www.prmdeal.com Open in urlscan Pro
158.85.25.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.prmdeal.com/coupons/heroforge.com
Submission: On November 06 via manual (November 6th 2020, 4:14:54 pm UTC) from US

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main IP is 158.85.25.51, located in Chantilly, United States and belongs to SOFTLAYER, US. The main domain is www.prmdeal.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 3rd 2020. Valid for: a year.

This is the only time www.prmdeal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	158.85.25.51 158.85.25.51	36351 (SOFTLAYER) (SOFTLAYER)
13	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4002:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
31	7

10 158.85.25.51 (Chantilly, United States)

ASN36351 (SOFTLAYER, US)
PTR: 33.19.559e.ip4.static.sl-reverse.com

www.prmdeal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4002:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	prmdeal.com www.prmdeal.com	94 KB
8	doubleclick.net googleads.g.doubleclick.net
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	197 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	832 B
1	google.de adservice.google.de	832 B
1	googleadservices.com partner.googleadservices.com	629 B
31	8

	Domain	Requested by
10	www.prmdeal.com	www.prmdeal.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	www.prmdeal.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	www.prmdeal.com www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
31	9

This site contains no links.

Subject Issuer	Validity	Valid
prmdeal.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2021-06-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.prmdeal.com/coupons/heroforge.com
Frame ID: E5FA3DE00B25728070D2F98127CA0A68
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: D6E84CC8E8A05D73A1A25F28E116DC57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=280&slotname=8244855536&adk=2149018022&adf=2689116385&pi=t.ma~as.8244855536&w=900&fwrn=4&fwrnh=100&lmt=1604679277&rafmt=1&psa=0&format=900x280&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277543&bpp=32&bdt=113&idt=126&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=287112247536&frm=20&pv=2&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=41643&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2BQi1sx95s&p=https%3A//www.prmdeal.com&dtd=146
Frame ID: CCA11B91B9663E7BC3AA187A3622B7A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&slotname=2198321937&adk=1073223704&adf=223692363&pi=t.ma~as.2198321937&w=288&fwrn=4&fwrnh=100&lmt=1604679277&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277606&bpp=6&bdt=176&idt=97&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=172715&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=77cKQsVHX4&p=https%3A//www.prmdeal.com&dtd=102
Frame ID: 9693C3BFB3976C9C722F7BA4947F5FBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&adk=1812271804&adf=3025194257&lmt=1604679277&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277761&bpp=1&bdt=331&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=2763455&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=5
Frame ID: 8A1F8D2B845955F09E02D1C7C25B1C1A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&adk=53848486&adf=3860085791&pi=t.aa~a.3493676507~rp.1&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jC0A4HJWMk&p=https%3A//www.prmdeal.com&dtd=21
Frame ID: A25606DA5049A773D33D76E52E4F969C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&adk=53848486&adf=544027183&pi=t.aa~a.3493676507~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=wOgeEqWJ5h&p=https%3A//www.prmdeal.com&dtd=25
Frame ID: 89F739BE78969822CE5D9C86695F6AE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=240&adk=379499702&adf=2710887414&pi=t.aa~a.3493676507~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x240&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0%2C288x600%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=4hZZBOSp55&p=https%3A//www.prmdeal.com&dtd=30
Frame ID: 173D58F83042C43B31120DFA377E8272
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html?fsb=1
Frame ID: CAA811C8D0C7300DD02EADFF0098AB75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 31E8C2D26EC18170F0C025B37A4299EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /php\/?([\d.]+)?/i

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

31
Requests

100 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

340 kB
Transfer

896 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request heroforge.com Show response
www.prmdeal.com/coupons/ 68 KB
8 KB 599ms
111ms Document
text/html 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prmdeal.com/coupons/heroforge.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash: 543592b4a36dc91c239cb3d3e859f8c5da5b0111f2dd840c3a0c69607eb2c9f5

Request headers

Host: www.prmdeal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7641
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK puplic.css
www.prmdeal.com/public/css/ 29 KB
6 KB 105ms
105ms Stylesheet
text/css 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prmdeal.com/public/css/puplic.css?v17033005
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 551e560cc5d7a5c4e6441329addc6d7dcd0b98cb991d7f24009d1b46dbc94e15

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Jun 2019 07:48:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "7456-58b8039f53800-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5365
Expires: Sun, 06 Dec 2020 16:14:37 GMT

GET
H/1.1 200
OK logo.png
www.prmdeal.com/public/img/ 4 KB
5 KB 310ms
103ms Image
image/png 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prmdeal.com/public/img/logo.png
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 86216b9d1a69c6a95179dc7857d15afb76aeb17f59ec73f4c1c568d6952bd1a5

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Last-Modified: Thu, 13 Jun 2019 09:33:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "1103-58b313831cf00"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4355
Expires: Sun, 06 Dec 2020 16:14:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d75a4d5837957efab2a6fa9194a5e0715f46529abe866ef2861db2593ad2a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 16:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45405
x-xss-protection: 0
server: cafe
etag: 12376148264520793524
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 16:14:37 GMT

GET
H/1.1 200
OK 201804161433006546.png
www.prmdeal.com/public/upload/store_img/ 22 KB
23 KB 310ms
103ms Image
image/png 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prmdeal.com/public/upload/store_img/201804161433006546.png
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: d5081779ebda20b3d97d0a06b1b6dea4ac9f234b9852fb2b3165ead26421a38b

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Last-Modified: Mon, 16 Apr 2018 06:33:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "5964-569f164a31f00"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22884
Expires: Sun, 06 Dec 2020 16:14:37 GMT

GET
H/1.1 200
OK jquery.js Show response
www.prmdeal.com/public/js/ 92 KB
33 KB 217ms
111ms Script
application/javascript 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prmdeal.com/public/js/jquery.js
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Nov 2017 10:05:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "16f44-55e8f76adf700-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 33274
Expires: Sun, 06 Dec 2020 16:14:37 GMT

GET
H/1.1 200
OK js.js Show response
www.prmdeal.com/public/js/ 12 KB
5 KB 308ms
102ms Script
application/javascript 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prmdeal.com/public/js/js.js?v17033005
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 6e06c3508be36c0188b091a892d5b7660b371b2fada35ca1aa30b1647d90ef8a

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jun 2018 04:15:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "3196-56f6fa15f8cc0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4235
Expires: Sun, 06 Dec 2020 16:14:37 GMT

GET
H/1.1 200
OK flashopt.js Show response
www.prmdeal.com/public/js/ 10 KB
4 KB 308ms
103ms Script
application/javascript 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prmdeal.com/public/js/flashopt.js
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 7d96c751a6ac401305b525343640333ece3e9f767c35a22750abe63d949c42c3

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Nov 2017 10:05:48 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "261d-55e8f76adf700-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3352
Expires: Sun, 06 Dec 2020 16:14:37 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
87 KB 61ms
47ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 16:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 16:14:37 GMT

GET
H/1.1 200
OK global_two222.png
www.prmdeal.com/public/img/ 11 KB
11 KB 199ms
104ms Image
image/png 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.prmdeal.com/public/img/global_two222.png
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/public/css/puplic.css?v17033005
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash: 66a862d8caa17a5a2e3e767d586273f22b87521d874991ae87c5b6846a6c1424

Request headers

Referer: https://www.prmdeal.com/public/css/puplic.css?v17033005
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Last-Modified: Mon, 17 Jun 2019 05:10:58 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
ETag: "2a78-58b7e05807c80"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10872
Expires: Sun, 06 Dec 2020 16:14:37 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame D6E8 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 05 Nov 2020 18:17:45 GMT
expires: Thu, 19 Nov 2020 18:17:45 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 79012
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
629 B 106ms
37ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.prmdeal.com&callback=_gfp_s_&client=ca-pub-3346821601642162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

63a106a74f0f41768479b4e7f28184fdaa9326e348a4b39563f65f0a4c5e624b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 16:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.prmdeal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 16:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 88ms
35ms Script
application/javascript 2a00:1450:4002:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.prmdeal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4002:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 16:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame CCA1 0
0 539ms
538ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=280&slotname=8244855536&adk=2149018022&adf=2689116385&pi=t.ma~as.8244855536&w=900&fwrn=4&fwrnh=100&lmt=1604679277&rafmt=1&psa=0&format=900x280&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277543&bpp=32&bdt=113&idt=126&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=287112247536&frm=20&pv=2&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=41643&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2BQi1sx95s&p=https%3A//www.prmdeal.com&dtd=146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJOrzpKo7uwCFQEu4AodNT0MWg&gqi=bXalX6biKtGcgAe02Y2oCw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=280&slotname=8244855536&adk=2149018022&adf=2689116385&pi=t.ma~as.8244855536&w=900&fwrn=4&fwrnh=100&lmt=1604679277&rafmt=1&psa=0&format=900x280&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277543&bpp=32&bdt=113&idt=126&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=287112247536&frm=20&pv=2&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=41643&dssz=11&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=500&ady=510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2BQi1sx95s&p=https%3A//www.prmdeal.com&dtd=146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJOrzpKo7uwCFQEu4AodNT0MWg&gqi=bXalX6biKtGcgAe02Y2oCw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 16:14:38 GMT
server: cafe
content-length: 31569
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 16:29:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 16:14:38 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 108ms
59ms Script
text/javascript 2a00:1450:4002:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4002:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83f33217668ea0cf73f32254a7c4f618eb2cd59e17de4f545eae13aaf269b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 16:14:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604602186333881"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27601
x-xss-protection: 0
expires: Fri, 06 Nov 2020 16:14:37 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9693 0
0 423ms
422ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&slotname=2198321937&adk=1073223704&adf=223692363&pi=t.ma~as.2198321937&w=288&fwrn=4&fwrnh=100&lmt=1604679277&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277606&bpp=6&bdt=176&idt=97&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=172715&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=77cKQsVHX4&p=https%3A//www.prmdeal.com&dtd=102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNauz5Ko7uwCFVAl4AodaJUKpQ&gqi=bXalX-nsK8Ht-ga15IyQCA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&slotname=2198321937&adk=1073223704&adf=223692363&pi=t.ma~as.2198321937&w=288&fwrn=4&fwrnh=100&lmt=1604679277&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277606&bpp=6&bdt=176&idt=97&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=172715&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=77cKQsVHX4&p=https%3A//www.prmdeal.com&dtd=102
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNauz5Ko7uwCFVAl4AodaJUKpQ&gqi=bXalX-nsK8Ht-ga15IyQCA&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 16:14:38 GMT
server: cafe
content-length: 31754
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 16:29:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 16:14:38 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.prmdeal.com
URL: https://www.prmdeal.com/coupons/heroforge.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1512
date: Fri, 06 Nov 2020 15:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 06 Nov 2020 17:49:25 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8A1F 0
0 388ms
387ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&adk=1812271804&adf=3025194257&lmt=1604679277&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277761&bpp=1&bdt=331&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=2763455&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&adk=1812271804&adf=3025194257&lmt=1604679277&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679277761&bpp=1&bdt=331&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=900x280%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=2763455&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 16:14:38 GMT
server: cafe
content-length: 38363
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 16:29:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 16:14:38 GMT
cache-control: private

POST
H/1.1 200
OK / Show response
www.prmdeal.com/ajax/tk/ 0
619 B 111ms
110ms XHR
text/html 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prmdeal.com/ajax/tk/
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/public/js/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.prmdeal.com/coupons/heroforge.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 0
Keep-Alive: timeout=5, max=99
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK / Show response
www.prmdeal.com/ajax/get_coupon_list_vote/ 975 B
559 B 110ms
110ms XHR
text/html 158.85.25.51
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://www.prmdeal.com/ajax/get_coupon_list_vote/
Requested by: Host: www.prmdeal.com
URL: https://www.prmdeal.com/public/js/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.85.25.51 Chantilly, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 33.19.559e.ip4.static.sl-reverse.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash: 8d105509c375ef112d1b4f907f651a2500c132186b5d0a7f7f0e72e15d29a487

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.prmdeal.com/coupons/heroforge.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 06 Nov 2020 16:14:37 GMT
Content-Encoding: gzip
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 252

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
66 B 14ms
13ms XHR
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1835125810&t=pageview&_s=1&dl=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&ul=en-us&de=UTF-8&dt=Hero%20Forge%20Promo%20Codes%3A%20(%245%20OFF)%202020%20Coupon%20Code%20-%20PrmDeal.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=838984236&gjid=806666271&cid=1895101173.1604679278&tid=UA-96434481-1&_gid=158695746.1604679278&_r=1&_slc=1&z=2107344244

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 16:14:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.prmdeal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 144 KB
52 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd95bdc3a8d3737df47b88e6518478ce73c1565b0d6b5d8f1118f44dd600d80f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 16:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52955
x-xss-protection: 0
server: cafe
etag: 2958341451265601760
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 16:14:38 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A256 0
0 413ms
413ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&adk=53848486&adf=3860085791&pi=t.aa~a.3493676507~rp.1&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jC0A4HJWMk&p=https%3A//www.prmdeal.com&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&adk=53848486&adf=3860085791&pi=t.aa~a.3493676507~rp.1&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1385&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=jC0A4HJWMk&p=https%3A//www.prmdeal.com&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmir3a_bEl1Z1n8eS6-FPDhxu6GKTx8LAeyGqvgd-5YLscobs8OGqpSYUKo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 16:14:38 GMT
server: cafe
content-length: 26512
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 89F7 0
0 531ms
530ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&adk=53848486&adf=544027183&pi=t.aa~a.3493676507~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=wOgeEqWJ5h&p=https%3A//www.prmdeal.com&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=600&adk=53848486&adf=544027183&pi=t.aa~a.3493676507~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x600&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2460&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=wOgeEqWJ5h&p=https%3A//www.prmdeal.com&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmir3a_bEl1Z1n8eS6-FPDhxu6GKTx8LAeyGqvgd-5YLscobs8OGqpSYUKo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 16:14:38 GMT
server: cafe
content-length: 26403
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 173D 0
0 395ms
393ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=240&adk=379499702&adf=2710887414&pi=t.aa~a.3493676507~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x240&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0%2C288x600%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=4hZZBOSp55&p=https%3A//www.prmdeal.com&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3346821601642162&output=html&h=240&adk=379499702&adf=2710887414&pi=t.aa~a.3493676507~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1604679278&rafmt=1&to=qs&pwprc=4120024812&psa=0&format=288x240&url=https%3A%2F%2Fwww.prmdeal.com%2Fcoupons%2Fheroforge.com&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604679278200&bpp=1&bdt=770&idt=1&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daaae8fce7bea822a-22663b8c65a600b8%3AT%3D1604679277%3ART%3D1604679277%3AS%3DALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw&prev_fmts=900x280%2C288x600%2C0x0%2C288x600%2C288x600&nras=1&correlator=287112247536&frm=20&pv=1&ga_vid=1895101173.1604679278&ga_sid=1604679278&ga_hid=1835125810&ga_fc=0&iag=0&icsg=36317887&dssz=18&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=3415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44726948%2C21067166&oid=3&pvsid=1351960372431574&pem=249&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=4hZZBOSp55&p=https%3A//www.prmdeal.com&dtd=30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmir3a_bEl1Z1n8eS6-FPDhxu6GKTx8LAeyGqvgd-5YLscobs8OGqpSYUKo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 06 Nov 2020 16:14:38 GMT
server: cafe
content-length: 26414
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 06 Nov 2020 16:14:38 GMT
cache-control: private

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame CAA8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmir3a_bEl1Z1n8eS6-FPDhxu6GKTx8LAeyGqvgd-5YLscobs8OGqpSYUKo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 05 Nov 2020 19:24:10 GMT
expires: Thu, 19 Nov 2020 19:24:10 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 75028
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
33ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccff765a1c2a0ae4890b2e6fc52026b6c4c03353053e7957b7722c7bf9d2e578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 06 Nov 2020 16:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6389
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 16:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 06 Nov 2020 16:14:39 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 31E8 0
0 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.prmdeal.com/coupons/heroforge.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.prmdeal.com/coupons/heroforge.com

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Fri, 06 Nov 2020 16:06:47 GMT
expires: Sat, 06 Nov 2021 16:06:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 472
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
146 B 44ms
43ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=1351960372431574&bg=!IyClIADNAAXuKKZk7lh-Xr8A5XO4NQIAAACXUgAAABRoAQcKAcXfa2k5oEsyQ2ymuWMSW5HtGcuT1dggFts3XwLrF-3W7jcASkIAVylLMWO1sG_ZNQ4jvk8hRJJCaR62kjKB38EBWxiXg5IlRUEMUBQth7DqQm8TeWKJ_HHZ5ycwqMbnF6Ar5KzKSSWi6PsK6xO_cKy6D4dIO6pS0tyfo74wLRQZeMOaVRyqD1bHj5-bUwXaWe35hKg3Se7tScNCuYchUDwahaa3kYnvQRvjf4KNiUmfzEfUakREkfSATbgYBiMuKih4shEhfpct_VNNl4HZ_mVqahPD3ZMAb5ClnU5cakRPpl-vC12Nu3dMqqtyqKDW1X0Rk7I2fYuzVpZX1m4wmSj00g_NtnrBrrLCiWYHVWGwdCxp2XLSdHIYAA5d7_ihB0ac858jZE7BBiq8gpFOw9WlqHeNV072WQmYTurEmInq-zDRH1NpFgTXPmmZTDyMOb2RA4stb8TiU0uHzRSoblWF9C4w28Tl-HQxhAgoHa4sVMbAyCn1qpiPblqFR9Tkih4DqkfYp0ohi3QXkJ0q2KP-G9ZK0OvNfelqIDZMzLseHGNWhjuFi_S8x-GH6Mjx4zn4ggQuSTp0UwAJCBFRyS3PgyM4Mx-ZAbgHPZ6_vKDh2bdqX5ztdtOvvyZi5YenjFlswo5deXYfbM2zfuObM5snNIg_7wXu6uIHLHkSrDdbiaHKZo2rUi6WNcCNRScnlbA-UySNYK7tQ9son71VmQlty5fxuu7OGvkhuPkr69wdQDcGhlf0BWBIjUy9fHpLRBbY66Slw2b8MsZ4hFb7iEVu3tjdGCVKgrmyHgeswQ_xgLa2p9SJlLrNYc50mfSFrZCy8tvmyA9PnRVBQGJX_Gqml0Hj8bzyENpzhV_xTig4P49CLAyiZx0RKAlL2UGToo2InADesQjwyyzBibCW2ym0aRzumxOsk_ySEOXl4Wc5uYozzMIMjHoRwiyqjKqWREu6mAOyUDtK7DNnwnz1cdJkyiNbosTRlx2iiyWUwvHNs7wsY6edPNWNy24WqyG1f7xvn4JnsO65qw1liSzKCkU9YOlq7hRtTAhrXFm1vJffi17HxeujanJzQUVGM9sMzKJF-mQfQt774uaIrVmuR0TSC5WTXThlLHIE9kDcPSi9HXQeF4BNVZbFSdoxizEGE_ak2Q5BTpg1gyTwTPNxsptGCGWEqKbFADQfyB-iEPG65Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.prmdeal.com/coupons/heroforge.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 16:14:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:44:42	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 23:06:15	Name: IDE Value: AHWqTUmir3a_bEl1Z1n8eS6-FPDhxu6GKTx8LAeyGqvgd-5YLscobs8OGqpSYUKo
.prmdeal.com/	1970-01-20 07:15:51	Name: _ga Value: GA1.2.1895101173.1604679278
.prmdeal.com/	1970-01-19 13:44:39	Name: _gat Value: 1
.prmdeal.com/	1970-01-19 13:46:05	Name: _gid Value: GA1.2.158695746.1604679278
.prmdeal.com/	1970-01-19 23:06:15	Name: __gads Value: ID=aaae8fce7bea822a-22663b8c65a600b8:T=1604679277:RT=1604679277:S=ALNI_MYqWQpLJ9qgNQSL327brXJaOciBOw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
www.prmdeal.com
158.85.25.51
172.217.21.194
2a00:1450:4001:802::2001
2a00:1450:4001:815::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81b::2002
2a00:1450:4002:802::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
4d75a4d5837957efab2a6fa9194a5e0715f46529abe866ef2861db2593ad2a63
543592b4a36dc91c239cb3d3e859f8c5da5b0111f2dd840c3a0c69607eb2c9f5
551e560cc5d7a5c4e6441329addc6d7dcd0b98cb991d7f24009d1b46dbc94e15
63a106a74f0f41768479b4e7f28184fdaa9326e348a4b39563f65f0a4c5e624b
66a862d8caa17a5a2e3e767d586273f22b87521d874991ae87c5b6846a6c1424
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6e06c3508be36c0188b091a892d5b7660b371b2fada35ca1aa30b1647d90ef8a
7d96c751a6ac401305b525343640333ece3e9f767c35a22750abe63d949c42c3
86216b9d1a69c6a95179dc7857d15afb76aeb17f59ec73f4c1c568d6952bd1a5
8d105509c375ef112d1b4f907f651a2500c132186b5d0a7f7f0e72e15d29a487
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
c83f33217668ea0cf73f32254a7c4f618eb2cd59e17de4f545eae13aaf269b2d
ccff765a1c2a0ae4890b2e6fc52026b6c4c03353053e7957b7722c7bf9d2e578
cd95bdc3a8d3737df47b88e6518478ce73c1565b0d6b5d8f1118f44dd600d80f
d5081779ebda20b3d97d0a06b1b6dea4ac9f234b9852fb2b3165ead26421a38b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

www.prmdeal.com Open in urlscan Pro 158.85.25.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

71 %IPv6

8 Domains

9 Subdomains

7 IPs

3 Countries

340 kBTransfer

896 kBSize

6 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.prmdeal.com Open in urlscan Pro
158.85.25.51 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

71 %
IPv6

8
Domains

9
Subdomains

7
IPs

3
Countries

340 kB
Transfer

896 kB
Size

6
Cookies

31 HTTP transactions
0 data transactions