinoy-offers.com/ HTTP 302
    https://www.pinoy-offers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://gcdn.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/57B8868E889F631ACA2BAFD1E263A804E94C6CB8.9B2BDA21D8577017A198CB991660FE579740D64F/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-h5q7knes.c.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E32EEE98599871F3BF4A9F8469EF2650511CBB5.3A90C9EF8B7B3373A42648177230B6A1F1A930F7/key/cms1/cms_redirect/yes/mh/XT/mip/2a00:1630:2:602::14/mm/42/mn/sn-h5q7knes/ms/onc/mt/1656499248/mv/m/mvi/5/pl/32/file/file.mp4

70 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.pinoy-offers.com/
Redirect Chain
  • http://pinoy-offers.com/
  • https://www.pinoy-offers.com/
76 KB
14 KB
Document
General
Full URL
https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc6387ee444151626a23f9b279ad06a224d5973b5643caf27f24a67228fba37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
722e14e96a8d4196-AMS
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 29 Jun 2022 10:47:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlINWo9cv1VVdshcDC09pdhaRlc8mpNslCjGGGhmGetO9%2BUEzS2TIe%2FZbliMze%2FLPmfcqmPxN1%2B0QZ1u%2F47ROmPj2IQwuqrEn%2Bb8b00xyrTvkcpRYyzytq1Icni3vStwH94cNY7kzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
x-firstpage
1
x-map-context
ph
x-page
pregame
x-served-by
c-04

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
722e14e8ac84b74c-AMS
Connection
keep-alive
Content-Type
text/html
Date
Wed, 29 Jun 2022 10:47:01 GMT
Location
https://www.pinoy-offers.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIsMe4tXWf42ZW7A0wFHPQZY83MrVmoc5syfmJIX%2FgqCUjCYvd6QKFWEEvOjbnJrhWEF8ifxIxuUcorVxk%2FXuk0ONvUQ1vMG%2B3RFgPFyvrKXyVXGamsIaFHVxAZj95DzCKi3"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
default.css
www.pinoy-offers.com/_global/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.pinoy-offers.com/_global/css/default.css?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-04
last-modified
Mon, 18 Feb 2019 07:52:24 GMT
server
cloudflare
x-map-context
ph
etag
W/"5c6a6438-10e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhUf83DEWdawlWTZEPlP8dSTW6G6XAmYQ%2B2GkCNBxM%2FZls0%2BFTyPBiyL%2F2zTjPjucIJgxEDwAWsDW02vISzya15Xo7kRZDCg5vhVuvIJ8NUFko18b9c117umLkJYheaAcMaVz92Ozg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
722e14ed4f314196-AMS
expires
Thu, 30 Jun 2022 10:47:01 GMT
font-awesome.min.css
www.pinoy-offers.com/_global/fonts/font-awesome-4.6.3/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://www.pinoy-offers.com/_global/fonts/font-awesome-4.6.3/css/font-awesome.min.css?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-02
last-modified
Thu, 18 Aug 2016 09:52:51 GMT
server
cloudflare
x-map-context
ph
etag
W/"57b58573-71c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clZZhFI8VIrujPA1n%2B8cusg2vdfug%2Fg6oOjChc4Guko4P6XX1C1PPtHxPgEyCxKOtRzNVJOJitib1CEHCGeNHIdkyhTNJD6aPWEho5XRVssM97uY%2FKbJ103LQf%2FRi6sztqW%2BOVEgZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
722e14ed4f334196-AMS
expires
Thu, 30 Jun 2022 10:47:01 GMT
series.css
www.pinoy-offers.com/_global/wingame/57/css/
39 KB
7 KB
Stylesheet
General
Full URL
https://www.pinoy-offers.com/_global/wingame/57/css/series.css?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed73382f71d9cc46e06a77d0edc293431dd3734dfc5b80e40b6e0f0f1f57859e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-04
last-modified
Fri, 12 Mar 2021 08:31:46 GMT
server
cloudflare
x-map-context
ph
etag
W/"604b26f2-9bcf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bqdq7cvuIlb%2BvW%2B1hrOZ6ecscTbgmSgUEP8%2FhVnsVjv4cyOv5voeJXioxavBF3haY06zGdQ0iam7%2BhqsjbM2zSg843ijbIE1%2F%2BkOSnDUE91Gz%2FjE8rgnQ3NBx%2Flaz0Lm2VX%2FpqQUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
722e14ed4f354196-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
sweepstake.css
www.pinoy-offers.com/wingame/43/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.pinoy-offers.com/wingame/43/css/sweepstake.css?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1bd01607f13ad10f86077d313458152568f82a27d8a71f5096c5dabab8cc395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-02
last-modified
Mon, 19 Apr 2021 09:19:56 GMT
server
cloudflare
x-map-context
ph
etag
W/"607d4b3c-1d04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3XGVoqKILk25tyRHhvql3cSF27a8ljfry96bHoJTz1IPkH4aiiMRmQXYVT9Y8mTa%2Fa%2FUmPFyEezRNenKyJiYMKTHf4sTErFXBnGg2lY%2Bbn8GwW9NR0ryayjo47AHem9E41FL%2Byq1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
722e14ed4f384196-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
MooTools-Core-1.6.0-compressed.js
www.pinoy-offers.com/_global/js/framework/
88 KB
29 KB
Script
General
Full URL
https://www.pinoy-offers.com/_global/js/framework/MooTools-Core-1.6.0-compressed.js?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Fri, 10 Nov 2017 11:48:17 GMT
server
cloudflare
x-map-context
ph
etag
W/"5a059201-15e64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwUbRVTzvzfibwpI%2Be6UpE%2FtRiwjNapXNw6jK8SugxbimZJpJUVg9nVx5YzDgBn79%2FEC7j0EbEcU5pEB%2FNzQ24ly8kDEKlj4AErhYeQclkVXBaMCnCt8dPSSKL1T2UM7LfjqNg0L6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
722e14ed4f474196-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
scripts.js
www.pinoy-offers.com/_global/js/
55 KB
14 KB
Script
General
Full URL
https://www.pinoy-offers.com/_global/js/scripts.js?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4436ee9212fb2d7d3763f9c23ff54e2dee216da22876a1b475bf8619c12ede0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-03
last-modified
Wed, 16 Mar 2022 09:55:25 GMT
server
cloudflare
x-map-context
ph
etag
W/"6231b40d-dd5d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fvwp6OhM8r73A9c%2BEhL8%2FbRhJGT7x2jAZoJ%2B4bcb3dUZZxDGyraX6H6W7PtXGp62DyiPWZ9Jj3l7lriw%2Fs6CZMm%2BND15K%2BwLSsskHS4YmGPdQHwNpYiFipxP5S9tLXM0nimC9I8gsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
722e14ed4f494196-AMS
expires
Thu, 30 Jun 2022 10:47:01 GMT
global.js
www.pinoy-offers.com/wingame/global/js/
847 B
1002 B
Script
General
Full URL
https://www.pinoy-offers.com/wingame/global/js/global.js?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3eb5ad3f7b78ca83bb84f3d53e3387b49c066285a61933ac9ff767cd444059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-01
last-modified
Mon, 28 Sep 2020 11:42:13 GMT
server
cloudflare
x-map-context
ph
etag
W/"5f71cc15-34f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bd6AbjVuNunVzm6vYD%2FrAq5BYMGiB2Ou135btiC0LenfQI1HpUfKUq7DlH81mGOvSqIfiPr7c5yKuGSJWSv6qb18bPFdraR5vuJYJfslIs1qTr6quhOzMYJu3HQMrX68wgxHTyddhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
722e14ed4f4a4196-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
series.js
www.pinoy-offers.com/_global/wingame/57/js/
13 KB
4 KB
Script
General
Full URL
https://www.pinoy-offers.com/_global/wingame/57/js/series.js?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4971b7132c11c230a07ee41510e916510512cbc50e4e71bff6d8fdd69f128cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-04
last-modified
Fri, 19 Jun 2020 09:53:11 GMT
server
cloudflare
x-map-context
ph
etag
W/"5eec8b07-32c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwkaKyYgAMmMa0C8vcTRQioYcqMzXC%2BlXhu4SPJHFCYoXBpatHcgZ4Zd7uu3SEcZVS55n2uqPUnVsG0qnKQKAS5JwYxY1ETbOYYbTa5MHy52uBcyr8xPxkHlUfM2%2B%2FtjmkqDkg6l8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
722e14ed4f4b4196-AMS
expires
Thu, 30 Jun 2022 10:47:01 GMT
sweepstake.js
www.pinoy-offers.com/wingame/43/js/
2 KB
991 B
Script
General
Full URL
https://www.pinoy-offers.com/wingame/43/js/sweepstake.js?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873efbe9a772c3028f73333a992fe64588f3f0d0ffc8b99a774e3b989193336c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-04
last-modified
Wed, 27 Jan 2021 11:50:08 GMT
server
cloudflare
x-map-context
ph
etag
W/"60115370-91b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5A9b1kXOm6cXfnuRMczHP8A30cb1dRpsSEHuGMPkDHaF2ltso9DvyMoA%2FymW%2F61QDh5n36NaIWPKYnI9Iqe2Ol16%2BokjEhZ57JpfKG9mTT8fClrTczsP%2BhVpbW03TrmHOKD0TQy7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
722e14ed4f4c4196-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
script_43.js
www.pinoy-offers.com/files/web/sponsor/_sponsoren/
3 KB
1 KB
Script
General
Full URL
https://www.pinoy-offers.com/files/web/sponsor/_sponsoren/script_43.js
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7c8fe9740251473282b7f2b561c64943beb8b97187bd901c024cf4d82ca743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-01
last-modified
Tue, 30 Nov 2021 15:41:06 GMT
server
cloudflare
x-map-context
ph
etag
W/"61a64612-d52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4F4Y%2BZobyid1pAwPB1KXMVjmLzxruZnu9QnVWcdAbzOOy3ni1POkIpSN03oSK%2Br52Sn30lLUdBPRVHS2MwLVHZv8gM3d8fFX5o7EUw7lFwHMzixh4COKlkEKnbxkAMA%2BGM5VDw3B4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
722e14ed4f4e4196-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
163 KB
56 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02524a4f2d5b6834d2de349c41935a3f195d9bc98e7c5a65a50b658976c92255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56419
x-xss-protection
0
server
cafe
etag
1489649190716823249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:47:02 GMT
image_123_104.png
www.pinoy-offers.com/files/web/freetest/_images/
40 KB
41 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_104.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a21831ac4f24048810bd0abb23b69ff4655e5d3290d04b6d8af637180698ac3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40870
x-served-by
c-03
last-modified
Mon, 21 Mar 2016 17:32:02 GMT
server
cloudflare
x-map-context
ph
etag
"56f03012-9fa6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3iU7VnTW34KduKRw%2FmFu%2FUuRYPuJeWC%2BPyk6Xz0aQAbxEU9IRLyVsWahQFbHug%2FIqeDjJ32HtkOJgjT2blxw904%2BYJKfr8U5QlxQseu7cgNm10cFUuMDANlm1HbZXdBXyCz2cUFfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fbf0c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_17_102.png
www.pinoy-offers.com/files/web/freetest/_images/
481 KB
481 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_17_102.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
433379cf128a6dddc925df88ee578e0569825152b3a5d248f744adcf6a66b26d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
492194
x-served-by
c-04
last-modified
Tue, 26 Apr 2016 03:03:18 GMT
server
cloudflare
x-map-context
ph
etag
"571eda76-782a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLJ1CCNUdPe3TPVuhMkNuzvPjkIzR3o0Vx3HFGhr0DbHkEYMuafwFR2E2BiLPr%2FLklJmSmRSA756hzFYwRzaJoqi2lO%2FPPpFHC1dvik0rTh5VojiyQXLLX7A1MJA%2FFT3yDg16ta5yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fc40c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
prize_arrow.png
www.pinoy-offers.com/_global/wingame/55/images/
2 KB
3 KB
Image
General
Full URL
https://www.pinoy-offers.com/_global/wingame/55/images/prize_arrow.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb512baf860da2818cb24564602d28c1e2cb59efb7bdcc97a42b068258b3220c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2459
x-served-by
c-04
last-modified
Fri, 16 Jan 2015 10:32:16 GMT
server
cloudflare
x-map-context
ph
etag
"54b8e8b0-99b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tGm6U9iGNj8jc4sFdY8Bsh8wAXmJk%2FtddsjHDCfCbxhQpF9WevLbXpeBS9UK2feCfk38UvRcezWNai92jQB%2BjKcxynOrx04XYPy2oQ0EvlJUWFYa7q86fIQCjwC%2FjHY%2FBn0pZcqHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fc50c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_123_109.png
www.pinoy-offers.com/files/web/freetest/_images/
14 KB
15 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_109.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f4f714ad57add230f5b79f815496b4dcf85dd0b17d2c64a26c604d2f82175b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14780
x-served-by
c-03
last-modified
Mon, 21 Mar 2016 17:32:03 GMT
server
cloudflare
x-map-context
ph
etag
"56f03013-39bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0gNrYi3Ma70HZx8aKMdhvo%2FtjFKB7ywKS%2BCwNnBPuL37ZKqY0CiAdrJeg1q%2BOkCM29dRmcoEntWSrVQL48%2BbtGB8rG6%2Fdu%2BTXHnCfHnzims7%2BUfVLIzx8V6bJtFAvjZIarcN3F8DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fcf0c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_123_111.png
www.pinoy-offers.com/files/web/freetest/_images/
15 KB
15 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_111.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70c8516bd6086002f985cbd7d5528d22416787a3a53c6cb316aac7b6862260f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15064
x-served-by
c-03
last-modified
Mon, 21 Mar 2016 17:32:03 GMT
server
cloudflare
x-map-context
ph
etag
"56f03013-3ad8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35QVXe%2FE0XiYF9c1pa8pAzuU1PbaYYllS1gKGCqY5uAhJb6c2E3yvQN1diM%2BbZj0W%2BfA4zGRs6JquXxh71ReGGb31MUQfzosB0R2oIN1g%2BhPstL3N01qZhlJjg8haLX9qe9kw%2FUd8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd00c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_123_115.png
www.pinoy-offers.com/files/web/freetest/_images/
41 KB
42 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_115.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faaf7bd69fc5fc8e9c84197897e6a7d05eb40719d5ba50ef9ba94dbc70d8e193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42400
x-served-by
c-01
last-modified
Mon, 21 Mar 2016 17:32:03 GMT
server
cloudflare
x-map-context
ph
etag
"56f03013-a5a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU3DM0da5hHr8pHCnSSLhbw9hngYtiKROsDR1uydwiSL46XkWQSGFKbgwubanykEYIExLHyj50UCNUGzU61wK6Xc7F%2BOxWVAeAnoyDbtdpV6vGABof1HtMlvUFYQUgphPGPgRvORlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd10c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_123_117.png
www.pinoy-offers.com/files/web/freetest/_images/
26 KB
26 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_117.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267e37418cf21a2c2c9da1fbf3d4a6f60f8c92728677c1c6719b6eff35e2cd05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26191
x-served-by
c-01
last-modified
Mon, 21 Mar 2016 17:32:04 GMT
server
cloudflare
x-map-context
ph
etag
"56f03014-664f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPmnJLmZubTr5IGjUMaQA24uLEOxx8PJbJiXhQhpO8KhKuxi1tApcAmyJkXNOuXUTq3uGy6P0QxgrfUU%2B9Ke9jKawd%2FGnkmvvnM7XlJHuJUdVdZ3Z%2Bx%2BcMeo88h0j3JaJZqXlaXi%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd30c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_123_119.png
www.pinoy-offers.com/files/web/freetest/_images/
31 KB
32 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_119.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d87fd1ebb99975bb132457077ace43966d52f1557c7b20c8241bdc3c7c2d6d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32250
x-served-by
c-04
last-modified
Mon, 21 Mar 2016 17:32:04 GMT
server
cloudflare
x-map-context
ph
etag
"56f03014-7dfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d53Jb8XjuE32L6CcGxduSOpzAM7nwCp0kupUZiaypluS0rF5uI%2FRLgT8f3VAE4r1rcBZnH6JCuygGHeFg9zwi2%2B%2BlSlu06WswzhTHlqy0F%2F3jhzlgJRBq1Zp6Lqh%2FzlSk9xZVZSxCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd40c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_123_121.png
www.pinoy-offers.com/files/web/freetest/_images/
35 KB
35 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_121.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06bd267c7ee7a6edf9915700cf554ed0494ed2feb634431e003f852362cd6757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35383
x-served-by
c-04
last-modified
Mon, 21 Mar 2016 17:32:05 GMT
server
cloudflare
x-map-context
ph
etag
"56f03015-8a37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysk98Le%2BaBS9nWU3dCoy1RsFXiplPo4c%2B4EPPeAVLSKSjPHRfXc4zKenAnEPU0%2BoUQ5EPg2vW0xMvnhEbKWQM6hDrwceqcEGiPGf0beabpZnM49%2Fany1joCWfXzbUL78qBWQMCZiBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd50c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_17_123.png
www.pinoy-offers.com/files/web/freetest/_images/
42 KB
42 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_17_123.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5e131113c160b830d9e4919d4c6507221a7ce1e71f1f75f8f6ea87d8656977
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42793
x-served-by
c-04
last-modified
Tue, 26 Apr 2016 03:12:10 GMT
server
cloudflare
x-map-context
ph
etag
"571edc8a-a729"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6IuIJ4mQUCB2llgR5PO4fBWB66Yvd92%2FQ7MOchrIuRTw3yByQNfF0k2wB8fAmbrOHgaaxBtoNhYhv5UMKiz%2BqBLkpW4XmSuCEXl7gkde70%2BNhhRz3QwYofHaO8uuTvhNW%2FVJMxWS8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd60c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
image_123_125.png
www.pinoy-offers.com/files/web/freetest/_images/
23 KB
24 KB
Image
General
Full URL
https://www.pinoy-offers.com/files/web/freetest/_images/image_123_125.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5a861b6a1e72d051cee77e448971dcb484cb0fbebffc6f889f33c9f3418cb65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23618
x-served-by
c-01
last-modified
Mon, 21 Mar 2016 17:32:05 GMT
server
cloudflare
x-map-context
ph
etag
"56f03015-5c42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrpxwB8%2FpiZEczzbnj7C78VR34NYazbz6DU%2FMUdDK7gvPQksPiYhEmbW%2FSc4vL1ubHPLjL%2FEq0pq2hxEnElaiazIizE98VZI0LJYx6W9mvyItTpg3klYtA9PMTh76dGCd4RKS5ez1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd70c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
graph_symbol.jpg
www.pinoy-offers.com/_global/wingame/55/images/
2 KB
2 KB
Image
General
Full URL
https://www.pinoy-offers.com/_global/wingame/55/images/graph_symbol.jpg
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ec8cad2e06dfe81cf44121032ec6e4dcfe98f973669716f95db93e258daaa7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1944
x-served-by
c-01
last-modified
Fri, 16 Jan 2015 10:32:16 GMT
server
cloudflare
x-map-context
ph
etag
"54b8e8b0-798"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAYU%2F8qlo2PsMFQmCIWohsRrk2tgALwHLkFgHbzjKID9%2BsRixBF6xlEdN%2Ft0ZJEzocZBaMgXukNlghPjLeI4OhJ4nOiBigQnAWtDwXXNsm2sNWiFkwklyub6zX6ov5g2JlipQrDJxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd80c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
sweepstake.bundle.js
www.pinoy-offers.com/dist/43/
17 KB
5 KB
Script
General
Full URL
https://www.pinoy-offers.com/dist/43/sweepstake.bundle.js?2022-06-29.3
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ad0fe51bb40de06e9859d0f20a7c32064c38abcb8fa331b4cff56cbe13e0a7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-02
last-modified
Mon, 20 Jun 2022 13:13:34 GMT
server
cloudflare
x-map-context
ph
etag
W/"62b0727e-4485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05HsqEh2fNkAHOJvGerlQ2Y9T7c8nxSO6R%2BiVcqcE9ZkXlhev%2FS7TIdbEIQ0Uwr7a2zpHpU9frLJ6%2BJ29s%2FAT70gpJ8eCUPMpug%2BlzbkQufhkLNrK8RdrcTViP4H13nu8tWDa8fW%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
722e14edef650c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
font_opensans.css
www.pinoy-offers.com/_global/fonts/opensans/
2 KB
980 B
Stylesheet
General
Full URL
https://www.pinoy-offers.com/_global/fonts/opensans/font_opensans.css
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/_global/wingame/57/css/series.css?2022-06-29.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8520fcbe02b63d1ed79d4fe6b9ffb8b2875fcafb5232cba605370849c6b4095
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/_global/wingame/57/css/series.css?2022-06-29.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
c-04
last-modified
Thu, 26 Jul 2018 06:51:09 GMT
server
cloudflare
x-map-context
ph
etag
W/"5b596f5d-991"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fReHIHEreLT5wrFfLFAvb%2FoThnhLWdhRg0Gw%2FQIxmx0zpRRrRczfospiJktmBdKu3nJf3AIj6TSaYYwgd5Qy78OlV4BACd04oOHByVX%2B7zrX8pMg7lC5Wp8M9UxKFfZPBBsfseswWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
722e14edcf470c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
content_bg.png
www.pinoy-offers.com/_global/wingame/57/images/
155 B
753 B
Image
General
Full URL
https://www.pinoy-offers.com/_global/wingame/57/images/content_bg.png
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/_global/wingame/57/css/series.css?2022-06-29.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9629e0eadc54f8c78e52f511289dc48a680732afb660580bc57739a7c642b3ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/_global/wingame/57/css/series.css?2022-06-29.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
155
x-served-by
c-01
last-modified
Wed, 18 Mar 2015 14:49:46 GMT
server
cloudflare
x-map-context
ph
etag
"5509908a-9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnpDsdgyZDhbKOxjXUHjGSckUhNPNrqqnCdNHp4vXu3ZVZiJAYr7%2FoBdq7YrCV3oN2fjxaK6hyw6EsUetnabj9XqEMAHlRltmYVurD%2Bnvm7XQg7LMcyv26Go1qcbKfPrkbLPGesQsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fd90c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
Open-Sans-700.woff2
www.pinoy-offers.com/_global/fonts/opensans/
10 KB
11 KB
Font
General
Full URL
https://www.pinoy-offers.com/_global/fonts/opensans/Open-Sans-700.woff2
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/_global/fonts/opensans/font_opensans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pinoy-offers.com/_global/fonts/opensans/font_opensans.css
Origin
https://www.pinoy-offers.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10284
x-served-by
c-02
last-modified
Thu, 26 Jul 2018 06:51:09 GMT
server
cloudflare
x-map-context
ph
etag
"5b596f5d-282c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCpGQuG4NxW5DTU0LcygPQ1ugehtNHg9iW19JzzmsaqJFVQmYy8wN9QhDjtH0c2uu3j45AWvmrbcwFGNCVLdwGa1Em1lmwFFV4jkW7q5ZcJTNRHfiVUM2QPeVXXs67%2FtaDg5w4KhVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee4fda0c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
Open-Sans-300.woff2
www.pinoy-offers.com/_global/fonts/opensans/
10 KB
11 KB
Font
General
Full URL
https://www.pinoy-offers.com/_global/fonts/opensans/Open-Sans-300.woff2
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/_global/fonts/opensans/font_opensans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pinoy-offers.com/_global/fonts/opensans/font_opensans.css
Origin
https://www.pinoy-offers.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10200
x-served-by
c-03
last-modified
Thu, 26 Jul 2018 06:51:09 GMT
server
cloudflare
x-map-context
ph
etag
"5b596f5d-27d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrCOrMRMqng0FnKyUXsbJxeGij2ywbQmjEQlk1hdv5wKyDLDud0mY804RxySLMqY%2F8igoOibmmhaaBEzydO1AhMoe1PoOKXmzLdirlmN%2FmBdmiI15GYIgD%2FufZ1ifx0thLXCyWyVFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee5fdb0c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
Open-Sans-regular.woff2
www.pinoy-offers.com/_global/fonts/opensans/
10 KB
11 KB
Font
General
Full URL
https://www.pinoy-offers.com/_global/fonts/opensans/Open-Sans-regular.woff2
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/_global/fonts/opensans/font_opensans.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.pinoy-offers.com/_global/fonts/opensans/font_opensans.css
Origin
https://www.pinoy-offers.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10352
x-served-by
c-04
last-modified
Thu, 26 Jul 2018 06:51:09 GMT
server
cloudflare
x-map-context
ph
etag
"5b596f5d-2870"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1cKc%2FHIcMMT1Ot1LhPKgODdlcCd7G400EqxXmOVQnIn7R9eDrS84eLKCEWVrdjDLo8PKf9Dtj5AMkOaiFcmSX6xXYYipY2KNTQzLDZG5GSPz%2BeQvm2yPLip8uMG6zmsuDyiJiw%2FRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
722e14ee6fe80c71-AMS
expires
Thu, 30 Jun 2022 10:47:02 GMT
48epxrqd5x
trk-consulatu.com/scripts/push/script/
7 KB
3 KB
Script
General
Full URL
https://trk-consulatu.com/scripts/push/script/48epxrqd5x?url=www.pinoy-offers.com
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7ff87147e552055d276a584fbf0fb09c6d27fd7a88c3c0e19b1aacd37196ad9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tg0gSo1jZCwuhTgk79Suc74fNg7C%2FvpVZ3rkBqbTlyJvntVoNUtai5t1yVWVbPxCF0BIH2GDTqrIrcotLuE6LIJ9Y8Bjb2Ue%2Bb81Y2xyZb1OFd71KHspt6XI99sJ3G97p5c5UxJYfqhXgmGV8NMo%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray
722e14eeff6db99a-AMS
expires
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/
339 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0a8f9bac365fe0a1b11f876f54261052f2ac4b17098ad1d9f46153f327a1f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122445
x-xss-protection
0
server
cafe
etag
14618502621571937002
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:47:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/ Frame FFDB
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pinoy-offers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
53111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 20:01:51 GMT
etag
10429905676100781186
expires
Tue, 12 Jul 2022 20:01:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/
220 B
645 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.pinoy-offers.com&callback=_gfp_s_&client=ca-pub-2025979610086129
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e7d064110f628b672ec789f009bf2124df9b927d70b8e3a0a355c93399bdb0cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.pinoy-offers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pinoy-offers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 10:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.pinoy-offers.com%2F&tn=DIV&id=notifyai-popover-container&cls=notifyai-popover-container%20notifyai-reset%20slide-down&ign=false&pw=1600&ph=1200&x=0&y=69.6
Requested by
Host: www.pinoy-offers.com
URL: https://www.pinoy-offers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 663C
106 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2025979610086129&output=html&adk=2548858943&adf=2513742895&lmt=1656499622&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.pinoy-offers.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656499622253&bpp=3&bdt=312&idt=183&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5895702337117&frm=20&pv=2&ga_vid=797098367.1656499622&ga_sid=1656499622&ga_hid=301043923&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760911%2C42531608&oid=2&pvsid=1041333213195182&tmod=1924107073&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=198
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfb89efa9840532f1b638d5bf3a40134c21de938f3feaaa3cf16f4ca41f20830
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pinoy-offers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29202
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 10:47:03 GMT
expires
Wed, 29 Jun 2022 10:47:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2532239f8c976a8379fd80999aa854cf0a94b0365846826bde71571f513c57e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 10:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e0cea3731c4ed59dd5e7a848c0bab84dbe5789f655e932899209c888c7500af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54411
x-xss-protection
0
server
cafe
etag
16355095995900390828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 10:47:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8&c=ca-pub-2025979610086129&eid=44759876%2C44759927%2C44759837%2C44760911%2C42531608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2025979610086129&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20220627_114524&sat=1656468578192&afm=0&as_count=0&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0&alldns=0&allp=3&fd=(0%2C3%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1200&abl=false&rr=n&su=www.pinoy-offers.com&pvc=1041333213195182&r=0.1&eid=44759876%2C44759927%2C44759837%2C44760911%2C42531608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8&c=ca-pub-2025979610086129&eid=44759876%2C44759927%2C44759837%2C44760911%2C42531608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.nl/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.pinoy-offers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 10:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.pinoy-offers.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 10:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/ Frame D02C
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pinoy-offers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
36103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 00:45:20 GMT
etag
10429905676100781186
expires
Wed, 13 Jul 2022 00:45:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2025979610086129&plah=www.pinoy-offers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 10:47:03 GMT
css2
fonts.googleapis.com/ Frame D02C
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:37:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 10:47:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 10:47:03 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/elements/html/ Frame D02C
19 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 10:45:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6763
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pinoy-offers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
3492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 09:48:51 GMT
expires
Thu, 29 Jun 2023 09:48:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C71B
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9ab2cec5ea7a759222d6779d7bc7fde3f1635bba51e80efc4c2267976ce5a28e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-a_I672KdoyxRGwdGJxjIIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pinoy-offers.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-a_I672KdoyxRGwdGJxjIIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 10:47:03 GMT
expires
Wed, 29 Jun 2022 10:47:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame A525
21 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:36:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
645
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 10:36:18 GMT
css
fonts.googleapis.com/ Frame A525
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 10:38:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 10:47:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 10:47:03 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/ Frame A525
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 10:41:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:18:38 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/ Frame A525
351 KB
121 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd48ba2cec7ec8424c38af70d7516e7ce54aab084c075020f7e2a420d042a1da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123964
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 10:41:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:18:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame A525
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:43:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Jul 2022 10:43:57 GMT
zpJwJD7FiQGKtDMDI2qj6Q6sQapA_NmLJvc1GyKYZDI.js
pagead2.googlesyndication.com/bg/ Frame 6763
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/zpJwJD7FiQGKtDMDI2qj6Q6sQapA_NmLJvc1GyKYZDI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce9270243ec589018ab43303236aa3e90eac41aa40fcd98b26f7351b22986432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:52:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
3278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13837
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 09:52:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C71B
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=1041333213195182&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame A525
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l4zh3tt0&c=1417560335220&slotId=708780167610&qqid=CMrzz_y90vgCFcvq7QodGEsKQg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C324123032%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:808::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A525
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CtW02pi28YsqIJ8vVtweYlqmQBJ3tmL1q05vehvsP8C4QASDQxK1nYJGEoIWMGMgBBakC-yII-DQZcD6oAwHIA5sEqgSCAk_QjFBZFIBL2OIjC0BlCjvjh2MRV8rV37f6uQnO4wNC73Oo6uqXKfe-j2gk4-ATDtaGT-0BghQORFeQ9279l7ZkqJdF9MKOekcOl2y-Gwgn4FETIycvAjZvoOXMkGyFIaGpmLax2IW0Q6RzXXOFR_ESwge3mkYY5qJ1FPD6tY8rtfumjaV7srKgFhkgl7hpTuskkcI4QW-8PvGhq6r0wePYSlRGKGlvmID9aiclhZTZjbNQ7lA93rDZVSpCDKDF6XlCo15EwfcHE9b9fVc3w_CaspmoTaltQd55esFcSVeG6UJtef7O0Kn6dv-QH-geL4wLESrhybi6kb2CA6-lvMD2L8AEovP-gusC4AQDkAYBoAZ2gAeilLO3AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATu7SRD9gTEIgUA9gUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1656499623595&ai=CtW02pi28YsqIJ8vVtweYlqmQBJ3tmL1q05vehvsP8C4QASDQxK1nYJGEoIWMGMgBBakC-yII-DQZcD6oAwHIA5sEqgSCAk_QjFBZFIBL2OIjC0BlCjvjh2MRV8rV37f6uQnO4wNC73Oo6uqXKfe-j2gk4-ATDtaGT-0BghQORFeQ9279l7ZkqJdF9MKOekcOl2y-Gwgn4FETIycvAjZvoOXMkGyFIaGpmLax2IW0Q6RzXXOFR_ESwge3mkYY5qJ1FPD6tY8rtfumjaV7srKgFhkgl7hpTuskkcI4QW-8PvGhq6r0wePYSlRGKGlvmID9aiclhZTZjbNQ7lA93rDZVSpCDKDF6XlCo15EwfcHE9b9fVc3w_CaspmoTaltQd55esFcSVeG6UJtef7O0Kn6dv-QH-geL4wLESrhybi6kb2CA6-lvMD2L8AEovP-gusC4AQDkAYBoAZ2gAeilLO3AagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAeALAYAMAbATu7SRD9gTEIgUA9gUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame A525
28 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CeFOQ_IFQGeZ5i_Df9pP9udjmvGBNbiFrJCp4uPvK0uDk-w78VFzwmMkU59aA3FG9dusrNMIccDofOrJ0qV7jjbF5AwA&cry=1&dbm_d=AKAmf-CV1LqbnLA0QGHr-2grDV_nAFzIbKKx0UYAQbGRwcRY4w61bwIGtswOjyOiSjWHAm_QMYhNqnVxq5zEZ4SHCLiBRHgXaAfrWc4HP0oFTnEmMGJVvbBvchTbF07pUucj3lgytOJx-zDSvWsqN1v75j8VnqI_E1l7azuNU_OaWhgptLhfCsHaVcsylRfAvhW6XPfxLv5X7ld4p4JQJl_gXDBqYQOvl-QnsaWay64vsY06V_jEAZPm5CjkzmZom0z0ZYMew9r9S0DlA8Gg2bC4xDuda1Te8gXYF36w5Y72XzgluTuO9R8O4j9Zv0sbkSN-vB70xxSUxo8I5FLjW4JTkfKDOJL4__1FxNtpZ8ivE_IhZIv0m2mr370ODZ3HIDgvBoOsWolTZCgfP4Nk2jq73oSwSTqvKRg52khtRuBJ5kpiwL32YVo_arv_07Xs50ZdnrmNfA78ZaQFEviyWNSwddmAHqqMIgBtttsjuRp0j4S5fy93KRJVCZUwwsVXbLe21PpGeTD-akD3MMzZlWorjPLuT7tHONwPTMO-I_S17L_sWfVF_RTGdkjh6gi2KW_AY74VQx8Y0L1Y2KakvaQyDiKxMQtTT5eduyY0b5C5oRMs2iBDlMkLmghvoSQRmeiEYp1uYj13mSL32ce6pUl1A7SlWz8RvwmQc2iKDu4rxGzNkwVrnI_IDThBOnMWvLY4c2LBQVN8Iiwo1_4m48WgJE4Hrp45rhaEu8WL2p-d7ee8EyaxWa13PSuVhyuc88eClkw-Hl5WziZ9tCehqa3c0u0R4stFj320xU2r97qcY5NjXNnXhrixVoAPNkTHGLZmmrsdO1lMEg5JKwLvyz5W0sHUg8usd8y83Ju7DeECbPKk27i8_OyuLbQ-wU_4fRplozu8R8gqvHdcniKR1vDLgCpW2L3EKFfsvh2n0MabXS1GCndnhsh86cISD2G93t71QkASixUeZcH0O3BcY6H0deGH-BKSLrlnscjP4uDQmkMLVgrmrMByZGc4ljr-XfmFzoYK8TU8ijUsXLCLIgVWxPvQc4AUSImCL_iZEOpIeOZ9RJ8xO8ABqmHRgJkXHNfIF4KJZLO2zaA3gdMDoM096moC9XW9cITxuoZOxLpG9wa4397RgHyffBIhnTHT7B1w4guTojWeuNZGb0eCq5yaEY49VdBCrVlGAKqCX3BlvcAJJsMB1xNTibf7ePrrStIrFr84rtiZJAP6Fn5wwwvGIuNtr25FBXLcoNJ0sZZ1OsZZCt0Ip7CHIsrULVYodjbSwSzgU1UYU-iGrKtXL4eef9WaMD9HFLOgYlMS42YiADQVJfiZwdvLQzCzT423WiA0Y2a_ePhkRXjXi0uC4839kKAaQEPzGvaNYnA5_npdIgx-eASi1zjKc6weTOVINmiwYblreHIhtd9jKSuasPx-cNtS0zIKeAj-YDTiL3GbJWyQAcLnHniM-l5YlO0lkpFTCs-Yx7dT7A6pgAA35mc4kYsBYJjheAmbD1YD7boFai501gt3FPylTYbe4nDSxUyRKJjQCZmqnzTaUZpLYwkzk13PJvr0mrybCm9tPJdydmAyWlLjHrpkCj-F0kwUQzl0QcVHaKA4qTTWtV-XbNRdM1_PWSe227Jrz1nrZZRweb4UhH5VV-2cXt24E28i9QOpN3hmpHbLgTfaL_NQgUMIE5LYBNN9lVyYih1hal3m0hkl0ljJ4J6Bc-vYrXuiubd6pr4CV9das15zTimC2eXEZdwe1TYklvUYqyuxkqQxPtA9G3cIohWkk2-bRH-bKZm8Uqff7nkjgc1_Plf_ES-iL-okwYiHqcqlc193BDZAXegWUy6WDhge76fSeE7F49ZhCX2LNvaFsEfgmy2tizznK4kpmrUz_RatQ20M0ea1cXTtqsiWQ5_RYhtPD9S7PodbRAcfqmWqSe8q6KwR06xWG2Kov30Ugmh2loE4Hmspn1TPO0GLXPQTfMmHcfBlZqOVhzn9qHeySrDe3KTdjG_ltd4PRAkKJmXL0OPe31P43I0gnFFwjn5MQpbxMEj7aFUCKHHvcyKPRuPTf4iObZhti4cXW2lv7pgVZ5Bw7dgY_ubMae5KWAdYiRsTOUVQ-gjJ4ajsIcCQ3QmdyeHI4QgIA-P6UxwQ-9PGs9KmLUhdJqQygm0BQqU6faZiwdxzIll61hv0xbs5WXbx3H69tXVbbr-WmAcH3Q7OZO4A-7q8fOBBiEjRIuY5bY6dfURG7qbzUJURa49CX76Epub1ggoWcqgIYt6wvMAqCN_SFq4OOuy_oNZmhxyA5lON2Q3ghfgSdW7UMwVaCZDXGEzURAHuznlh1gV2x45iGTj5uL2huBcX6CfsbMUH9ZWUpRmIuUzIc0U2Bk7xTIM5ik26uGsxOWI0w1I61zS92Z3eOid4us_PAxLSrIviNYuPPj9_e463sjGXISos4FyznrMvw0-0VJyQtPEvdTCTCSd7StQ8VAISKzmQ0rUYA8FGIeihURJTZye3U7wtJ1snU4SbM6Yxs5-ILNWJCatznGPZUIIc-lthEwF0f8kMEQuQivCLfxfwJVq_DFyPU7RxFwq-lk2iHC77o90rygfuv8ApGMmjXhGCyEx02n80IL226vEFsr6dpuNt6yTroVJjLfvuBB-IZHeSnNVgAxTaGkr7PPqLQRMZHcoq8uPuV5nEmcbSpPSXYMIcegPHl1r0Cu5cmRqHr0ByjZ-ZFxVXUy_ebMf_ozEkdhNRvcqG5NIE6zTzontzowXUR7Ug2mHfOXtQE1Ak8Aw_AMxIorKzCBBEig0ldXJGBHc1vStpAv_-SJy2indu_7lrc8ImfQhwzHh5qpeqbvX6I_QkbLhcGHmdPkzras9fY0aNYaIiDMow8vPk6iH52V4dPxxWkl5rrpXvW1Rutlu4DWi6G21hABCrPBxIWcolKTFM_1EaH3MDk-lBaq21CxCsm5_jC3WIOCbKLO-pG9mR6o0HJdI-sWekafuxXodIDFOMWX5N-Wyw0uYM0PJuGOVev8Iow6GfTNC_0nRsw8T1EtUgutslez6s-V1MDDsEXRyITiDr5kJwJoQMdMiKmB34BorV8asyueZoC53t7Z5yPwrQ4yEiifpQtbTErvMkahdd24Qds7kzmrJK4YDXjfTN2U3e49HTKNmxwbgNjil86Nvip62jFo_ITY5ELWkDrO1-om8CzpecG1O17DdXdDi9x4Moix37lyBzJKGq_1SfdPueXw&cid=CAASBORogQ4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f156.1e100.net
Software
cafe /
Resource Hash
6efa05499cfdb8c0e1c41bf25c7a5725ceb445c93e11a6b5ba9ed730bd37b111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15326
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 6763
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?BV7kxg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:47:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame A525
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 12:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 12:03:36 GMT
file.mp4
r5---sn-h5q7knes.c.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A525
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r5---sn-h5q7knes.c.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r5---sn-h5q7knes.c.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E32EEE98599871F3BF4A9F8469EF2650511CBB5.3A90C9EF8B7B3373A42648177230B6A1F1A930F7/key/cms1/cms_redirect/yes/mh/XT/mip/2a00:1630:2:602::14/mm/42/mn/sn-h5q7knes/ms/onc/mt/1656499248/mv/m/mvi/5/pl/32/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4003:6::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 10:47:03 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4438949
Last-Modified
Mon, 13 Apr 2020 13:18:59 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 29 Jun 2022 10:47:03 GMT

Redirect headers

date
Wed, 29 Jun 2022 10:47:03 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
649
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r5---sn-h5q7knes.c.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E32EEE98599871F3BF4A9F8469EF2650511CBB5.3A90C9EF8B7B3373A42648177230B6A1F1A930F7/key/cms1/cms_redirect/yes/mh/XT/mip/2a00:1630:2:602::14/mm/42/mn/sn-h5q7knes/ms/onc/mt/1656499248/mv/m/mvi/5/pl/32/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame D1F2
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
81540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 12:08:03 GMT
expires
Wed, 28 Jun 2023 12:08:03 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js
pagead2.googlesyndication.com/bg/ Frame D1F2
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/dau_FpmLnjA1nZzZFDoTX4UbCPbIdSsT1MkkAohHNiI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:33:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14011
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 10:33:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D1F2
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BV-Mypy28Yo2FKu_BzAbQvIrwDAAAAAA4AeAEAg&bg=!1tWl1ZHNAAa8IIBmnCA7ACkAdvg8WmLM7XucTeWCSSxy5JfkgOqOIaSxVRmgKlW06Q4QmrKfEr81zwIAAABGUgAAAAJoAQcKAEMFHR9zRokSUu7AAWt0DjuylxX5onK_S-MQnUEWiFhO-m2N5rQCTyystC0uCIcxfA-TLSZuilVLxnJIM8HYSZWc-DAymQLxJ1LKDWLa2g5-4gwiIRJ9WmsR72bYzSnzLPJxkHF_laMye_wzxYRY8wo4pLgDKQReU0ODYG-_DBLIH3infTqtX8flgf5kuDFZ3krMKf4HbCFik35xaqlPArxQs3j8riHPdFcQ80DXyk2RYFHsEz5rvpgh7CsAOQ29e8-APRhngTJQaZQRyxocQfNgMeW3Cc9H8nsvfDjYWDCZk6ym-mhNAXC2_eo3V88Spcfb9XzIFQJt2hIaxm3Ya-D11Kj3UBQPBEdosY9nbYuW8m0gKrKPbyEtbybiawtskHnepp2VJjmJSyQ93ydd9EzG79DO1Et4OyinGtXH4OEXIqNXbXliOxRSltgZRrU8JPaOvuy-ue-MeqRZgS0MlaChYRew8vSG1OhTHEIrpIQ3A7hzPyRhBxPpdh-y4e0cyI_5oehhnm5srRFZrbzzsxdmGRQywwkmKqIhQ0Dt3XwIUZmsyS1kXqHLILoBfadXMgqR7frW2ut579MV-UQsl8Sdvp26TI3oloXXg5XgSXQPdThXBXZFIo3pUzYU4nfL4lAak9dQApjZc985SzhbMEszLTR7wV3tjLgDNHlbwkKDaAKObJ3pziI4n8ZHaCqywgSvz33sU4u2GvjRxQ5vxSn6hNhDsQc3PlGKuPS94fSffE-cPPpg2vf0FwHdB4mIfiDMjhbCiQ66GiO-Gx1oxAQ3nnj1V2ZKdMAFpnpfHpToulnBdq8sxBeFFZHiVyXMOAlkwDC_uqKQOqBU4zmNtNm90mOzBdPOh17zpn91KwyjaWOYEHGg6K-J1lqusYifdNosUlXFrXb3TAoioJcj5jHBVw7lSAZxb5tiqkPckbpfLW-I2iIHgiicRsjSb84C4H-SmhY5DeMq4gr9ajj3_5-sHbWBsDdOtPy6RuBJwyVoi-gIzxnrlpQZAuQB-2dzYLA-Fx6iqAVAsHEbvBlGj03bobK4VB8fCIX6OSOfpKPPf8frzHQ64-rrSxQ73C20gTVpRkJWtqXd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r5---sn-h5q7knes.c.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A525
193 KB
0
Media
General
Full URL
https://r5---sn-h5q7knes.c.2mdn.net/videoplayback/id/1fd88d1e73fb491f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1688035623/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7E32EEE98599871F3BF4A9F8469EF2650511CBB5.3A90C9EF8B7B3373A42648177230B6A1F1A930F7/key/cms1/cms_redirect/yes/mh/XT/mip/2a00:1630:2:602::14/mm/42/mn/sn-h5q7knes/ms/onc/mt/1656499248/mv/m/mvi/5/pl/32/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4003:6::a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 29 Jun 2022 10:47:04 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-4438948/4438949
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
4438949
expires
Wed, 29 Jun 2022 10:47:04 GMT
last-modified
Mon, 13 Apr 2020 13:18:59 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220623&jk=1041333213195182&bg=!b2ylbCjNAAa8IIBmnCA7ACkAdvg8WqVqgMsHbZFMy9hXR5m3D1Fup3JBKEIy1hfnNH_AN-Z77nsoJwIAAABqUgAAAAJoAQcKAKRV7ivkDBVVFzvon9XrzpmTvGAl6BLPyZVndBv3iwdn9ITrIPnstrKB37WeL_sndOtciNn6Qm0O7jQff1PumDhNqlMTieMVWHdpIrcmJMwhQJgBA3NQKQJE2_hIljgSh-PPgGeu1bMeX1DYV399xWxl-yRa4KKyGFHYO10nm7436rH25a9mlv2nZcXnnfCs3Xzbi4lwAChzocft4hosQ8nWHi5EepkCno39ycfRqly75r_PQbEiVKCzqcBjj2jqUUOYt2NvZw0ODBrNy5-wpg3gtB_mr3jz8zum1rtVWR4O69nYJ0dot0utNicV0nXeQknFGytt-gpFFHKn_laS5m09_GkPUIWjE0-Zp9RTdFQ3ZDf5sgjRZbjct2S7j70PQCIE5XgyYCgMaABgWOpeEZvUS7dzetUYvYw2y2HpDCXb1IU2ssPfCBeSpm40tk9stv8rvnOEzTeZRYpIAUWpVZJhbCaHhiOA4PCnudWAuFG6QNwP0tPAqDhVoEt9V9_EdMBVJHkQaUL6h3Gh5aUHgynmBkLf1jbpzClJTuEBPiUS9D3VLWt6vMgCLpavWYfmvXUA70ES50UhxIoHjlHUg2JuLFCvRU0WlS1rC3sOv0DsGpQsAP0GwX-hSRO0qdgAFgxefOsBJ-qIdsNvhS4G3jBxhTHpvDGJ5Fy-C2-ozCbAy3GErdJWyDfwIzfL6i3y7p_bhREL2J9uwDy9TjwD7dZk-gQvsRYGievhln85vZHE9prO1WbmOv5BzIljBA4kLZUtTdetNs4_6bVBNjMVYRT_3YNIktC0pAGJ3QRxx6zi2AuZW7pFzsT1qDxdOvv81va_dJ-ade7SPtL9JLObgcNcAXHa_J8MiaHOXBb8Ub3fxfsfWKsMG1JL8kqmwCVEvVfzLS3dGPAQb_KRZgVWRYncCpVLkpvPeZ1cgbQlsu-OWtFoy2rxyfj27rkbFz86NF9AcvUEpzOLTiWevdIemNFSPjQswtribBq5pb96GKrpbaAydHD_SWmlJYsOrGkffkw8y0rLW4uP9exiwfqG1Bs_IhMpiWWHnA2VRgYaUI2VZvJnuzTz53VkfPXUULEGEbhfyr_p6dfB-57qOTSIQQGp1K6dH2U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.pinoy-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame A525
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l4zh3tt8&c=1417560335220&slotId=708780167610&qqid=CMrzz_y90vgCFcvq7QodGEsKQg&fb=outstream-lima&gpm_i=11&gpm_c=11&gpm_a=11&smb=1000&br=988&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=14&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=2&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220613_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4005:808::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 10:47:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| rS string| rI string| pI function| IFrame function| Elements function| Cookie object| MooTools function| typeOf function| instanceOf function| Type object| Browser function| $constructor function| $family function| Class function| Chain function| Events function| Options object| Slick number| uniqueNumber function| $ function| getDocument function| getWindow function| $$ function| addListener function| removeListener function| retrieve function| store function| eliminate function| DOMEvent function| addEvent function| removeEvent function| addEvents function| removeEvents function| fireEvent function| cloneEvents function| getSize function| getScroll function| getScrollSize function| getPosition function| getCoordinates function| getHeight function| getWidth function| getScrollTop function| getScrollLeft function| getScrollHeight function| getScrollWidth function| getTop function| getLeft function| Fx string| user_device_type object| Maxlength_on_number_fields function| get_parameter function| popunder_on_submit boolean| popmaster function| localStorage_is_supported function| openWindow function| enableFields function| log_misc function| get_enc_type function| isIE object| scroll_into_view function| field_jumper function| backwards_button undefined| trackEvent function| goToNextPageByGoButton function| appendScript function| checkPerformanceEntries object| ab object| log string| winnerH1 string| winnerImages function| writeImages function| enable_fields boolean| page_submitted undefined| field_validator string| current_page undefined| mooli function| pregame_survey function| page_process function| bigger_checkbox function| iframe_selector function| open_iframe function| open_layer function| clean_links function| add_pop_iframe_closer_events object| POPUNDER string| sponsor_switch string| sponsor_switch_wingame number| sponsorlimit string| context object| sponsorArray number| no_sponsor_list_link number| ST_speed number| zeiger number| label string| labeltext boolean| do_preload number| first_pointer function| testLogo function| preload_some_images function| sponsorenSlide function| iframeLoaded function| Sponsorlist_sweepstake undefined| dccBts object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| google_llp number| c2 number| c1 number| google_lpabyc object| GoogleGcLKhOms object| googletag

2 Cookies

Domain/Path Name / Value
.pinoy-offers.com/ Name: __gads
Value: ID=95b31574e8523dd5-225ee795bfcd002f:T=1656499622:RT=1656499622:S=ALNI_MYWB2_y2fcVB9oBZLWJRdRcfKGc_g
.doubleclick.net/ Name: IDE
Value: AHWqTUnZqHcH0tqGye5FdBQpZZYiDgL0bDqxzZtF6FDxOOx-HHDYzQsVsPfa9-BHrec

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pinoy-offers.com
r5---sn-h5q7knes.c.2mdn.net
tpc.googlesyndication.com
trk-consulatu.com
www.google.com
www.pinoy-offers.com
142.250.185.98
142.251.5.156
188.114.97.3
2607:f8b0:4005:808::2003
2a00:1450:4001:800::2001
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:4003:6::a
2a00:1450:400e:811::200a
2a06:98c1:3120::3
02524a4f2d5b6834d2de349c41935a3f195d9bc98e7c5a65a50b658976c92255
06bd267c7ee7a6edf9915700cf554ed0494ed2feb634431e003f852362cd6757
0e3eb5ad3f7b78ca83bb84f3d53e3387b49c066285a61933ac9ff767cd444059
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2532239f8c976a8379fd80999aa854cf0a94b0365846826bde71571f513c57e4
267e37418cf21a2c2c9da1fbf3d4a6f60f8c92728677c1c6719b6eff35e2cd05
2915756289e00f26ea66d2cfbdddb890bf2eaed1823e2d4b5855f49eea567064
36f4f714ad57add230f5b79f815496b4dcf85dd0b17d2c64a26c604d2f82175b
433379cf128a6dddc925df88ee578e0569825152b3a5d248f744adcf6a66b26d
4436ee9212fb2d7d3763f9c23ff54e2dee216da22876a1b475bf8619c12ede0a
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4971b7132c11c230a07ee41510e916510512cbc50e4e71bff6d8fdd69f128cec
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5fc6387ee444151626a23f9b279ad06a224d5973b5643caf27f24a67228fba37
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6ad0fe51bb40de06e9859d0f20a7c32064c38abcb8fa331b4cff56cbe13e0a7e
6efa05499cfdb8c0e1c41bf25c7a5725ceb445c93e11a6b5ba9ed730bd37b111
70c8516bd6086002f985cbd7d5528d22416787a3a53c6cb316aac7b6862260f2
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
75abbf16998b9e30359d9cd9143a135f851b08f6c8752b13d4c9240288473622
7e0cea3731c4ed59dd5e7a848c0bab84dbe5789f655e932899209c888c7500af
7ec8cad2e06dfe81cf44121032ec6e4dcfe98f973669716f95db93e258daaa7b
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
873efbe9a772c3028f73333a992fe64588f3f0d0ffc8b99a774e3b989193336c
8d87fd1ebb99975bb132457077ace43966d52f1557c7b20c8241bdc3c7c2d6d2
9629e0eadc54f8c78e52f511289dc48a680732afb660580bc57739a7c642b3ad
9ab2cec5ea7a759222d6779d7bc7fde3f1635bba51e80efc4c2267976ce5a28e
a1bd01607f13ad10f86077d313458152568f82a27d8a71f5096c5dabab8cc395
a211fa8cfb82dcb3b146a1b52b658cb54aab0e8643753a2ee4e91bbab7cea84d
a21831ac4f24048810bd0abb23b69ff4655e5d3290d04b6d8af637180698ac3b
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
ba5e131113c160b830d9e4919d4c6507221a7ce1e71f1f75f8f6ea87d8656977
be0e66141e099739e90785e74a75e7aba4a5a3aa36c414e867c41f0ced9b0a36
c0a8f9bac365fe0a1b11f876f54261052f2ac4b17098ad1d9f46153f327a1f07
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
c7ff87147e552055d276a584fbf0fb09c6d27fd7a88c3c0e19b1aacd37196ad9
ce9270243ec589018ab43303236aa3e90eac41aa40fcd98b26f7351b22986432
cfb89efa9840532f1b638d5bf3a40134c21de938f3feaaa3cf16f4ca41f20830
da7c8fe9740251473282b7f2b561c64943beb8b97187bd901c024cf4d82ca743
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d064110f628b672ec789f009bf2124df9b927d70b8e3a0a355c93399bdb0cc
e8520fcbe02b63d1ed79d4fe6b9ffb8b2875fcafb5232cba605370849c6b4095
eb512baf860da2818cb24564602d28c1e2cb59efb7bdcc97a42b068258b3220c
ed73382f71d9cc46e06a77d0edc293431dd3734dfc5b80e40b6e0f0f1f57859e
f5a861b6a1e72d051cee77e448971dcb484cb0fbebffc6f889f33c9f3418cb65
faaf7bd69fc5fc8e9c84197897e6a7d05eb40719d5ba50ef9ba94dbc70d8e193
fd48ba2cec7ec8424c38af70d7516e7ce54aab084c075020f7e2a420d042a1da