urlscan.io logo urlscan.io
SecurityTrails logo

offer24.linkbuilder.com Open in urlscan Pro
185.25.117.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://offer24.linkbuilder.com/
Submission: On January 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 32 HTTP transactions. The main IP is 185.25.117.21, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is offer24.linkbuilder.com.
TLS certificate: Issued by R3 on January 18th 2024. Valid for: 3 months.
This is the only time offer24.linkbuilder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    185.25.117.21 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: vps-42270.vps-default-host.net
offer24.linkbuilder.com
api.adsquiz.io
1    2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2607:f8b0:4006:824::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
www.googleadservices.com
3    2607:f8b0:4006:824::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:4006:816::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    77.223.118.104 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
cloud.roistat.com
1    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
7 adsquiz.io
api.adsquiz.io
307 KB
6 linkbuilder.com
offer24.linkbuilder.com
202 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
931 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
178 KB
2 roistat.com
cloud.roistat.com — Cisco Umbrella Rank: 125003
cllctr.roistat.com Failed
41 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
92 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
32 11
Domain Requested by
7 api.adsquiz.io offer24.linkbuilder.com
6 offer24.linkbuilder.com offer24.linkbuilder.com
3 www.google.com www.googletagmanager.com
3 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
3 www.googletagmanager.com offer24.linkbuilder.com
www.googletagmanager.com
2 cloud.roistat.com offer24.linkbuilder.com
cloud.roistat.com
2 connect.facebook.net offer24.linkbuilder.com
connect.facebook.net
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.facebook.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 fonts.googleapis.com offer24.linkbuilder.com
0 cllctr.roistat.com Failed cloud.roistat.com
32 14

This site contains links to these domains. Also see Links.

Domain
adsquiz.io
Subject Issuer Validity Valid
offer24.linkbuilder.com
R3		 2024-01-18 -
2024-04-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.adsquiz.io
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.roistat.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-31 -
2024-06-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://offer24.linkbuilder.com/
Frame ID: F6B00198A50F974CD5418CB9E7B1BAA3
Requests: 29 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PF7NJBB
Frame ID: 37CF7A0C62A09F482369568C938AA28B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Лінкбілдинг, крауд і сабміти від Linkbuilder.com | Made by - adsquiz.io

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

91 %
HTTPS

75 %
IPv6

11
Domains

14
Subdomains

13
IPs

3
Countries

871 kB
Transfer

1963 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://www.googleadservices.com/pagead/conversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0&ct_cookie_present=false&ocp_id=8KeqZbuJFqiWoPMPo8CloA0&random=1413439953&sscte=1&crd=&pscrd=IhMIu8GtiPTpgwMVKAtoCB0jYAnU HTTP 302
  • https://www.google.com/pagead/1p-conversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0&ct_cookie_present=false&random=1413439953&sscte=1&crd=&pscrd=IhMIu8GtiPTpgwMVKAtoCB0jYAnU&is_vtc=1&ocp_id=8KeqZbuJFqiWoPMPo8CloA0&cid=CAQSGwAvHhf_IhdTgNA3f2eflnG50TookDZWNDHm4w&random=41377158
Request Chain 23
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11294455328/?random=1312551019&cv=11&fst=1705682928409&bg=ffffff&guid=ON&async=1&gtm=45He41h0v860512366&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&label=VwIzCKbUpdsYEKDszokq&hn=www.googleadservices.com&frm=0&tiba=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&value=0&auid=1107477433.1705682928&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=8KeqZZf3G6u3oPMPx_Wa8AI&sscte=1&crd=&eitems=ChEIgNiorQYQzYfKpc6s-YOwARIdAL2KB7SY3paU_B1D94mIkfAayGqCgCRAQZz9Cu0&pscrd=Ek5DaEFJZ05pb3JRWVEzcDN0bXVheGlPWllFaVlBUXZJc2JPbjBQR3BsZmd0YndNeXJySG5GZmVRRDYzM2xrU1pOdnV3M3VaNTN6Z2ZTOHcaWkNoRUlnTmlvclFZUTNxZVRwWmk5blozV0FSSXVBSGJybGN1NDNVdV94cU1POHl4TnVvN1lXRkl6QXl1WTFXRFV4WDZDRkVjYVFyQ3hoZ0hJalNFY2ZBS1ZyQSITCJevs4j06YMDFasbaAgdx7oGLg HTTP 302
  • https://www.google.com/pagead/1p-conversion/11294455328/?random=1312551019&cv=11&fst=1705682928409&bg=ffffff&guid=ON&async=1&gtm=45He41h0v860512366&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&label=VwIzCKbUpdsYEKDszokq&hn=www.googleadservices.com&frm=0&tiba=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&value=0&auid=1107477433.1705682928&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05pb3JRWVEzcDN0bXVheGlPWllFaVlBUXZJc2JPbjBQR3BsZmd0YndNeXJySG5GZmVRRDYzM2xrU1pOdnV3M3VaNTN6Z2ZTOHcaWkNoRUlnTmlvclFZUTNxZVRwWmk5blozV0FSSXVBSGJybGN1NDNVdV94cU1POHl4TnVvN1lXRkl6QXl1WTFXRFV4WDZDRkVjYVFyQ3hoZ0hJalNFY2ZBS1ZyQSITCJevs4j06YMDFasbaAgdx7oGLg&is_vtc=1&ocp_id=8KeqZZf3G6u3oPMPx_Wa8AI&cid=CAQSGwAvHhf_6b6pycgsJMmElH95tuw7TmB_XhNSgQ&eitems=ChEIgNiorQYQzYfKpc6s-YOwARIdAL2KB7QY5zbNxNN4-zY1D0G2mXzFzWoG2bzdWTc&random=3389010007

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offer24.linkbuilder.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer24.linkbuilder.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a7a83e26514acf9f0e44c9de3077cbaa627b26b27722e56585966c909fbedf14

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 16:48:45 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@300;400;700&display=swap
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b59a1cd6e73a9e4d3f367590b18946bf5c34a3be55ab4eba4d37f01010b946fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jan 2024 16:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 16:48:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jan 2024 16:48:45 GMT
index.884acf4b.js
offer24.linkbuilder.com/assets/ 		422 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer24.linkbuilder.com/assets/index.884acf4b.js
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4da62720095d87f699632bdb808a637af8d31a605022f91ccd8a8f933a1d1641

Request headers

Referer
https://offer24.linkbuilder.com/
Origin
https://offer24.linkbuilder.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 16:48:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 22:57:53 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65a9acf1-6960f"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
index.0b774220.css
offer24.linkbuilder.com/assets/ 		126 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer24.linkbuilder.com/assets/index.0b774220.css
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b774220672d50365d38493afc574018e788b313116c35af6d02f5bce368d6a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 16:48:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 22:57:53 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65a9acf1-1f60f"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
truncated
/ 		3 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53197eeb88a68176e215f19a4043db0653aa51f5397ffa24215cf27925c9e36e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/css
StartpageView.606ab178.js
offer24.linkbuilder.com/assets/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer24.linkbuilder.com/assets/StartpageView.606ab178.js
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/assets/index.884acf4b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5d039baee68cdba14342599971da19f5cdedc6b81f63ce57125f8a8ae7be7366

Request headers

Referer
Origin
https://offer24.linkbuilder.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 16:48:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 22:57:53 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65a9acf1-6ef3"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
axios.1cbd2f54.js
offer24.linkbuilder.com/assets/ 		28 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offer24.linkbuilder.com/assets/axios.1cbd2f54.js
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/assets/index.884acf4b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
aba3640356d6ba512c5702a660ae4b0e5e1c5ba8766bd901bb54196e216db642

Request headers

Referer
Origin
https://offer24.linkbuilder.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 16:48:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 22:57:53 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65a9acf1-712b"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
StartpageView.6c9a1cb8.css
offer24.linkbuilder.com/assets/ 		302 B
385 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://offer24.linkbuilder.com/assets/StartpageView.6c9a1cb8.css
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/assets/index.884acf4b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6c9a1cb83fad4a05f8c7175d3ea76da444b4160daf29db57a352bd26b6cfdbcc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 16:48:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Jan 2024 22:57:53 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65a9acf1-12e"
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer24.linkbuilder.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:18:22 GMT
x-content-type-options
nosniff
age
12624
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:18:22 GMT
public
api.adsquiz.io/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.adsquiz.io/graphql/public
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
POST
Origin
https://offer24.linkbuilder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,content-type
Access-Control-Allow-Methods
POST,GET,OPTIONS
Access-Control-Allow-Origin
https://offer24.linkbuilder.com
Access-Control-Max-Age
0
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 16:48:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
public
api.adsquiz.io/graphql/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.adsquiz.io/graphql/public
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/assets/axios.1cbd2f54.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
74442f1fc227ffff0e7dbd1f4d1ef3fe53c80fee68f63fc0aeebdc0fdeef3e4b

Request headers

Accept
application/json, text/plain, */*
Cache-Control
max-age=60
Referer
https://offer24.linkbuilder.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 19 Jan 2024 16:48:47 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-RateLimit-Remaining
59
Content-Type
application/json
Access-Control-Allow-Origin
https://offer24.linkbuilder.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
60
Connection
keep-alive
Vary
Origin
/
api.adsquiz.io/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.adsquiz.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
gtm.js
www.googletagmanager.com/ 		230 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PF7NJBB
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23f6d19597b788bf6e50feafb0ce3e6c6ce0ba18d3722282b2759f1ad15f7803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:48:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83366
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 19 Jan 2024 16:48:48 GMT
ns.html
www.googletagmanager.com/ Frame 37CF 		555 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PF7NJBB
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/assets/StartpageView.606ab178.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4945382213e34fd05d2ae1df693e261264d1b7885339a56bc34e79e6348d962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offer24.linkbuilder.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
275
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 19 Jan 2024 16:48:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
public
api.adsquiz.io/graphql/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.adsquiz.io/graphql/public
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/assets/axios.1cbd2f54.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6dfe1e9d38936dbeb4dd0e03f397946416ca9b24c530e08665f1d412317efd0c

Request headers

Accept
application/json, text/plain, */*
Cache-Control
max-age=60
Referer
https://offer24.linkbuilder.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 19 Jan 2024 16:48:48 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-RateLimit-Remaining
58
Content-Type
application/json
Access-Control-Allow-Origin
https://offer24.linkbuilder.com
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
X-RateLimit-Limit
60
Connection
keep-alive
Vary
Origin
7uupNhZA4IArsCYqJOg3HBo43J7EjYbhRWY0qZ89.png
api.adsquiz.io/storage/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.adsquiz.io/storage/7uupNhZA4IArsCYqJOg3HBo43J7EjYbhRWY0qZ89.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0ac6eadf995e6c72603b983b774d9076feca667ae500f6e8aa89aacfb1e5d764

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 16:48:48 GMT
Last-Modified
Wed, 17 Jan 2024 10:59:28 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65a7b310-48db4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
298420
HshThpoGr7y0s73NEcEsBRYjlIghF2bC5B30OtyS_20230404061321_20230527090432_20240117122455.png
api.adsquiz.io/storage/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.adsquiz.io/storage/HshThpoGr7y0s73NEcEsBRYjlIghF2bC5B30OtyS_20230404061321_20230527090432_20240117122455.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
755aea594264691068cf9ac31437b7411731bd0cc5624382dce699e74e98177d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Fri, 19 Jan 2024 16:48:48 GMT
Last-Modified
Wed, 17 Jan 2024 10:24:55 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65a7aaf7-d8f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3471
1Ptvg83HX_SGhgqk2wotcqA.woff2
fonts.gstatic.com/s/mulish/v13/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk2wotcqA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85cc62cf3b13c6166fea632307afcf5688c0a7239cb79db6582736fb5413ffe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer24.linkbuilder.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 18 Jan 2024 18:35:24 GMT
x-content-type-options
nosniff
age
80003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15840
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:51:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Jan 2025 18:35:24 GMT
public
api.adsquiz.io/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.adsquiz.io/graphql/public
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.25.117.21 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
vps-42270.vps-default-host.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type
Access-Control-Request-Method
POST
Origin
https://offer24.linkbuilder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,content-type
Access-Control-Allow-Methods
POST,GET,OPTIONS
Access-Control-Allow-Origin
https://offer24.linkbuilder.com
Access-Control-Max-Age
0
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Jan 2024 16:48:48 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
/
www.google.com/pagead/1p-conversion/11294455328/ Frame 37CF
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0&ct_cookie_present=false...
  • https://www.google.com/pagead/1p-conversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0&ct_cookie_present=false&random=1413439953&ss...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0&ct_cookie_present=false&random=1413439953&sscte=1&crd=&pscrd=IhMIu8GtiPTpgwMVKAtoCB0jYAnU&is_vtc=1&ocp_id=8KeqZbuJFqiWoPMPo8CloA0&cid=CAQSGwAvHhf_IhdTgNA3f2eflnG50TookDZWNDHm4w&random=41377158
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-PF7NJBB
Protocol
H2
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.googletagmanager.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/11294455328/?value=&label=VwIzCKbUpdsYEKDszokq&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&guid=ON&script=0&ct_cookie_present=false&random=1413439953&sscte=1&crd=&pscrd=IhMIu8GtiPTpgwMVKAtoCB0jYAnU&is_vtc=1&ocp_id=8KeqZbuJFqiWoPMPo8CloA0&cid=CAQSGwAvHhf_IhdTgNA3f2eflnG50TookDZWNDHm4w&random=41377158
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		283 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MW36YXMEJ6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF7NJBB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b5f913dbbe29f2877d10d775578efbef20b930a93e58c9daf2efd77e745f7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 16:48:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98110
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 Jan 2024 16:48:48 GMT
/
www.googleadservices.com/pagead/conversion/11294455328/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11294455328/?random=1705682928409&cv=11&fst=1705682928409&bg=ffffff&guid=ON&async=1&gtm=45He41h0v860512366&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&label=VwIzCKbUpdsYEKDszokq&hn=www.googleadservices.com&frm=0&tiba=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&value=0&bttype=purchase&auid=1107477433.1705682928&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF7NJBB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
cafe /
Resource Hash
6132a3b5513f24b9dc8d3efe74b48bf0fb370287cf6583bf0f8b4e034c9786aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1711
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		213 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 Jan 2024 16:48:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57003
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
zZ0tr0g7ny0ki0OUvZn40VhnFc1F90SlgPMOYn4b/vA5HS/letYPTTVnqi9FdoiI247VJfMBJu9pgv6iJHUj5g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
init
cloud.roistat.com/api/site/1.0/ca225f132f34ff64ba4fd011d7339c13/ 		128 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.roistat.com/api/site/1.0/ca225f132f34ff64ba4fd011d7339c13/init?referrer=https%3A%2F%2Foffer24.linkbuilder.com%2F
Requested by
Host: offer24.linkbuilder.com
URL: https://offer24.linkbuilder.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
77.223.118.104 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
d004e95ea0945a82ba529771203177171f8ef06b0134cc868e0793bfcc52b76b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:51 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
/
www.google.com/pagead/1p-conversion/11294455328/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11294455328/?random=1312551019&cv=11&fst=1705682928409&bg=ffffff&guid=ON&async=1&gtm=45He41h0v860512366&gcd=11l1l1l1l1&dma=0&u_w=160...
  • https://www.google.com/pagead/1p-conversion/11294455328/?random=1312551019&cv=11&fst=1705682928409&bg=ffffff&guid=ON&async=1&gtm=45He41h0v860512366&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/11294455328/?random=1312551019&cv=11&fst=1705682928409&bg=ffffff&guid=ON&async=1&gtm=45He41h0v860512366&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&label=VwIzCKbUpdsYEKDszokq&hn=www.googleadservices.com&frm=0&tiba=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&value=0&auid=1107477433.1705682928&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05pb3JRWVEzcDN0bXVheGlPWllFaVlBUXZJc2JPbjBQR3BsZmd0YndNeXJySG5GZmVRRDYzM2xrU1pOdnV3M3VaNTN6Z2ZTOHcaWkNoRUlnTmlvclFZUTNxZVRwWmk5blozV0FSSXVBSGJybGN1NDNVdV94cU1POHl4TnVvN1lXRkl6QXl1WTFXRFV4WDZDRkVjYVFyQ3hoZ0hJalNFY2ZBS1ZyQSITCJevs4j06YMDFasbaAgdx7oGLg&is_vtc=1&ocp_id=8KeqZZf3G6u3oPMPx_Wa8AI&cid=CAQSGwAvHhf_6b6pycgsJMmElH95tuw7TmB_XhNSgQ&eitems=ChEIgNiorQYQzYfKpc6s-YOwARIdAL2KB7QY5zbNxNN4-zY1D0G2mXzFzWoG2bzdWTc&random=3389010007
Protocol
H2
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/11294455328/?random=1312551019&cv=11&fst=1705682928409&bg=ffffff&guid=ON&async=1&gtm=45He41h0v860512366&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&label=VwIzCKbUpdsYEKDszokq&hn=www.googleadservices.com&frm=0&tiba=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&value=0&auid=1107477433.1705682928&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05pb3JRWVEzcDN0bXVheGlPWllFaVlBUXZJc2JPbjBQR3BsZmd0YndNeXJySG5GZmVRRDYzM2xrU1pOdnV3M3VaNTN6Z2ZTOHcaWkNoRUlnTmlvclFZUTNxZVRwWmk5blozV0FSSXVBSGJybGN1NDNVdV94cU1POHl4TnVvN1lXRkl6QXl1WTFXRFV4WDZDRkVjYVFyQ3hoZ0hJalNFY2ZBS1ZyQSITCJevs4j06YMDFasbaAgdx7oGLg&is_vtc=1&ocp_id=8KeqZZf3G6u3oPMPx_Wa8AI&cid=CAQSGwAvHhf_6b6pycgsJMmElH95tuw7TmB_XhNSgQ&eitems=ChEIgNiorQYQzYfKpc6s-YOwARIdAL2KB7QY5zbNxNN4-zY1D0G2mXzFzWoG2bzdWTc&random=3389010007
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-MW36YXMEJ6&gtm=45je41h0v9109053491z8860512366&_p=1705682927933&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1447491628.1705682929&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705682928&sct=1&seg=0&dl=https%3A%2F%2Foffer24.linkbuilder.com%2F&dt=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3853
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MW36YXMEJ6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer24.linkbuilder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MW36YXMEJ6&cid=1447491628.1705682929&gtm=45je41h0v9109053491z8860512366&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MW36YXMEJ6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://offer24.linkbuilder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11294455328/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11294455328/?random=1705682928670&cv=11&fst=1705682928670&bg=ffffff&guid=ON&async=1&gtm=45je41h0v9109053491z8860512366&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&auid=1107477433.1705682928&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MW36YXMEJ6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
168b1c7054d43e2baa933033cef0618f1d2e68e2c321e5c01b46e235382baea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11294455328/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11294455328/?random=1705682928670&cv=11&fst=1705680000000&bg=ffffff&guid=ON&async=1&gtm=45je41h0v9109053491z8860512366&u_w=1600&u_h=1200&url=https%3A%2F%2Foffer24.linkbuilder.com%2F&frm=0&tiba=%D0%9B%D1%96%D0%BD%D0%BA%D0%B1%D1%96%D0%BB%D0%B4%D0%B8%D0%BD%D0%B3%2C%20%D0%BA%D1%80%D0%B0%D1%83%D0%B4%20%D1%96%20%D1%81%D0%B0%D0%B1%D0%BC%D1%96%D1%82%D0%B8%20%D0%B2%D1%96%D0%B4%20Linkbuilder.com%20%7C%20Made%20by%20-%20adsquiz.io&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_Ie6Mp1hSEAWjKy5Nay0n69h8pRMzG9jxRZzgXrUM2zC-nfpG&random=999886219&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1333784437511517
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1333784437511517?v=2.9.141&r=stable&domain=offer24.linkbuilder.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5d0b525c92d54e679b45a138011545e9267b294c04478ec278d4553ecd3e43c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 19 Jan 2024 16:48:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
ZRhTEkTwjiSDM67eITyfbcRsGMttduCrpldUMNExvRVfiq6dr++xsG241pc2OaBgDEUx4VQrIq7L1guDowat7g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1333784437511517&ev=PageView&dl=https%3A%2F%2Foffer24.linkbuilder.com%2F&rl=&if=false&ts=1705682929245&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705682929047.1116018556&ler=empty&it=1705682928805&coo=false&cdl=&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 19 Jan 2024 16:48:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
addVisit
cloud.roistat.com/api/site/1.0/ca225f132f34ff64ba4fd011d7339c13/ 		2 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud.roistat.com/api/site/1.0/ca225f132f34ff64ba4fd011d7339c13/addVisit?v=323&marker=&visit=100375&first_visit=100375&guid=undefined&phone_prefix=&phone_prefix_bind=&phone_scripts_bind=&referrer=&page=https%3A%2F%2Foffer24.linkbuilder.com%2F&ab=&ab_variants=&hash=OS%60%40c%40ECr%18N%40Hl%13BN~%1ARf%40o_g~o%5DdP%7B%19dP%7BPgS%1ERdPk%1Bd%40MSe~c%1EeShLp%18lL~%7CIPdFFs~%7F%7Cad%40%1Bb%7FPo_gy%1ERdPk%1Bd%40MSe~c%1Ef%40o_gi%1ERdPk%1Bd%40MSe~c%1Ef%40s%5Df%40k_gnYMr%18NBz%7FNhgy%1ERf%40o%1AdnI%1Ae~o%18g%40M_g~I%5Dd~s%1Eg%40ASe~YMr%18pCIn%1BGsC%1ERf%40o%19gn%7F%18enc%1Fg%40A%5DdnI_g~oRd%40kRen%7F%1Bd%40YMIG%13ZI%19xBNl%13%18KrdZNn%1ARgnkPdP%7F%1Dcb%60%5CKrd%1AsrxLpGFSI%19xLNGFPKr%7B%13g~k%5DgPI%1BeShSH%18FPNml%1Ar%19pZI%18F%1Ar%18d%5CH%18%5EZp%7C%13FObhZIG%7F%13g~c%5De~s%5DgnYMIG%13ZI%19xBNl%13ZI%1B%13_p%7D%7CAr%18RZI%19xFHF%13Sprl%1Bprd%1AIP%1A%5DeShSH%18FPNml%1Ar%18FPr%19dBNG%7CLpml%1As%7C%13ZHF%13%40H%18%13XK%7D%7F%13gy%60%13
Requested by
Host: cloud.roistat.com
URL: https://cloud.roistat.com/api/site/1.0/ca225f132f34ff64ba4fd011d7339c13/init?referrer=https%3A%2F%2Foffer24.linkbuilder.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
77.223.118.104 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
1d1e0ee009c9986ecf810a2368e77b8593f79a4b6a23f70d1c5ef2b5fa078e09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://offer24.linkbuilder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Jan 2024 16:48:52 GMT
content-encoding
gzip
xdomainrequestallowed
1
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
counter.js
cllctr.roistat.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cllctr.roistat.com
URL
https://cllctr.roistat.com/counter.js

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __VUE_INSTANCE_SETTERS__ boolean| __INTLIFY_PROD_DEVTOOLS__ boolean| __INTLIFY_JIT_COMPILATION__ boolean| __INTLIFY_DROP_MESSAGE_COMPILER__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ boolean| __VUE__ object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| fbq function| _fbq string| roistatProjectId string| roistatHost object| gaGlobal function| roistatGetCookie function| roistatSetCookie boolean| roistatIsInitVisit string| roistatVisitId string| roistatMetrikaCounterId boolean| roistatAlreadyStarted object| roistat string| roistatVersion function| roistatPromoCodeRefresh function| roistatModuleSetVisitCookie function| roistatUpdateSettings function| setRoistatOnlineChatCustomParams function| roistatSaveLeadHunterTemplates function| roistatSaveMultiwidgetTemplate function| roistatSaveOnlineChatTemplate function| roistatCallTrackingRefresh function| roistatRequestNewPhone function| roistatReusePhone function| roistatCalltrackingUpdateSettings function| roistatEmailtrackingUpdateSettings object| roistatGoal function| applyTests function| roistatSaveProxyFormSettings

13 Cookies

Domain/Path Name / Value
.linkbuilder.com/ Name: _gcl_au
Value: 1.1.1107477433.1705682928
.linkbuilder.com/ Name: _ga_MW36YXMEJ6
Value: GS1.1.1705682928.1.0.1705682928.60.0.0
.linkbuilder.com/ Name: _ga
Value: GA1.1.1447491628.1705682929
.doubleclick.net/ Name: IDE
Value: AHWqTUlcMsPKmNAXQ9iwiVwD-7uBDWqkxAKg68B1hD2YFZcqsqu3aQswzrpZZRVy
.linkbuilder.com/ Name: _fbp
Value: fb.1.1705682929047.1116018556
offer24.linkbuilder.com/ Name: roistat_visit
Value: 100375
offer24.linkbuilder.com/ Name: roistat_first_visit
Value: 100375
offer24.linkbuilder.com/ Name: roistat_visit_cookie_expire
Value: 1209600
offer24.linkbuilder.com/ Name: roistat_is_need_listen_requests
Value: 0
offer24.linkbuilder.com/ Name: roistat_is_save_data_in_cookie
Value: 1
offer24.linkbuilder.com/ Name: roistat_ab
Value:
offer24.linkbuilder.com/ Name: roistat_ab_submit
Value:
offer24.linkbuilder.com/ Name: roistat_cookies_to_resave
Value: roistat_ab%2Croistat_ab_submit

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/1333784437511517?v=2.9.141&r=stable&domain=offer24.linkbuilder.com(Line 127)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.adsquiz.io
cllctr.roistat.com
cloud.roistat.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
offer24.linkbuilder.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
cllctr.roistat.com
142.250.80.2
185.25.117.21
2001:4860:4802:38::181
2607:f8b0:4004:c06::9c
2607:f8b0:4006:816::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
77.223.118.104
0ac6eadf995e6c72603b983b774d9076feca667ae500f6e8aa89aacfb1e5d764
0b774220672d50365d38493afc574018e788b313116c35af6d02f5bce368d6a2
168b1c7054d43e2baa933033cef0618f1d2e68e2c321e5c01b46e235382baea3
1b5f913dbbe29f2877d10d775578efbef20b930a93e58c9daf2efd77e745f7b2
1d1e0ee009c9986ecf810a2368e77b8593f79a4b6a23f70d1c5ef2b5fa078e09
23f6d19597b788bf6e50feafb0ce3e6c6ce0ba18d3722282b2759f1ad15f7803
4da62720095d87f699632bdb808a637af8d31a605022f91ccd8a8f933a1d1641
53197eeb88a68176e215f19a4043db0653aa51f5397ffa24215cf27925c9e36e
5d039baee68cdba14342599971da19f5cdedc6b81f63ce57125f8a8ae7be7366
6132a3b5513f24b9dc8d3efe74b48bf0fb370287cf6583bf0f8b4e034c9786aa
6c9a1cb83fad4a05f8c7175d3ea76da444b4160daf29db57a352bd26b6cfdbcc
6dfe1e9d38936dbeb4dd0e03f397946416ca9b24c530e08665f1d412317efd0c
74442f1fc227ffff0e7dbd1f4d1ef3fe53c80fee68f63fc0aeebdc0fdeef3e4b
755aea594264691068cf9ac31437b7411731bd0cc5624382dce699e74e98177d
7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
85cc62cf3b13c6166fea632307afcf5688c0a7239cb79db6582736fb5413ffe4
a4945382213e34fd05d2ae1df693e261264d1b7885339a56bc34e79e6348d962
a7a83e26514acf9f0e44c9de3077cbaa627b26b27722e56585966c909fbedf14
aba3640356d6ba512c5702a660ae4b0e5e1c5ba8766bd901bb54196e216db642
b59a1cd6e73a9e4d3f367590b18946bf5c34a3be55ab4eba4d37f01010b946fb
b5d0b525c92d54e679b45a138011545e9267b294c04478ec278d4553ecd3e43c
d004e95ea0945a82ba529771203177171f8ef06b0134cc868e0793bfcc52b76b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629