URL: https://offers1.ae/
Submission: On November 22 via api from BE — Scanned from NL

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 42 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is offers1.ae.
TLS certificate: Issued by WE1 on October 25th 2024. Valid for: 3 months.
This is the only time offers1.ae was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 188.114.97.3 13335 (CLOUDFLAR...)
1 142.250.184.232 15169 (GOOGLE)
5 142.250.185.162 15169 (GOOGLE)
1 142.250.185.106 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
2 13.107.253.45 8075 (MICROSOFT...)
4 172.217.16.195 15169 (GOOGLE)
1 216.239.34.36 15169 (GOOGLE)
2 157.240.252.35 32934 (FACEBOOK)
3 23.96.124.156 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 204.79.197.237 8068 (MICROSOFT...)
1 142.250.181.226 15169 (GOOGLE)
6 172.67.169.78 13335 (CLOUDFLAR...)
2 142.250.186.161 15169 (GOOGLE)
42 15
Apex Domain
Subdomains
Transfer
10 offers1.ae
offers1.ae
216 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
w.clarity.ms — Cisco Umbrella Rank: 8046
c.clarity.ms — Cisco Umbrella Rank: 1269
30 KB
6 priserocdn.com
www.priserocdn.com
75 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
196 KB
4 gstatic.com
fonts.gstatic.com
31 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
217 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
771 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
108 KB
42 12
Domain Requested by
10 offers1.ae offers1.ae
6 www.priserocdn.com
5 pagead2.googlesyndication.com offers1.ae
pagead2.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
3 w.clarity.ms www.clarity.ms
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 c.clarity.ms 1 redirects
2 www.facebook.com offers1.ae
2 www.clarity.ms offers1.ae
www.clarity.ms
2 connect.facebook.net offers1.ae
connect.facebook.net
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 c.bing.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com offers1.ae
1 www.googletagmanager.com offers1.ae
42 15

This site contains links to these domains. Also see Links.

Domain
priser24.dk
kaina123.lt
Subject Issuer Validity Valid
offers1.ae
WE1
2024-10-25 -
2025-01-23
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-01 -
2024-11-30
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2024-09-04 -
2025-09-04
a year crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08
2024-06-23 -
2025-06-18
a year crt.sh
adtrafficquality.google
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
priserocdn.com
WE1
2024-11-05 -
2025-02-03
3 months crt.sh

This page contains 4 frames:

Primary Page: https://offers1.ae/
Frame ID: E8E23380869640B65E6FB5225F189080
Requests: 39 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 0B721B2348EB783B8502C88BFBAFC6D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4853123787124679&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732287836&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Foffers1.ae%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732287814982&bpp=62&bdt=1530&idt=21014&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=269681547964&frm=20&pv=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088728%2C31088960%2C95331832%2C95344790%2C95345966&oid=2&pvsid=2243889850161126&tmod=71672387&uas=0&nvt=1&fsapi=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=21397
Frame ID: 740F005D6D9FD8A133ABE5591B314A61
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: A7E7DC97DF727FD83E9284513386612A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Latest offers and catalogues website | Offers1.ae

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

42
Requests

95 %
HTTPS

0 %
IPv6

12
Domains

15
Subdomains

15
IPs

4
Countries

750 kB
Transfer

2066 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3425A809B9E54BA2ABDB7143ACBD21EF&RedC=c.clarity.ms&MXFR=0837DDA68C4E66C51B3FC899884E688D HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3425A809B9E54BA2ABDB7143ACBD21EF&MUID=1B8CA12B0782606714FDB41406456107

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
offers1.ae/
80 KB
9 KB
Document
General
Full URL
https://offers1.ae/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d371a72095df647e4281d574b67ee09173f086ed4b563eb99f0e1cb2c585b6d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8e69ce90aabe0e70-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 22 Nov 2024 15:03:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2d2h5jADql6P2jJCkjSKTIVuyWyw4fm228JcJAaWJcHcXHML332Fbt5a4eK%2BP3GJyPI7K%2F%2BMUEhOwsss2Ff4iKC0PDBREMxglTeuO4fJfBPBgtjgOPxrkXm84Rln"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=16690&sent=11&recv=15&lost=0&retrans=1&sent_bytes=4044&recv_bytes=2309&delivery_rate=322308&cwnd=254&unsent_bytes=0&cid=37afcc0841396b49&ts=415&x=0"
vary
accept-encoding
app.css
offers1.ae/css/frontend/
229 KB
38 KB
Stylesheet
General
Full URL
https://offers1.ae/css/frontend/app.css
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0894d4642fa03686c52ca5deba04bc3e75edb8fffdabc881b62f1c130208d3e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6512b621-39396"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEgMUkG9nKSyg74nTYpYPHQduysOOoQ8QLhrIF%2FWykKE5FjWPsYGR0EBVO%2FnahtL84JG8ypm51q%2FMGweNHm2fmXF4aBH%2FOHeeH4nPYvLg9LTSti6RGW30aOWgDYd"}],"group":"cf-nel","max_age":604800}
cf-ray
8e69ce925d180e70-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=16161&sent=28&recv=32&lost=0&retrans=1&sent_bytes=13384&recv_bytes=3296&delivery_rate=799636&cwnd=256&unsent_bytes=0&cid=37afcc0841396b49&ts=611&x=0"
date
Fri, 22 Nov 2024 15:03:33 GMT
content-type
text/css
last-modified
Tue, 26 Sep 2023 10:44:49 GMT
vary
Accept-Encoding
server
cloudflare
app.js
offers1.ae/js/frontend/
237 KB
76 KB
Script
General
Full URL
https://offers1.ae/js/frontend/app.js
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d242f2c3ed4f0253bb21294f427e42267557ae760526e50fedc43d6d293133ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"6512b621-3b467"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2mV3Ad6A9LIdfOhft24StEXYHr0hbn6vvIu%2F2AXduO5K2uxYi4Bo9mKGv4oacuHlVnuEjAE7By5AV6WRSHflubxu4vziIEwGPs2tUDaG7mzcYzJDaKkAh6QXBHi"}],"group":"cf-nel","max_age":604800}
cf-ray
8e69ce925d190e70-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15536&sent=98&recv=35&lost=0&retrans=1&sent_bytes=89986&recv_bytes=3296&delivery_rate=3100827&cwnd=256&unsent_bytes=0&cid=37afcc0841396b49&ts=630&x=0"
date
Fri, 22 Nov 2024 15:03:33 GMT
content-type
application/javascript
last-modified
Tue, 26 Sep 2023 10:44:49 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
323 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WV61E8DQEL
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6c00360d7314e373d50c64608c31ca925d5e5bfd8ac7a3fa9a79765f5c7422a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 22 Nov 2024 15:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 15:03:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109830
x-xss-protection
0
server
Google Tag Manager
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4853123787124679
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
214244e448cde070060b8116605d3613e3272c8dc57b2f4b13adea125e2e3fe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://offers1.ae
Referer
https://offers1.ae/

Response headers

content-encoding
br
etag
15697285880670414568
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 15:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 22 Nov 2024 15:03:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53357
x-xss-protection
0
server
cafe
logo-dark.svg
offers1.ae/images/
12 KB
6 KB
Image
General
Full URL
https://offers1.ae/images/logo-dark.svg
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65cd6a4b38e898d1058a62e140b3a94297b6c421da966e2c48a8505bfa19074b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"650d936e-3190"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSuBFk3fB%2FyGAYt5GBzA2hyqhlAZd8cJCegcZuTm3QuBhDcZCgoW23uWyFgk7T95cI0Wj57RbsDEYzeqdLmN4UIQ%2FR9jmRm1Za5oyHyxW92hxNDYSvtCUN1oSQen"}],"group":"cf-nel","max_age":604800}
cf-ray
8e69ce925d1b0e70-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=16161&sent=68&recv=32&lost=0&retrans=1&sent_bytes=53458&recv_bytes=3296&delivery_rate=799636&cwnd=256&unsent_bytes=0&cid=37afcc0841396b49&ts=623&x=0"
date
Fri, 22 Nov 2024 15:03:33 GMT
content-type
image/svg+xml
last-modified
Fri, 22 Sep 2023 13:15:26 GMT
vary
Accept-Encoding
server
cloudflare
loader.gif
offers1.ae/images/
29 KB
30 KB
Image
General
Full URL
https://offers1.ae/images/loader.gif
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b46b02a59abc9bec9fa4410feb7704b7de124349beecf2e6558068d3206d476d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"650d8d5f-74a6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJgHZ33CUyB1QmYq2io4iuR4Y2oMPR7qUtLbovahDHjhBLhFyYUSOtnSjKul8SuRh3sXkC1cqIF4coKCDoIAwNLFn7KGbuOrDusUzSsPwKsQ23KICgiz0Z5OiURY"}],"group":"cf-nel","max_age":604800}
cf-ray
8e69ce925d1e0e70-AMS
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=15261&sent=75&recv=34&lost=0&retrans=1&sent_bytes=59432&recv_bytes=3296&delivery_rate=799636&cwnd=256&unsent_bytes=0&cid=37afcc0841396b49&ts=626&x=0"
content-length
29862
date
Fri, 22 Nov 2024 15:03:33 GMT
content-type
image/gif
last-modified
Fri, 22 Sep 2023 12:49:35 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600|Roboto+Mono
Requested by
Host: offers1.ae
URL: https://offers1.ae/css/frontend/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
ESF /
Resource Hash
27209fdd7713239dad8915a19f90d3fb7107cafcbef9fae8ac0e525611c468ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 15:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 15:03:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 22 Nov 2024 15:03:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-uUc4WUKu' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 15:03:34 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-uUc4WUKu' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4668, tp=13, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
OITRXiAGlKA3rN3N4AeO8y9F2VDA6OizWT1X+zyunFkRfMlPUuljGJxVEtRhk1IaUcFme3LNVavOp/axDsMb8A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
j1579l0v6c
www.clarity.ms/tag/
689 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/j1579l0v6c
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5252f56bb509f7c2277d3856c5e9c8ff3c455c1153598add24c2bdc5df1c7662

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Fri, 22 Nov 2024 15:03:35 GMT
content-type
application/x-javascript
x-azure-ref
20241122T150334Z-er17df99fb5rh559hC1PARscpn00000003pg000000001ahb
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600|Roboto+Mono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://offers1.ae
Referer
https://fonts.googleapis.com/

Response headers

age
283954
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 08:11:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 08:11:01 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600|Roboto+Mono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://offers1.ae
Referer
https://fonts.googleapis.com/

Response headers

age
305793
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 02:07:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 02:07:02 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600|Roboto+Mono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://offers1.ae
Referer
https://fonts.googleapis.com/

Response headers

age
319132
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 18 Nov 2025 22:24:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 22:24:43 GMT
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7840
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600|Roboto+Mono
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f3.1e100.net
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://offers1.ae
Referer
https://fonts.googleapis.com/

Response headers

age
109964
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 08:30:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 21 Nov 2024 08:30:51 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/
434 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4853123787124679&plah=offers1.ae
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4853123787124679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
5a050389526f310d0873d8ad98355cca07d8562206547570efc1dc11690b5f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

content-encoding
br
etag
1777508865247872299
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 15:03:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 22 Nov 2024 15:03:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147669
x-xss-protection
0
server
cafe
clarity.js
www.clarity.ms/s/0.7.56/
66 KB
28 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/j1579l0v6c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

x-azure-ref
20241122T150355Z-er17df99fb5rh559hC1PARscpn00000003pg000000001bv1
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
4b028e60-101e-0017-0f3f-3687d0000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 22 Nov 2024 15:03:55 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 19:41:29 GMT
24048178984829882
connect.facebook.net/signals/config/
67 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/24048178984829882?v=2.9.176&r=stable&domain=offers1.ae&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
94a3ed1ce0e68894e38afe13c9256c1ba0098752331ce3c0bf791375aca3df78
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0rfWeEi9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 15:03:55 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0rfWeEi9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=72, rtx=0, c=40, mss=1232, tbw=70572, tp=70, tpl=0, uplat=375, ullat=0
pragma
public
x-fb-debug
gC8vq2a/ZAzX6Wdacw4TQSNcbYrIR+LL18NnqCYZRlz6ifQnan3mTvH9Op/MfFGqo0qwRgCNS8DOrsUssZGb0w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WV61E8DQEL&gtm=45je4bk0v9166863660za200&_p=1732287814337&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1357043344.1732287836&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732287835&sct=1&seg=0&dl=https%3A%2F%2Foffers1.ae%2F&dt=Latest%20offers%20and%20catalogues%20website%20%7C%20Offers1.ae&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=23029
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WV61E8DQEL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://offers1.ae
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 15:03:56 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/ Frame 0B72
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4853123787124679&plah=offers1.ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers1.ae/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
70950
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 21 Nov 2024 19:21:26 GMT
etag
17661348622971093804
expires
Thu, 05 Dec 2024 19:21:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-xl%20fixed-top%20navbar-light%20bg-light&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 22 Nov 2024 15:03:56 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
pagead2.googlesyndication.com/pagead/ Frame 740F
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-4853123787124679&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1732287836&plat=2%3A16777216%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Foffers1.ae%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1732287814982&bpp=62&bdt=1530&idt=21014&shv=r20241120&mjsv=m202411140101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=269681547964&frm=20&pv=2&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31088728%2C31088960%2C95331832%2C95344790%2C95345966&oid=2&pvsid=2243889850161126&tmod=71672387&uas=0&nvt=1&fsapi=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=21397
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4853123787124679&plah=offers1.ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers1.ae/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Nov 2024 15:03:56 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=24048178984829882&ev=PageView&dl=https%3A%2F%2Foffers1.ae%2F&rl=&if=false&ts=1732287837413&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732287837380.558798483762150802&ler=empty&cdl=API_unavailable&it=1732287835533&coo=false&rqm=GET
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4477, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 22 Nov 2024 15:03:57 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
201 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=24048178984829882&ev=PageView&dl=https%3A%2F%2Foffers1.ae%2F&rl=&if=false&ts=1732287837413&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732287837380.558798483762150802&ler=empty&cdl=API_unavailable&it=1732287835533&coo=false&rqm=FGET
Requested by
Host: offers1.ae
URL: https://offers1.ae/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440119607879874587"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 15:03:57 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440119607879874587", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
GTr6M3X2yxJ+hSULkpWQW6Z0EvFlpvHJnnhVDAeIHfq2ciMmOCrwkwluJKYFlu/JZre+VyIjZ+s0Dpy9nN+iXg==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4845, tp=13, tpl=0, uplat=333, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
w.clarity.ms/
0
274 B
XHR
General
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://offers1.ae/

Response headers

Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin
https://offers1.ae
Date
Fri, 22 Nov 2024 15:03:57 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=3425A809B9E54BA2ABDB7143ACBD21EF&RedC=c.clarity.ms&MXFR=0837DDA68C4E66C51B3FC899884E688D
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3425A809B9E54BA2ABDB7143ACBD21EF&MUID=1B8CA12B0782606714FDB41406456107
42 B
465 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3425A809B9E54BA2ABDB7143ACBD21EF&MUID=1B8CA12B0782606714FDB41406456107
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"b116c54f951fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 22 Nov 2024 15:03:58 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 06:33:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=3425A809B9E54BA2ABDB7143ACBD21EF&MUID=1B8CA12B0782606714FDB41406456107
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9A6683245E0E490BB6C02F36DA879C68 Ref B: AMS04EDGE2117 Ref C: 2024-11-22T15:03:58Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 22 Nov 2024 15:03:57 GMT
x-powered-by
ASP.NET
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4853123787124679&plah=offers1.ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
213655d3ddf85a1e3f7d7d2a01454b3cc641c0bb82fe6671297d0a0b1840ef24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12984
date
Fri, 22 Nov 2024 15:03:57 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
featured_image.jpg
www.priserocdn.com/a/ae/1b9bf81b342910de8e3b1232dd2191941729814a49c53ceb3fe81cf3cb20e894/
15 KB
16 KB
Image
General
Full URL
https://www.priserocdn.com/a/ae/1b9bf81b342910de8e3b1232dd2191941729814a49c53ceb3fe81cf3cb20e894/featured_image.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e3f6a1296d96459d19e0db7f44267e470f6c0da2ceee70518ba4ed96d350a47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
HIT
etag
"9c5042c8a9cdb6e4334ab38ae99c774f"
age
83932
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpyT5rcphCWpTX6x6HMcVnriJdAITf8rcTFtHsdJIrd%2F5AxEgE5s6iuTq%2F75m7qHe9EeiLma2XXfN3dnxMYeHg6A3zeU%2BnjYLxrhOnW1zWz4FkPXq86c1PdnAv5eJepilBGFLv0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70066&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15552&recv_bytes=6297&delivery_rate=45359&cwnd=12000&unsent_bytes=0&cid=841550d41fc97dd7&ts=129&x=1", cfHdrFlush;dur=53
date
Fri, 22 Nov 2024 15:03:58 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
last-modified
Thu, 21 Nov 2024 11:02:28 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000d068c0ff590dee9e-00673f5582-10d1b6b13-fra1b
cf-ray
8e69cf2bfe319ed0-CDG
accept-ranges
bytes
content-length
15257
server
cloudflare
featured_image.jpg
www.priserocdn.com/a/ae/13959953706d1f7fd0720839d93ae8a890998c63779ddc5714063709a839860b/
21 KB
22 KB
Image
General
Full URL
https://www.priserocdn.com/a/ae/13959953706d1f7fd0720839d93ae8a890998c63779ddc5714063709a839860b/featured_image.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a22b390d94da874b272d97dff862c12ebb1b7ffadc93bc77f644cac4f83382
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
HIT
etag
"3aede3458b7188a8ef6d3e8fb98e404a"
age
79536
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ut%2FPPlnz0L%2BlncBkMtBD6MCR1oL%2FYfzRazTVaoCJ4gtz92uoMitrX%2FRWWTstcYVBHzBtZobtXTIdvLv8RMhBUPy4%2FOEStfCBu6kJX5aSKAlUm%2FbYzqqtcZstI427ueCl0L8fY28%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70066&sent=20&recv=12&lost=0&retrans=0&sent_bytes=14582&recv_bytes=6297&delivery_rate=45359&cwnd=12000&unsent_bytes=0&cid=841550d41fc97dd7&ts=115&x=1", cfHdrFlush;dur=0
date
Fri, 22 Nov 2024 15:03:58 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
last-modified
Wed, 20 Nov 2024 16:43:36 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000b1299c4d0105582b-00673f66ae-10d1b6b13-fra1b
cf-ray
8e69cf2bfe2f9ed0-CDG
accept-ranges
bytes
content-length
21899
server
cloudflare
featured_image.jpg
www.priserocdn.com/a/ae/ec178e6e7ac126d43139cc9d6567e99a2c4733a395068ca40a9229b3931a5832/
9 KB
10 KB
Image
General
Full URL
https://www.priserocdn.com/a/ae/ec178e6e7ac126d43139cc9d6567e99a2c4733a395068ca40a9229b3931a5832/featured_image.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03aecd9f9807404a88765a0b408390f4f1a6bc11d22268ae4aac6e96ac5b8fe8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
HIT
etag
"c0119ea785e4541ed556b75c7ff5b837"
age
79536
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cOFo182cYisxz7NCKRX9B8nZlXkF4ar6L1jy8XAYPC4mH966tpn7G7slCg5IwgUdxDsrXUHIRm6FrooKxypYgB69hof64ZTtIC4cAE3MAZBZekEiv09xaLSyXyi0DSN%2BRPIWzOo%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70066&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15552&recv_bytes=6297&delivery_rate=45359&cwnd=12000&unsent_bytes=0&cid=841550d41fc97dd7&ts=124&x=1", cfHdrFlush;dur=58
date
Fri, 22 Nov 2024 15:03:58 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
last-modified
Tue, 19 Nov 2024 17:58:49 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000441bdfa9f383f199-00673f66ae-10d0df7cd-fra1b
cf-ray
8e69cf2bfe259ed0-CDG
accept-ranges
bytes
content-length
9610
server
cloudflare
featured_image.jpg
www.priserocdn.com/a/ae/ffa04a8c53dfec055f3013c104fcc60c4b10f6fb317fac6a3c3c52976cbfefaf/
9 KB
10 KB
Image
General
Full URL
https://www.priserocdn.com/a/ae/ffa04a8c53dfec055f3013c104fcc60c4b10f6fb317fac6a3c3c52976cbfefaf/featured_image.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3ad6ad7b16b10e0b620dd3b3bb3c5b24657cc8c092c79fa45196689c0654ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
HIT
etag
"4437f11f5368edbddcee9b88952e4d8d"
age
79536
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OA3tJ9ZNHifZT%2BWr4ZA0I1nnFr9uoaG1xkOj%2BpXi0yVnBnyRzgJvQ1J1bTDWmr0hET8YRecMSAbmXuif4y9HyzlEbeomQteA0iL8ga9lJkpkmJqaQaNVO1tmF20LXO8yqIdSWJg%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=70066&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4134&recv_bytes=6297&delivery_rate=45359&cwnd=12000&unsent_bytes=0&cid=841550d41fc97dd7&ts=113&x=1", cfHdrFlush;dur=0
date
Fri, 22 Nov 2024 15:03:58 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
last-modified
Mon, 07 Oct 2024 18:11:58 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000deed645f6aff5742-00673f66ae-10d0a57fc-fra1b
cf-ray
8e69cf2bfe2a9ed0-CDG
accept-ranges
bytes
content-length
9351
server
cloudflare
featured_image.jpg
www.priserocdn.com/a/ae/213de4ded52146c873d755e49def3a9a40304d4010db473011bb73d50ffefd52/
9 KB
10 KB
Image
General
Full URL
https://www.priserocdn.com/a/ae/213de4ded52146c873d755e49def3a9a40304d4010db473011bb73d50ffefd52/featured_image.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad23a4a9ba0d0cddac00f83960189d181bbe3f4cec6e79b145972936f9d15041
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
MISS
etag
"e41d32cad30bab6cc06257e02469b6ca"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mpXQakkyT8CZP1hkvR3hfTa6Q0X%2FpyPZKrGohK4VRvhKwBmAufkY2VmWAyfJH0j24%2BdRTicW6eowNW05d9DjrcMPxhtkI7Fhz3%2B3znHcVD0sgH%2FPJB10P5Cxg%2FydgefLOgyVlSI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65131&sent=23&recv=14&lost=0&retrans=0&sent_bytes=16134&recv_bytes=6387&delivery_rate=14697&cwnd=12000&unsent_bytes=0&cid=841550d41fc97dd7&ts=162&x=1", cfHdrFlush;dur=20
date
Fri, 22 Nov 2024 15:03:58 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
last-modified
Wed, 02 Oct 2024 09:56:59 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000c61269652d4481da-0067409d5e-10d1b69e7-fra1b
cf-ray
8e69cf2bfe349ed0-CDG
accept-ranges
bytes
content-length
9529
server
cloudflare
featured_image.jpg
www.priserocdn.com/a/ae/f7de828a71df9a17a478a3a730188e2036745da2cda11b93e2e9361b28ff860f/
5 KB
6 KB
Image
General
Full URL
https://www.priserocdn.com/a/ae/f7de828a71df9a17a478a3a730188e2036745da2cda11b93e2e9361b28ff860f/featured_image.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c888562a6f2c962a331504ad23893d5122b2506ffd5c087557e3228dce38df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
MISS
etag
"4d55231f4f34a719982e5b649d71c6c9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JR1gg3%2FZCcyAVJvSHZcq5Bz5lHo2Gkco2BW%2FY2%2FUWON%2BZ6a02CjxbdyP7QqDWLa%2B1klmQK55RINeQWYu2KFURHX8%2F00uicLaJXp%2BJMK3xkLjs5iPsqR8HxqNdXLn3nZMbvPub3U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=65131&sent=23&recv=14&lost=0&retrans=0&sent_bytes=16134&recv_bytes=6387&delivery_rate=14697&cwnd=12000&unsent_bytes=0&cid=841550d41fc97dd7&ts=170&x=1", cfHdrFlush;dur=12
date
Fri, 22 Nov 2024 15:03:58 GMT
x-rgw-object-type
Normal
content-type
binary/octet-stream
last-modified
Tue, 26 Dec 2023 13:07:24 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000168516ac1d12ea77-0067409d5e-10d0df845-fra1b
cf-ray
8e69cf2bfe379ed0-CDG
accept-ranges
bytes
content-length
5616
server
cloudflare
ace.png
offers1.ae/images/shops/
11 KB
12 KB
Image
General
Full URL
https://offers1.ae/images/shops/ace.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9bbc54063c43bcd3851b0920e738b69b5fb10710db5833959f0e3e439db5ab5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cf-cache-status
REVALIDATED
etag
"65112684-2c63"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d5yINLSra9ueGJa1Jr2Eq%2FhDhzoUTxawBxI3xYlEKXVGhegvak68DHdWC4fj4a7gcyNz95%2BOGi9CQX37%2BOEJq6XQN2iFEldYho7lKa7emGd8yxBpbjEM6YtXzh8o"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30878&sent=26&recv=14&lost=0&retrans=0&sent_bytes=16365&recv_bytes=8351&delivery_rate=318&cwnd=12000&unsent_bytes=0&cid=540a29ef098e84c5&ts=24521&x=1", cfExtPri, cfHdrFlush;dur=59
date
Fri, 22 Nov 2024 15:03:58 GMT
content-type
image/png
last-modified
Mon, 25 Sep 2023 06:19:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e69cf2b4dcdd592-AMS
accept-ranges
bytes
content-length
11363
server
cloudflare
al-adil.png
offers1.ae/images/shops/
18 KB
18 KB
Image
General
Full URL
https://offers1.ae/images/shops/al-adil.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be2f9da8a5429cf7f5e969740ec499f18dd61bff9654acf3417b1fe05ca926c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cf-cache-status
REVALIDATED
etag
"65112684-467f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1qgkymBf64aMbSsVjwSPaOr4oTWK66OccMZwWXPXXEeCM%2FslVz9BivHPO3%2FgGIO6rpDcoCDkq9MaVcvcCtmelyfdZpw5bfTrqVcAhxDDuGnGh%2B%2BFf%2BHFVpYzp7t"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30878&sent=26&recv=14&lost=0&retrans=0&sent_bytes=16365&recv_bytes=8351&delivery_rate=318&cwnd=12000&unsent_bytes=0&cid=540a29ef098e84c5&ts=24515&x=1", cfExtPri, cfHdrFlush;dur=65
date
Fri, 22 Nov 2024 15:03:58 GMT
content-type
image/png
last-modified
Mon, 25 Sep 2023 06:19:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e69cf2b4dd0d592-AMS
accept-ranges
bytes
content-length
18047
server
cloudflare
al-madina.png
offers1.ae/images/shops/
10 KB
10 KB
Image
General
Full URL
https://offers1.ae/images/shops/al-madina.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e682e00a8891e6d43319cfe1a90ecbe06a766f003242f7916b8bec14af339c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cf-cache-status
REVALIDATED
etag
"65112684-2731"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2r5kC9uuymzQKI6aZLbyj9Xua4EgtUGWQpJdfYuiRShPRon4Lt5ttMnBi%2FDhSBiPkQFYmf4WpNdYui28X6XEoUeAsacxcWAYLa%2BRDp00jbuNmdXoJYO%2B%2FGe33uPO"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30878&sent=26&recv=14&lost=0&retrans=0&sent_bytes=16365&recv_bytes=8351&delivery_rate=318&cwnd=12000&unsent_bytes=0&cid=540a29ef098e84c5&ts=24519&x=1", cfExtPri, cfHdrFlush;dur=61
date
Fri, 22 Nov 2024 15:03:58 GMT
content-type
image/png
last-modified
Mon, 25 Sep 2023 06:19:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e69cf2b4dd6d592-AMS
accept-ranges
bytes
content-length
10033
server
cloudflare
al-maya.png
offers1.ae/images/shops/
14 KB
14 KB
Image
General
Full URL
https://offers1.ae/images/shops/al-maya.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83e0dd92e5d21b5908310e664c7427e5a94a2d924db93df4b753884c28452f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cf-cache-status
REVALIDATED
etag
"65112684-36b2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qi0AvPFk2OBbEVZux0emQTkaBiwRSd%2FZqD0SlAcwaHOlWE9F3UdpYQ%2FLVFX0mlPreOSvKAQ2eW%2BKncZAmNmTIE7IoZ2InJ50TnXQgtv8rsUM4itOejp1pTdBo9CA"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30878&sent=16&recv=14&lost=0&retrans=0&sent_bytes=4365&recv_bytes=8351&delivery_rate=318&cwnd=12000&unsent_bytes=0&cid=540a29ef098e84c5&ts=24514&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 22 Nov 2024 15:03:58 GMT
content-type
image/png
last-modified
Mon, 25 Sep 2023 06:19:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e69cf2b5ddcd592-AMS
accept-ranges
bytes
content-length
14002
server
cloudflare
favicon-32x32.png
offers1.ae/
2 KB
2 KB
Other
General
Full URL
https://offers1.ae/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de3dc44bbfbcaec3aa914a21706201bb0e7e2f1216989dbac6122071c8ba458

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

cf-cache-status
REVALIDATED
etag
"650d8d5f-62b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWXZuGe7mtS9jiiyf6QeY0KFJQIJ8GFaIaj7i%2FZxRzxA5Po%2BNYekMNV9DRu5HhF%2Bq%2BbREAKHwa%2FOG%2B43YcW%2FtovFnKwEU7pQXSskTqOr6GJ7wB55LKhV5%2FNfZFYZ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34711&sent=69&recv=40&lost=0&retrans=0&sent_bytes=61725&recv_bytes=10540&delivery_rate=207705&cwnd=37200&unsent_bytes=0&cid=540a29ef098e84c5&ts=24703&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 22 Nov 2024 15:03:58 GMT
content-type
image/png
last-modified
Fri, 22 Sep 2023 12:49:35 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e69cf2c8a5fd592-AMS
accept-ranges
bytes
content-length
1579
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4853123787124679&plah=offers1.ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://offers1.ae/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 15:03:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 15:03:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame A7E7
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers1.ae/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2320
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Nov 2024 14:25:18 GMT
expires
Fri, 22 Nov 2024 15:15:18 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
w.clarity.ms/
0
274 B
XHR
General
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://offers1.ae/

Response headers

Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin
https://offers1.ae
Date
Fri, 22 Nov 2024 15:03:58 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
sodar
ep1.adtrafficquality.google/pagead/
0
0

collect
w.clarity.ms/
0
274 B
XHR
General
Full URL
https://w.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://offers1.ae/

Response headers

Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
Access-Control-Allow-Origin
https://offers1.ae
Date
Fri, 22 Nov 2024 15:04:00 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=2243889850161126&bg=!GhmlGVbNAAaIaF9IqGg7ADQBe5WfOAPiciy_wg9-Pv9mLnAMR1thuDjBvX8jJsAEBsVkFr1pxMO3u9oEpH2q2ev72hnvAgAAAUZSAAAAEmgBB34ANlB0GeO9op7odCziHWHaU4ghEWZ22U_0nNtetBP8sC1zszyRURQ7rbvupa9KvgfWZK-Ihu0Z5woAgJ6oWMwlTlVml_oO1mVi6gCB5cFVtxPnIgtMTH0Dm_t4ULaKBDQ72nWOIg9u_fhok5dRYBHjqUbBMKzQY7UuEm_u6egK8Q5H8LI6x40A8afZTuh2Wj289l0strGPWRfgDI_faUOn_UiQCAQG0B94DfBltf10O0e2u88pRn1ye93rmQKaz7RALGrolRYGpDTFjyPGvRRMDu8bj3D1AGY7zo99LXfMwwwIV4lZQfHnthrH0mRGv7lqoxKDME7npyiSxvpmyH4grpv3yz2HaLrrWPDYS73SjHdiyvDJPOQoKDe1CkG4kqqmaC2nqXT4uLOa0439jnoCI8LwABMpZzjJBuvmqzMhOnGHCXQH31dHiNlaSyqjAcaMMZ9wQ_jKG52ayNQUpzz7wSsQ9ZSNe7lm5811oM3oPgx_vzAnHmG49wwpQZBnuBWmJJ5_-l52VSZkPYWh9AG7zVe0II8R6-0wakpQVHVzWOWkY6lyMuT8am4oKXk1WYQdM7NmQjrpn3LbnxoxiRKG3J7-3JTWAyyAjGYPfDCXIfms2ZTvVraa5ayKGG3UAZwst0mvU55yRGshn3kINMFdPlblSe556apCcxn7QjbI91afAmwF1uoUUJ6v-7Zt3r7Hynk2z66uXSE8YVFFByWywEVpWpNFG-v8Df_unuh4bZgalF4HiF94suK5iaVFA6oDodugae2pX-Pn_rKVSY1T7kPKzkBGBA8akiLKGXsX6z6kb3LSxp5OH4h1mpcJ6nyRF_fourWmbWU0LyGuuPXIHPP7nJLac7-PYX8Kc_GL4lHw4UC9uZdY-vZgr_-S39DEM-SmnjAt4S4WqpaIBKtohfID0JyVODt16X1QqiytDrsMSV4rUd0-CexS3j55Cu_S6zmfvwstDH5jLfs1-ipq8HMZmOA7BxMzQZmwwKRQtmEOSqS4_rz8whxdKaGULM8GodwruVLYj51z8NO2CYLEfpj9VD4_25n_uPdepUD6nx8DQwYGTPRCsnh5c5bztB4FjEqGWS2YYnuOCqTLMZ6OGSuwE4OTI1P-7sVXuMdAFw3ussE4Q_FN

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| Popper function| jQuery function| $ object| LazyLoad function| inView function| gtag object| dataLayer function| fbq function| _fbq function| clarity object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

15 Cookies

Domain/Path Name / Value
offers1.ae/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik5EdG1GVENrY2RDYXUzaytFUWZaaUE9PSIsInZhbHVlIjoiSU9jZkk5ZlNRcUdleTJvUDRnczZraHd1eDA3dXZkTjhBYmMrTGxjMndVVHp1VVF6L0xmY0IwU1pORU5QdzVDSXEyZW80K1BVdmU3dFdRZ1lyc1I2emp5bFdxM242NzVtT25wWnFhWnozWTJEckFneWtEZUlieEZveWQydHdsYWIiLCJtYWMiOiI3MTRmYmVjZjM3ZjhkODBhNDA5ZTUxOGY0YTkzZjAzYWFjNTlmM2QxMjg0MTJlYjZlMTllNzNmOTlmNGQxOTkzIiwidGFnIjoiIn0%3D
offers1.ae/ Name: offers1ae_session
Value: eyJpdiI6IkdUWTZpd2MydGkvaXJtNnBJNzZHUUE9PSIsInZhbHVlIjoiUGxEYURCVFpoNlo2bVp1ekZhUHIxcXZnQ3BhaU1obnlHRGdKOTBaeEs5SGF2SW9aWWhKWnhJVDdrN2lieUttY0N6MVJncUgvNytqdFpYVWZkcGkzMUc5ZVUwS3FHMDZINlI1cEFuOGJoWEptY2lFRENFNFRpZE9CRkhic3VHNEsiLCJtYWMiOiJkYmM1NDc5MTM4ZGI1M2U3NDhjZjAyZTgwMjM0MGQwMzdiNzE4ZGY3ZWJmMDBjYjJhYTIyZDBiMzFiYzQ0YWNmIiwidGFnIjoiIn0%3D
www.clarity.ms/ Name: CLID
Value: 4144442b8a174914b9953064ee96cae6.20241122.20251122
.offers1.ae/ Name: _ga_WV61E8DQEL
Value: GS1.1.1732287835.1.0.1732287835.0.0.0
.offers1.ae/ Name: _ga
Value: GA1.1.1357043344.1732287836
.offers1.ae/ Name: _clck
Value: gu2cfl%7C2%7Cfr3%7C0%7C1787
.offers1.ae/ Name: _fbp
Value: fb.1.1732287837380.558798483762150802
.offers1.ae/ Name: _clsk
Value: uj21ww%7C1732287837963%7C1%7C1%7Cw.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 1B8CA12B0782606714FDB41406456107
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1B8CA12B0782606714FDB41406456107
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1B8CA12B0782606714FDB41406456107
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
offers1.ae
pagead2.googlesyndication.com
region1.google-analytics.com
w.clarity.ms
www.clarity.ms
www.facebook.com
www.googletagmanager.com
www.priserocdn.com
ep1.adtrafficquality.google
13.107.253.45
13.74.129.1
142.250.181.226
142.250.184.232
142.250.185.106
142.250.185.162
142.250.186.161
157.240.0.6
157.240.252.35
172.217.16.195
172.67.169.78
188.114.97.3
204.79.197.237
216.239.34.36
23.96.124.156
03aecd9f9807404a88765a0b408390f4f1a6bc11d22268ae4aac6e96ac5b8fe8
0894d4642fa03686c52ca5deba04bc3e75edb8fffdabc881b62f1c130208d3e5
213655d3ddf85a1e3f7d7d2a01454b3cc641c0bb82fe6671297d0a0b1840ef24
214244e448cde070060b8116605d3613e3272c8dc57b2f4b13adea125e2e3fe6
27209fdd7713239dad8915a19f90d3fb7107cafcbef9fae8ac0e525611c468ce
2d371a72095df647e4281d574b67ee09173f086ed4b563eb99f0e1cb2c585b6d
3de3dc44bbfbcaec3aa914a21706201bb0e7e2f1216989dbac6122071c8ba458
4e3f6a1296d96459d19e0db7f44267e470f6c0da2ceee70518ba4ed96d350a47
5252f56bb509f7c2277d3856c5e9c8ff3c455c1153598add24c2bdc5df1c7662
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5a050389526f310d0873d8ad98355cca07d8562206547570efc1dc11690b5f1b
65cd6a4b38e898d1058a62e140b3a94297b6c421da966e2c48a8505bfa19074b
6c00360d7314e373d50c64608c31ca925d5e5bfd8ac7a3fa9a79765f5c7422a4
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d3ad6ad7b16b10e0b620dd3b3bb3c5b24657cc8c092c79fa45196689c0654ab
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
94a3ed1ce0e68894e38afe13c9256c1ba0098752331ce3c0bf791375aca3df78
95c888562a6f2c962a331504ad23893d5122b2506ffd5c087557e3228dce38df
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e682e00a8891e6d43319cfe1a90ecbe06a766f003242f7916b8bec14af339c1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad23a4a9ba0d0cddac00f83960189d181bbe3f4cec6e79b145972936f9d15041
b46b02a59abc9bec9fa4410feb7704b7de124349beecf2e6558068d3206d476d
b5a22b390d94da874b272d97dff862c12ebb1b7ffadc93bc77f644cac4f83382
be2f9da8a5429cf7f5e969740ec499f18dd61bff9654acf3417b1fe05ca926c0
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d242f2c3ed4f0253bb21294f427e42267557ae760526e50fedc43d6d293133ba
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bbc54063c43bcd3851b0920e738b69b5fb10710db5833959f0e3e439db5ab5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f83e0dd92e5d21b5908310e664c7427e5a94a2d924db93df4b753884c28452f0
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99