amazingoffersforyou.com Open in urlscan Pro
45.60.6.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaX...
Submission: On September 21 via manual (September 21st 2023, 1:45:22 pm UTC) from US — Scanned from US

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 12 domains to perform 62 HTTP transactions. The main IP is 45.60.6.61, located in United States and belongs to INCAPSULA, US. The main domain is amazingoffersforyou.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 15th 2022. Valid for: a year.

This is the only time amazingoffersforyou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	45.60.6.61 45.60.6.61	19551 (INCAPSULA) (INCAPSULA)
4	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
21	45.60.0.61 45.60.0.61	19551 (INCAPSULA) (INCAPSULA)
2	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:48:1... 2620:1ec:48:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c08::9d	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::200e	15169 (GOOGLE) (GOOGLE)
2	52.184.204.244 52.184.204.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:e980::3d 2a02:e980::3d	19551 (INCAPSULA) (INCAPSULA)
5	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
7	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
62	15

4 45.60.6.61 (United States)

ASN19551 (INCAPSULA, US)

amazingoffersforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 45.60.0.61 (United States)

ASN19551 (INCAPSULA, US)

cl.requesthandlers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.requesthandlers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:48:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80a::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.184.204.244 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e980::3d (United States)

ASN19551 (INCAPSULA, US)

consumertransferservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.requesthandlers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	requesthandlers.com cl.requesthandlers.com a.requesthandlers.com cdn.requesthandlers.com	329 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	439 KB
6	google.com www.google.com — Cisco Umbrella Rank: 11 analytics.google.com — Cisco Umbrella Rank: 270	49 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1290 n.clarity.ms — Cisco Umbrella Rank: 27888 c.clarity.ms — Cisco Umbrella Rank: 2092	22 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	3 KB
4	amazingoffersforyou.com amazingoffersforyou.com	22 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 175	408 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	23 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	133 KB
1	consumertransferservice.com consumertransferservice.com — Cisco Umbrella Rank: 788814	829 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 481	764 B
62	12

	Domain	Requested by
11	cl.requesthandlers.com	amazingoffersforyou.com cl.requesthandlers.com
10	a.requesthandlers.com	cl.requesthandlers.com
5	cdn.requesthandlers.com
5	www.google.com	amazingoffersforyou.com cl.requesthandlers.com www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	fonts.googleapis.com	amazingoffersforyou.com cl.requesthandlers.com
4	amazingoffersforyou.com	amazingoffersforyou.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com amazingoffersforyou.com
2	c.clarity.ms	1 redirects
2	n.clarity.ms	www.clarity.ms
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	cdnjs.cloudflare.com	cl.requesthandlers.com
2	www.clarity.ms	amazingoffersforyou.com www.clarity.ms
2	www.googletagmanager.com	amazingoffersforyou.com www.google-analytics.com
1	consumertransferservice.com	cl.requesthandlers.com
1	c.bing.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
62	18

This site contains no links.

Subject Issuer	Validity	Valid
*.amazingoffersforyou.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-15` - `2023-11-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.requesthandlers.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-10` - `2024-08-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.consumertransferservice.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-06` - `2023-10-17`	a year	crt.sh
snic829gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-24` - `2024-03-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
Frame ID: A31C1FA5949877DA8A9B8296E87CA61A
Requests: 20 HTTP requests in this frame

Frame: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
Frame ID: D06199BB823BB9D560A26149235A0442
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=bqhjj3oe6peh
Frame ID: 0C4A981FF468958678396DC747C97A8D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

You Can Still Get Your Cash!

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

62
Requests

98 %
HTTPS

75 %
IPv6

12
Domains

18
Subdomains

15
IPs

1
Countries

1043 kB
Transfer

2500 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=59152CAD4A8E4CD99B6BE4AC12383CAF&RedC=c.clarity.ms&MXFR=0D199BCE06B36FD32A76885D02B3610B HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59152CAD4A8E4CD99B6BE4AC12383CAF&MUID=0761831107DC6F6B3C30908206BE6E24

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
amazingoffersforyou.com/ 2 KB
1 KB 354ms
133ms Document
text/html 45.60.6.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.6.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 59fe8727441dfe63fa8a55465ff53704ea332f565b1a31b5a5f842f43e0a1674

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store,no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 21 Sep 2023 13:45:15 GMT
pragma: no-cache
server: Kestrel
x-cdn: Imperva
x-iinfo: 6-58406042-58406057 NNYY CT(32 71 0) RT(1695303915335 96) q(0 0 0 0) r(0 0) U24

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 113ms
44ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: amazingoffersforyou.com
URL: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f54b99785acc4da20eed75eb0bf1505a4c155f1234a5fd315b0be963536220f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 11:54:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 13:45:16 GMT

GET
H2 200 main.css
amazingoffersforyou.com/css/ 427 B
383 B 129ms
128ms Stylesheet
text/css 45.60.6.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://amazingoffersforyou.com/css/main.css?v=C6SEfIE0omLR0hYPLMlN2wgZki4JV6b92F_6avU7wgg
Requested by: Host: amazingoffersforyou.com
URL: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.6.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 0ba4847c8134a262d1d2160f2cc94ddb0819922e0957a6fdd85ffa6af53bc208

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:15 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 20:21:38 GMT
server: Kestrel
x-cdn: Imperva
etag: "1d7c06fecf374ab"
content-type: text/css
x-iinfo: 6-58406042-58406057 PNYy RT(1695303915335 240) q(0 0 0 -1) r(1 1) U24
accept-ranges: bytes

GET
H/1.1 200
OK loader.js Show response
cl.requesthandlers.com/ 25 KB
10 KB 203ms
105ms Script
application/javascript 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/loader.js
Requested by: Host: amazingoffersforyou.com
URL: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 8e58aa04cbafbedb94b5fc2336564cd3d64c96f63e46b1d9ed2d526ee3142bea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 13:45:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:01:50 GMT
Server: Kestrel
X-CDN: Imperva
Etag: "1d97a46f15f0622"
Transfer-Encoding: chunked
Content-Type: application/javascript
X-Iinfo: 8-17476694-17467442 pNYy RT(1695303915958 52) q(0 0 0 0) r(0 0) U24
x-incap-sess-cookie-hdr: jmYxRdVhIXaQSRkpc9XMBuxIDGUAAAAAHgnYJDl2mhQpccrFPEDkGQ==
Accept-Ranges: bytes

GET
H2 200 _Incapsula_Resource Show response
amazingoffersforyou.com/ 139 KB
20 KB 100ms
99ms Script
application/javascript 45.60.6.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://amazingoffersforyou.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1689166920
Requested by: Host: amazingoffersforyou.com
URL: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.6.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5138ee8bac76394c066d824b022e3af2815b3f3c2c4b967725836b278df547e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20182
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 137 KB
53 KB 119ms
56ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMQ9DDX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d30fb11dba004a4c4ecbf958152586f4856e88b9e8be5e9133609a6624851237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53530
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Sep 2023 13:45:16 GMT

GET
H/1.1 200
OK / Show response
cl.requesthandlers.com/ Frame D061 7 KB
3 KB 119ms
118ms Document
text/html 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 7c60998f0f3864d7d2ba1a748b3acdbf69b5849bdb3bf8d4bc928c3910ada5af

Request headers

Referer: https://amazingoffersforyou.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store,no-cache
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Cross-Origin-Embedder-Policy: unsafe-none
Date: Thu, 21 Sep 2023 13:45:16 GMT
Pragma: no-cache
Server: Kestrel
Transfer-Encoding: chunked
X-CDN: Imperva
X-Iinfo: 8-17476694-17467442 sNYy RT(1695303915958 269) q(0 0 0 -1) r(1 1) U24
x-incap-sess-cookie-hdr: YGFaQOf+EQiQSRkpc9XMBuxIDGUAAAAAzKYoLm3dxxBloTuZPx3gLA==

GET
H2 200 _Incapsula_Resource
amazingoffersforyou.com/ 1 B
35 B 95ms
94ms Image
text/plain 45.60.6.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazingoffersforyou.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9711963514310791
Requested by: Host: amazingoffersforyou.com
URL: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.6.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 97ms
27ms Script
text/javascript 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMQ9DDX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Sep 2023 12:40:55 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3861
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Sep 2023 14:40:55 GMT

GET
H2 200 3x6u6k9qss Show response
www.clarity.ms/tag/ 1018 B
1 KB 213ms
39ms Script
application/x-javascript 2620:1ec:48:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3x6u6k9qss
Requested by: Host: amazingoffersforyou.com
URL: https://amazingoffersforyou.com/?data=Y2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 93087cc3ef657668539a5585ded8d33c1c71f205a054fec834a9de72d649acdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date: Thu, 21 Sep 2023 13:45:16 GMT
x-azure-ref: 07UgMZQAAAAAntfZk0dO3RayfBVPUJHR/TU5aMjIxMDYwNjE0MDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 1018
expires: -1

GET
H/1.1 200
OK rcannot-some-you-not-Some-Minde-and-to-more-Banq Show response
cl.requesthandlers.com/ Frame D061 230 KB
76 KB 70ms
69ms Script
text/javascript 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: f0b84465147cf1f1549caabdc703b355f7aa8d9a1b874ea0bf6fabde80001998

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: gzip
server: bon
X-CDN: Imperva
content-type: text/javascript
access-control-allow-origin: *
X-Iinfo: 8-17476694-17476795 NNNN CT(7 8 0) RT(1695303915958 399) q(0 0 0 -1) r(0 1)
Cache-Control: max-age=0
server-timing: bon, total;dur=13.409048
keep-alive: timeout=60
content-length: 76884

GET
H2 200 css2
fonts.googleapis.com/ Frame D061 7 KB
722 B 44ms
41ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f54b99785acc4da20eed75eb0bf1505a4c155f1234a5fd315b0be963536220f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:43:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 13:45:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D061 1 KB
522 B 46ms
43ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3327b27f7de663b7bcfdbb68afcf5f51f0dd78a41a88652232b1f56198a89656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:33:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 13:45:16 GMT

GET
H/1.1 200
OK main.css
cl.requesthandlers.com/ Frame D061 20 KB
5 KB 146ms
95ms Stylesheet
text/css 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/main.css?v=W-QnswjhsKRiIXYB1VnYX7KdO1vgKu-96CYXyjvzdsI
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5be427b308e1b0a462217601d559d85fb29d3b5be02aefbde82617ca3bf376c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 13:45:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:01:50 GMT
Server: Kestrel
X-CDN: Imperva
Etag: "1d97a46f15f32c7"
Transfer-Encoding: chunked
Content-Type: text/css
X-Iinfo: 0-6470943-6447547 pNYy RT(1695303916381 28) q(0 0 0 -1) r(0 0) U24
Accept-Ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ Frame D061 3 KB
749 B 45ms
43ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Sep 2023 12:42:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Sep 2023 13:45:16 GMT

GET
H2 200 fetch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fetch/2.0.4/ Frame D061 7 KB
3 KB 102ms
36ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fetch/2.0.4/fetch.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78e52891bfd18c3c3b912faf0f06dab4dacb37c048bef12194b339ca881c0c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4381310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2219
last-modified: Thu, 22 Jun 2023 11:01:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "649429f9-8ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lrp6xWWbbMK%2B9ZV7b1p2myPhxX6KdKKosHsnhvFO3DaeX4pe9OczALNOFocaJm1W15te4smEQn4Orh0jnZB1rWJnW%2BIaQJBlO2r%2BUx4utJSivcpc%2FAA42uAjonJ4jT3VsP5VidngcBeK0gZp8uJNANmi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80a2bf68f9d14bc6-BUF
expires: Tue, 10 Sep 2024 13:45:16 GMT

GET
H2 200 bluebird.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bluebird/3.7.2/ Frame D061 80 KB
21 KB 103ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.7.2/bluebird.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5da4364c94b11a9e56f0d0388439082ef6d3b29c15255ac17bad40abe0c248

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4381286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20680
last-modified: Thu, 22 Jun 2023 10:51:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "649427b6-50c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GNuDCCNknKXKeSryYKk2FZ2ATdJLEsuNt8HwG9Ms%2BmDFX6zaBzSWXKymQnwhkTyInXrwxfAC%2F9ZwEs937JPdyealeFHZ%2BSl%2FvtkjCqrVSpmXOP4%2BrW7W%2FtwZ42BYeOh9vueAIwk05r1S9aOUdzo8Ls0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80a2bf68f9d24bc6-BUF
expires: Tue, 10 Sep 2024 13:45:16 GMT

GET
H/1.1 200
OK main.js Show response
cl.requesthandlers.com/ Frame D061 56 KB
19 KB 188ms
136ms Script
application/javascript 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 61b559f87f3dc22b0ec0fd76b4fa592ee2b4a5b299fb0466b946ddc1a59d118d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 13:45:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:01:50 GMT
Server: Kestrel
X-CDN: Imperva
Etag: "1d97a46f15f8325"
Transfer-Encoding: chunked
Content-Type: application/javascript
X-Iinfo: 2-13508940-13444402 pNYN RT(1695303916384 27) q(0 0 0 -1) r(1 1) U24
Accept-Ranges: bytes

GET
H/1.1 200
OK _Incapsula_Resource Show response
cl.requesthandlers.com/ Frame D061 147 KB
21 KB 88ms
33ms Script
application/javascript 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1649496279
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 157d48876bf4ea02be2eac512290d249867aee96dbfe3409d8ee9f0765493b69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 21217
Content-Type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
227 B 44ms
42ms XHR
text/plain 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1905375018&t=pageview&_s=1&dl=https%3A%2F%2Famazingoffersforyou.com%2F%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&ul=en-us&de=UTF-8&dt=You%20Can%20Still%20Get%20Your%20Cash!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1595559635&gjid=1068688674&cid=692221663.1695303917&tid=UA-121799710-1&_gid=1302179845.1695303917&_r=1&_slc=1&gtm=45He39i0n81TMQ9DDX&z=1209070500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

adc81b8310b55e5d431f5b40035fb860afe4ff5fbed53a22350952b97e4d12e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://amazingoffersforyou.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 13:45:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazingoffersforyou.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
352 B 114ms
38ms XHR
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-121799710-1&cid=692221663.1695303917&jid=1595559635&gjid=1068688674&_gid=1302179845.1695303917&_u=YEBAAEAAAAAAACAAI~&z=1647611140

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://amazingoffersforyou.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Sep 2023 13:45:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazingoffersforyou.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 63ms
62ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EF9BEB72TC&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76b0ddd40e84ab7c3abef327a5a0045a39a897e6aba9c781b32cc411ece73223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Sep 2023 13:45:17 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 33ms
33ms Script
application/javascript 2620:1ec:48:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3x6u6k9qss
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:48:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:16 GMT
content-encoding: br
last-modified: Mon, 18 Sep 2023 19:28:23 GMT
x-azure-ref-originshield: 0OiwLZQAAAAC+PZfBB/4eS6upRT/TONpaTU5aMjIxMDYwNjEyMDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBB87D6C4CE56B"
x-azure-ref: 07UgMZQAAAAAabZnXrY+6S4seupFbT9j6TU5aMjIxMDYwNjE0MDM5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: aca15853-001e-0056-0d57-ebdf34000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H/1.1 200
OK 958ded59cf50a3b882a2.gif
cl.requesthandlers.com/ Frame D061 5 KB
6 KB 94ms
94ms Image
image/gif 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cl.requesthandlers.com/958ded59cf50a3b882a2.gif
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.css?v=W-QnswjhsKRiIXYB1VnYX7KdO1vgKu-96CYXyjvzdsI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b0e55d808246271a2eee843a1def491b589e3674c269fc625ae79dded13b3cab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/main.css?v=W-QnswjhsKRiIXYB1VnYX7KdO1vgKu-96CYXyjvzdsI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 13:45:16 GMT
Last-Modified: Sat, 29 Apr 2023 03:01:50 GMT
Server: Kestrel
X-CDN: Imperva
Etag: "1d97a46f15f703c"
Content-Type: image/gif
X-Iinfo: 0-6470943-6447547 sNNy RT(1695303916381 186) q(0 0 0 -1) r(1 1) U24
Accept-Ranges: bytes
Content-Length: 4924

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2607:f8b0:4006:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1905375018&t=event&ni=1&_s=2&dl=https%3A%2F%2Famazingoffersforyou.com%2F%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&ul=en-us&de=UTF-8&dt=You%20Can%20Still%20Get%20Your%20Cash!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=69tm0j&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=692221663.1695303917&tid=UA-121799710-1&_gid=1302179845.1695303917&gtm=45He39i0n81TMQ9DDX&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F3x6u6k9qss%2F1cunjo4%2F69tm0j&z=1427026694

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 21:04:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 60049
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content trace
a.requesthandlers.com/api/ Frame 0
0 169ms
105ms Preflight 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/trace
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-correlation-id
Access-Control-Request-Method: POST
Origin: https://cl.requesthandlers.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-correlation-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Thu, 21 Sep 2023 13:45:16 GMT
Server: Kestrel
Vary: Origin
X-CDN: Imperva
X-Correlation-Id: f8ba9aa2-cacc-4647-af89-fbd6026cc446
X-Iinfo: 0-6470972-6447547 pNNy RT(1695303916659 29) q(0 1 1 0) r(1 1) U24
x-incap-sess-cookie-hdr: 8DlMWM9lxxDTShkpc9XMBuxIDGUAAAAAruPKBIjefJRMjuge7FFHUw==

OPTIONS
H/1.1 204
No Content ab
a.requesthandlers.com/api/ Frame 0
0 175ms
112ms Preflight 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/ab?templateId=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-correlation-id
Access-Control-Request-Method: GET
Origin: https://cl.requesthandlers.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-correlation-id
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Thu, 21 Sep 2023 13:45:16 GMT
Server: Kestrel
Vary: Origin
X-CDN: Imperva
X-Correlation-Id: 61e0000e-1311-48f3-89ab-7189554b484e
X-Iinfo: 6-9831328-9824046 pNNy RT(1695303916660 28) q(0 1 1 0) r(1 1) U24
x-incap-sess-cookie-hdr: caFodKFtSjDTShkpc9XMBuxIDGUAAAAAuqT6xuqb29FJnGR7DYx/lw==

POST
H/1.1 200
OK trace
a.requesthandlers.com/api/ Frame D061 0
0 168ms
168ms Fetch 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/trace
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

x-correlation-id: 36010c7d-6359-4e49-9974-457f28999e80
Referer: https://cl.requesthandlers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 21 Sep 2023 13:45:16 GMT
X-Correlation-Id: 36010c7d-6359-4e49-9974-457f28999e80
Server: Kestrel
X-CDN: Imperva
Vary: Origin
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 0-6470972-6447547 sNNy RT(1695303916659 135) q(0 1 1 62) r(2 2) U24
Access-Control-Allow-Credentials: true
x-incap-sess-cookie-hdr: ZSUsWj6HKDjTShkpc9XMBuxIDGUAAAAASvde1s/UZSKQQD2Usn+Gvg==
Content-Length: 0

GET
H/1.1 200
OK ab Show response
a.requesthandlers.com/api/ Frame D061 83 B
1 KB 175ms
125ms Fetch
application/json 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/ab?templateId=
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: cd511273991c7b7d57490be46d3a5bb38c645261c1bd05d1e9419fa5ed6638b6

Request headers

x-correlation-id: 36010c7d-6359-4e49-9974-457f28999e80
Referer: https://cl.requesthandlers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 21 Sep 2023 13:45:16 GMT
X-Correlation-Id: 36010c7d-6359-4e49-9974-457f28999e80
Content-Encoding: gzip
Server: Kestrel
X-CDN: Imperva
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 4-20519321-20461046 pNYy RT(1695303916824 28) q(0 0 0 4) r(1 1) U24
Access-Control-Allow-Credentials: true
x-incap-sess-cookie-hdr: xoz5OfjhRGDTShkpc9XMBuxIDGUAAAAA8gjtEk/rttHhQ6jyP80nag==

GET
H/1.1 200
OK 6ff58ccd7760347a0653.png
cl.requesthandlers.com/ Frame D061 8 KB
9 KB 94ms
94ms Image
image/png 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cl.requesthandlers.com/6ff58ccd7760347a0653.png
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.css?v=W-QnswjhsKRiIXYB1VnYX7KdO1vgKu-96CYXyjvzdsI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: ea8488295d448feb86e380c6dbafcb0eed8af12ef0e81888d657ebcddd161705

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/main.css?v=W-QnswjhsKRiIXYB1VnYX7KdO1vgKu-96CYXyjvzdsI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 13:45:16 GMT
Last-Modified: Sat, 29 Apr 2023 03:01:50 GMT
Server: Kestrel
X-CDN: Imperva
Etag: "1d97a46f15f4244"
Content-Type: image/png
X-Iinfo: 2-13508940-13444402 sNNN RT(1695303916384 244) q(0 0 0 -1) r(0 0) U24
Accept-Ranges: bytes
Content-Length: 8516

GET
H/1.1 200
OK _Incapsula_Resource
cl.requesthandlers.com/ Frame D061 1 B
436 B 24ms
24ms Image
text/plain 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cl.requesthandlers.com/_Incapsula_Resource?SWKMTFSR=1&e=0.11144508896651728
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 101ms
43ms Image
image/gif 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-121799710-1&cid=692221663.1695303917&jid=1595559635&_u=YEBAAEAAAAAAACAAI~&z=2083591490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 13:45:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
259 B 101ms
39ms Ping
text/plain 2607:f8b0:4006:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-EF9BEB72TC&gtm=45je39i0&_p=1905375018&_gaz=1&ul=en-us&sr=1600x1200&cid=692221663.1695303917&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Famazingoffersforyou.com%2F%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&dt=You%20Can%20Still%20Get%20Your%20Cash!&sid=1695303917&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EF9BEB72TC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 13:45:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazingoffersforyou.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 39ms
38ms Ping
text/plain 2607:f8b0:4004:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EF9BEB72TC&cid=692221663.1695303917&gtm=45je39i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EF9BEB72TC&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 13:45:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://amazingoffersforyou.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
303 B 128ms
37ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://amazingoffersforyou.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://amazingoffersforyou.com
Date: Thu, 21 Sep 2023 13:45:17 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=59152CAD4A8E4CD99B6BE4AC12383CAF&RedC=c.clarity.ms&MXFR=0D199BCE06B36FD32A76885D02B3610B
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59152CAD4A8E4CD99B6BE4AC12383CAF&MUID=0761831107DC6F6B3C30908206BE6E24

42 B
442 B

36ms
35ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59152CAD4A8E4CD99B6BE4AC12383CAF&MUID=0761831107DC6F6B3C30908206BE6E24
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://amazingoffersforyou.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Sep 2023 13:45:17 GMT
last-modified: Wed, 30 Aug 2023 15:12:15 GMT
server: Microsoft-IIS/10.0
etag: "3370fe5b54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 21 Sep 2023 13:45:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB366E937A15431BA11BE2CFD564554B Ref B: EWR311000106023 Ref C: 2023-09-21T13:45:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=59152CAD4A8E4CD99B6BE4AC12383CAF&MUID=0761831107DC6F6B3C30908206BE6E24
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 clickbrain.ashx Show response
consumertransferservice.com/misc/ Frame D061 36 B
829 B 156ms
94ms Script
text/javascript 2a02:e980::3d
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://consumertransferservice.com/misc/clickbrain.ashx?callback=__jp0

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980::3d , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e7d658d195f811eadf472163b3b9f540160879e76385342891eaabd314f81859

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content
date: Thu, 21 Sep 2023 13:45:17 GMT
referrer-policy: no-referrer
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: Deny
content-type: text/javascript
x-iinfo: 2-7866765-7853787 pNYy RT(1695303917177 27) q(0 0 0 2) r(0 0) U24
x-incap-sess-cookie-hdr: QamJI8Y7SCPrEMqb3kdYFO1IDGUAAAAARhgPMwHOTnrHqnjHQZscJw==
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK rcannot-some-you-not-Some-Minde-and-to-more-Banq Show response
cl.requesthandlers.com/ Frame D061 740 B
1 KB 100ms
76ms Fetch
application/json 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq?d=cl.requesthandlers.com
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: bon /
Resource Hash: 485481f82a5f54540ca63125731a309408ae19c8ccd7e9f94f091f44d9744fa5

Request headers

Accept: application/json; charset=utf-8
Referer: https://cl.requesthandlers.com/?elementId=click-listing&fullScreen=true&referrerURL=&query=%3Fdata%3DY2hhbm5lbD11bmRlcnBvcCZjYW1wYWlnbklkPTRmOWUxN2VlLTM0MzQtNDcwZS1iMTcxLWRiNWVlMGE4OTdkNiZoaXRJZD1kNmM0ZDkxNi05MDEyLTRiNDgtYTcwNy03MTExOGFmMzFkZTU%253D&visibilityState=visible&correlationId=36010c7d-6359-4e49-9974-457f28999e80&campaignId=4f9e17ee-3434-470e-b171-db5ee0a897d6&hitId=d6c4d916-9012-4b48-a707-71118af31de5&channel=underpop&loaderVer=v1.70.2&debug=false
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Thu, 21 Sep 2023 13:45:16 GMT
Content-Encoding: gzip
server: bon
X-CDN: Imperva
Transfer-Encoding: chunked
content-type: application/json
access-control-allow-origin: *
X-Iinfo: 2-13508940-13509079 NNYN CT(8 8 0) RT(1695303916384 722) q(0 0 0 -1) r(0 0) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=33.492174
keep-alive: timeout=60

OPTIONS
H/1.1 204
No Content rdr
a.requesthandlers.com/api/ Frame 0
0 102ms
102ms Preflight 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/rdr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-correlation-id
Access-Control-Request-Method: POST
Origin: https://cl.requesthandlers.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-correlation-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Thu, 21 Sep 2023 13:45:16 GMT
Server: Kestrel
Vary: Origin
X-CDN: Imperva
X-Correlation-Id: c3a43cee-5ca2-4fa4-a276-230de623ef4e
X-Iinfo: 0-6470972-6447547 sNNy RT(1695303916659 490) q(0 0 0 -1) r(1 1) U24
x-incap-sess-cookie-hdr: HfP1AeN20SbTShkpc9XMBu1IDGUAAAAAIOj8gOwGKnTsyGxjOZ0hjw==

POST
H/1.1 200
OK rdr Show response
a.requesthandlers.com/api/ Frame D061 419 B
1 KB 175ms
175ms Fetch
application/json 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/rdr
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 5ad9d542a74d1012718b488977d0097dcb3f9859bca58ec657104036486498a0

Request headers

x-correlation-id: 36010c7d-6359-4e49-9974-457f28999e80
Referer: https://cl.requesthandlers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 21 Sep 2023 13:45:17 GMT
X-Correlation-Id: 36010c7d-6359-4e49-9974-457f28999e80
Content-Encoding: gzip
Server: Kestrel
X-CDN: Imperva
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 4-20519321-20461046 sNYy RT(1695303916824 429) q(0 0 0 -1) r(2 2) U24
Access-Control-Allow-Credentials: true
x-incap-sess-cookie-hdr: Vd79LfIqF3XTShkpc9XMBu1IDGUAAAAAXQStF+fLQUEMM3MSB924Yw==

GET
H/1.1 200
OK clc Show response
a.requesthandlers.com/api/ Frame D061 9 KB
2 KB 120ms
119ms Fetch
application/json 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/clc?sessionId=599a83e0-36b9-4170-1d6d-08dbb85ad221
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: b8f41f30c86c1730481d8d26a289ef81fe91a9a305818009a554edba0191b09e

Request headers

x-correlation-id: 36010c7d-6359-4e49-9974-457f28999e80
Referer: https://cl.requesthandlers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 13:45:17 GMT
X-Correlation-Id: 36010c7d-6359-4e49-9974-457f28999e80
Content-Encoding: gzip
Server: Kestrel
X-CDN: Imperva
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 0-6470972-6447547 sNYy RT(1695303916659 876) q(0 0 0 -1) r(1 1) U24
Access-Control-Allow-Credentials: true
x-incap-sess-cookie-hdr: sKAzIky2YFzTShkpc9XMBu1IDGUAAAAA2Kyj1A8Y56Lc7eSwk8tQ5g==

OPTIONS
H/1.1 204
No Content clc
a.requesthandlers.com/api/ Frame 0
0 103ms
103ms Preflight 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/clc?sessionId=599a83e0-36b9-4170-1d6d-08dbb85ad221
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-correlation-id
Access-Control-Request-Method: GET
Origin: https://cl.requesthandlers.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-correlation-id
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Thu, 21 Sep 2023 13:45:17 GMT
Server: Kestrel
Vary: Origin
X-CDN: Imperva
X-Correlation-Id: 5e489901-0bfb-4f37-894c-b1f06d9dd587
X-Iinfo: 0-6470972-6447547 sNNy RT(1695303916659 772) q(0 0 0 -1) r(1 1) U24
x-incap-sess-cookie-hdr: fwBbP/iRp13TShkpc9XMBu1IDGUAAAAADK7mGPGMayEcn7jq2m4Klg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame D061 1 KB
1 KB 50ms
47ms Script
text/javascript 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onInvisibleReCaptchaLoadCallback&render=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

894ed22c072f853205849d44fdeb81b17672ec6ddc58f6cb970bbb6b300c7101

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Sep 2023 13:45:18 GMT

GET
H2 200 LavishGreenb83b21e4-cfb9-4549-9c4c-c08b5766a8a1.png
cdn.requesthandlers.com/adicons/ Frame D061 16 KB
16 KB 177ms
38ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/LavishGreenb83b21e4-cfb9-4549-9c4c-c08b5766a8a1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/1C74) /
Resource Hash: 358124058d9fb9ce4c8f22f93cd58fb641199741f3158847bcf22a4804628f0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Sep 2023 13:45:18 GMT
content-md5: nytcn2bJZ1vUpHMa6Sse5A==
age: 599546
x-cache: HIT
content-length: 16492
x-ms-lease-status: unlocked
last-modified: Wed, 10 Feb 2021 17:27:39 GMT
server: ECAcc (nya/1C74)
etag: 0x8D8CDE92A3DAFC3
content-type: image/png
x-ms-request-id: bccae95d-c01e-0044-021d-e77232000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 01 Oct 2023 13:45:23 GMT

GET
H2 200 ads%20272x186_EasyOnlineLoans-06def474ea-ca8c-4f22-a38a-957c94db3076.png
cdn.requesthandlers.com/adicons/ Frame D061 5 KB
5 KB 177ms
38ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/ads%20272x186_EasyOnlineLoans-06def474ea-ca8c-4f22-a38a-957c94db3076.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/792D) /
Resource Hash: 5ecccb15a55cbbc3a010264d1fa3e4569998e87fd261eb6756852ff805adeef1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Sep 2023 13:45:18 GMT
content-md5: FQ5J/X1XpZg2elVGFj8g/w==
age: 525221
x-cache: HIT
content-length: 4814
x-ms-lease-status: unlocked
last-modified: Thu, 08 Oct 2020 19:15:18 GMT
server: ECAcc (nya/792D)
etag: 0x8D86BBE7E8ED0B0
content-type: image/png
x-ms-request-id: f465befb-501e-0046-64ca-e7cc8a000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 01 Oct 2023 13:45:23 GMT

GET
H2 200 imagesb0bd31aa-4132-4712-a4b3-d35e5be45a26.jpeg
cdn.requesthandlers.com/adicons/ Frame D061 20 KB
20 KB 222ms
83ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/imagesb0bd31aa-4132-4712-a4b3-d35e5be45a26.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/1C50) /
Resource Hash: c92a63048ba3151b548b5af521d8076e5ac04a809774c03bc670b6ed5ba4a86b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Sep 2023 13:45:18 GMT
content-md5: QYapFchZ1rbM5sCjfgolGw==
age: 64502
x-cache: HIT
content-length: 20502
x-ms-lease-status: unlocked
last-modified: Fri, 21 Oct 2022 06:16:17 GMT
server: ECAcc (nya/1C50)
etag: 0x8DAB32BC3ABB05A
content-type: image/jpeg
x-ms-request-id: ba8bab66-901e-00bd-6bfb-eb7110000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 01 Oct 2023 13:45:23 GMT

GET
H2 200 www.short-term-loans.coe5bd1400-9061-4fa0-a21c-72b6a55dfea7.jpg
cdn.requesthandlers.com/adicons/ Frame D061 65 KB
65 KB 222ms
83ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/www.short-term-loans.coe5bd1400-9061-4fa0-a21c-72b6a55dfea7.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/799A) /
Resource Hash: dd4f7e1ffc75a48add06553dd1892e1527e2452f338f85ec04f265c4afaeb1c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Sep 2023 13:45:18 GMT
content-md5: OIZyHKg+K2/QIzEASp6exA==
age: 590011
x-cache: HIT
content-length: 66834
x-ms-lease-status: unlocked
last-modified: Tue, 06 Oct 2020 18:04:33 GMT
server: ECAcc (nya/799A)
etag: 0x8D86A2247D13D29
content-type: image/jpeg
x-ms-request-id: a9e8c653-801e-007a-8034-e7e54d000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 01 Oct 2023 13:45:23 GMT

GET
H2 200 272x186%20oct-035c5278d2-8b2f-4def-90db-b06419aca415.png
cdn.requesthandlers.com/adicons/ Frame D061 66 KB
66 KB 177ms
39ms Image
image/png 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/272x186%20oct-035c5278d2-8b2f-4def-90db-b06419aca415.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/789C) /
Resource Hash: 0a5ab498bfd3d7512823217bf4c860d9ef0500bd7b3bf7def7a07fb5dd3e2d2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 21 Sep 2023 13:45:18 GMT
content-md5: JRsTjBiOJMZpIkCpX9r6xw==
age: 303270
x-cache: HIT
content-length: 67886
x-ms-lease-status: unlocked
last-modified: Tue, 08 Oct 2019 17:35:32 GMT
server: ECAcc (nya/789C)
etag: 0x8D74C15EB4C45E9
content-type: image/png
x-ms-request-id: 19a563fb-601e-0072-0ccf-e9ff42000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sun, 01 Oct 2023 13:45:23 GMT

GET
H/1.1 200
OK fd74c7d38445ce36e55e.svg
cl.requesthandlers.com/ Frame D061 1 KB
1 KB 108ms
107ms Image
image/svg+xml 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cl.requesthandlers.com/fd74c7d38445ce36e55e.svg
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.css?v=W-QnswjhsKRiIXYB1VnYX7KdO1vgKu-96CYXyjvzdsI
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 088fe953667c6f80eee0f43f1ecd3bd137daf49daff006367e9f877c947df659

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cl.requesthandlers.com/main.css?v=W-QnswjhsKRiIXYB1VnYX7KdO1vgKu-96CYXyjvzdsI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date: Thu, 21 Sep 2023 13:45:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:01:50 GMT
Server: Kestrel
X-CDN: Imperva
Etag: "1d97a46f15f6718"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
X-Iinfo: 2-13508940-13444402 pNYN RT(1695303916384 1305) q(0 0 0 -1) r(1 1) U24
Accept-Ranges: bytes

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ Frame D061 18 KB
19 KB 83ms
25ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cl.requesthandlers.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:20:46 GMT
x-content-type-options: nosniff
age: 588272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:20:46 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame D061 453 KB
182 KB 83ms
24ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onInvisibleReCaptchaLoadCallback&render=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cl.requesthandlers.com/
Origin: https://cl.requesthandlers.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 09:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185934
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 09:01:36 GMT

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
303 B 37ms
36ms XHR
text/plain 52.184.204.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://amazingoffersforyou.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://amazingoffersforyou.com
Date: Thu, 21 Sep 2023 13:45:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0C4A 51 KB
28 KB 60ms
59ms Document
text/html 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=bqhjj3oe6peh

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22e906285b7a86d23d066b1a3a10c6ac8341f22be5fe1b99cfa1c7d61d187ace

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hTEKK6X4eYcvJu6shLMdXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hTEKK6X4eYcvJu6shLMdXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Sep 2023 13:45:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 0C4A 55 KB
24 KB 75ms
24ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=bqhjj3oe6peh

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 02:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 02:39:16 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/ Frame 0C4A 453 KB
182 KB 87ms
37ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 09:01:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185934
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 04:01:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Sep 2024 09:01:36 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0C4A 2 KB
2 KB 25ms
24ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 17:24:31 GMT
x-content-type-options: nosniff
age: 505247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 22 Sep 2023 17:24:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0C4A 15 KB
15 KB 25ms
24ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 00:51:47 GMT
x-content-type-options: nosniff
age: 478411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Sep 2024 00:51:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0C4A 15 KB
15 KB 32ms
31ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 22:09:32 GMT
x-content-type-options: nosniff
age: 488146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Sep 2024 22:09:32 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0C4A 102 B
135 B 44ms
43ms Other
text/javascript 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e65be61e734df82e8aaa5503c9bbb29b4125f52311cb8f57efa4db12bb1f7d65

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=bqhjj3oe6peh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 13:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Sep 2023 13:45:18 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 0C4A 33 KB
19 KB 85ms
84ms XHR
application/json 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ai7lOI0zKMDPHxlv62g7oMoJ/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

191ab4d9d1305e084b80ee5c4c22fb51754437cee4fc424a3d498f0c296c448a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=Ai7lOI0zKMDPHxlv62g7oMoJ&size=invisible&cb=bqhjj3oe6peh
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 21 Sep 2023 13:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 21 Sep 2023 13:45:19 GMT

POST
H/1.1 200
OK gr
a.requesthandlers.com/api/cv/ Frame D061 0
0 250ms
250ms Fetch 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/cv/gr
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.js?v=YbVZ-H89wisOwP12tPpZLuK0pbKZ-wRmuUbdwaWdEY0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

x-correlation-id: 36010c7d-6359-4e49-9974-457f28999e80
Referer: https://cl.requesthandlers.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 21 Sep 2023 13:45:18 GMT
X-Correlation-Id: 36010c7d-6359-4e49-9974-457f28999e80
Server: Kestrel
X-CDN: Imperva
Vary: Origin
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 4-20519321-20461046 sNNy RT(1695303916824 2016) q(0 0 0 -1) r(2 2) U24
Access-Control-Allow-Credentials: true
x-incap-sess-cookie-hdr: aIE7Q9PnhXLTShkpc9XMBu9IDGUAAAAAJAm2TW0rRHwWk/aaWsMl3A==
Content-Length: 0

OPTIONS
H/1.1 204
No Content gr
a.requesthandlers.com/api/cv/ Frame 0
0 113ms
113ms Preflight 45.60.0.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/cv/gr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.0.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-correlation-id
Access-Control-Request-Method: POST
Origin: https://cl.requesthandlers.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-correlation-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Thu, 21 Sep 2023 13:45:18 GMT
Server: Kestrel
Vary: Origin
X-CDN: Imperva
X-Correlation-Id: 6f27a6df-53c1-4cce-8454-0fe011ed3de9
X-Iinfo: 0-6470972-6447547 sNNy RT(1695303916659 2033) q(0 1 1 -1) r(1 1) U24
x-incap-sess-cookie-hdr: FMy6XksEcUjTShkpc9XMBu5IDGUAAAAAY0gAiiAy3Pfx8UBuF+cRlg==

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 19:14:15	Name: _GRECAPTCHA Value: 09AIMuWcAkuUo_e6zm_yG14kg3aRGprCLz-FFYcvWD9RFjjQbj6EOV963rYRIJ23ddEGAfvuH8wY-X3h0z0icQJ2I
.amazingoffersforyou.com/	1970-01-20 23:40:13	Name: visid_incap_2205651 Value: E6kED7OHSEabov7uZIUWautIDGUAAAAAQUIPAAAAAACgBs6kwLbWAvacMSovvoo3
.amazingoffersforyou.com/	1969-12-31 23:59:59	Name: nlbi_2205651 Value: tYk2cGZG+3noAzTOSKXqewAAAAAGP916wwTdDq/+6l1yb+nR
.amazingoffersforyou.com/	1969-12-31 23:59:59	Name: incap_ses_8078_2205651 Value: lCf+BYKVjkZ10mkJBdMacOtIDGUAAAAACubwWHd5ybB3FMdL1wULXQ==
amazingoffersforyou.com/	1970-01-20 14:55:03	Name: ___utmvc Value: rtZiWDytRGTfR0jlo9f7OkhoyNFdPnGEkU6rcy4UP9M9/dG/EKf0BMGIPhWkNIKUWHiWUsx5CZTh3NL9TrnPNusljwAG6L8ZlTjOJu/wzAtia2ZUSTMi/AnXCyErhKNJfV0l5tH6FiIscawjegDBIMgFC6kFwbw2Ir3sRV9vWzJzUoJvTBN9fu+GFqDqsoqIcZLAe7A9UeFATm7vZkIYMNCIFtZBkz7C8neM5rDO5B2D7lBGni9BJk+ooDwIuNldHZd0feKtSQG5YuZBE18SCfVQ8AkQyPJVJBCqyq5MUepPwbBpAP0nUX2c3Kamr61wZX719iA5JOpSzzE0dGVic4Um6VHoX65wxvculFzRGI38D4l3lEBUQCbtgFAvJwYNjVOVu0TAa9kHNc5v4EUwXA+Kz0nU6SUBVHQSNFpLMOf9BtnpoRqCpVDQpp1v4FYjmQ3X4zMUdTirVSltqJ3+78OfpUe5mnm9AtKK3c2QsLm0q90PxQPV4Kpd+7u9wtSAuSjeNQbj0pJw9Huv0uLEyhykZTxWcAZ/evV3KozInGjS2ukVD5yvZCmnpQn0N31jFtSQVJjo6b50Esd3aS2TuVb5dLnvztA3mlZiZeOcO2ZQRFCSTzff8eD0ZN/OOT9AbLjgCOK2tEVNQtq+a6gL0NKe3WZnSjGLx3UfUn3NV9zsPgnkqhwifHhRsI5Vl3pQfb0dMPmvJ1u7TQzPvRmVZq85u7hHR4vuEgpEbRvilhlgUabp2oOKbqLLzEbayMdDprCsTrKPXLtRTw5tKoAHlqt2FRCq3p4nBTl3Wbes+j9uQvgXO1Cy4gt0HLZOO2U54pvwTktsQYYT4vfTAUXfN1V/hfbnD6CLpzf0jD+zVhsamkG0JzBxoNuZcctQH2d1DFlXizqO2jqiQNxlmy1TW/n+W+Fqrmra6q8OUGYXOVpE06gZH091FKA0F/+RkAdndJebe8QC8lR977vBPgrINx/TuJaAWW5Mbd66i95sCnnk1MiGLWkXKUt7wgZpYglEdBSfiBDtt+7QqEVhQ4GjIPsUtshsWvTDrdxIzc9k1eNowGRQqEy67wKIjih4g8E+yKAnch415UCFdfqn8g8wNkYD0f1tNUB1cX3oZ+Xy8dUDcexu+3eiC/CA3BuGwp/tIvn4W9C+SY753NlwmypqMUB4ZlOD4+hEoLmXatSYb45lSjcb7BUkmKfvLQb0UhQUFyd8FFsZjJBr6aOt/TSTIirFQMVBqhrBADnrsXN+W0bpbjOURqKY+uZqVJtDucuBxDmLg0lej0VZcCPGyaUhoSDr1zS5Jqgi4l+RS90EPYih0U/fouebYybql0KmjUtP955wdQgFLZHi++36or8YfPxy+lJp4OHZ9OkFxURxHUfEvEwqqBdunkXFB87cXwnWq+FXnwfI6ker5UxYJ4FBknxWlurpoFWSfnEpAca3UteAralu6dMGQa7llxHLGOXRr9Y5bMKBd2dLm/p+wMJak1Cf/MILvSv5GwcPx+KWKQTX5q/7QubF7NAn1HkLk05lt34mRfGuX9Zze22Yj7tU3xLOngDqL/jjIJ9oszZ3Dq4faGXU5i0eIeFkPnOvxk3/rmppRGLzT3wMX3lSMDNr3nmKkw/o9j05pYMh68GwdpUnoCf5c2zmNUQD5ztYil0QX+1pEcvk+l096WalcDpcyWysNxY/P5JrNdqSTvAKdpgHbH56b5SAz2cSM+FnqSliODb8y1WJI/7NdfYF0FJdZKRcfwEa1zgBtlxETMVjFNHj3YIseLZOqlVze06OP5RQAERogEtJD2il2VB+HxlsrBO6Y+DwIlDAkqW/t5moFYDqmwyFm4CdmuisswO5TQPR61Gmj+gfxV41JB4OyDWiXVRSzozknJN8iPyXAV6uzZB/eh/i0RlAHDOlzQmVcNSRB1lZdr3UURgoKaLhXW66QVFRmMT9HTgaFozbMqLunFI7Ihxn0oZz5CcwvMUlc9nAXJwm+Wt+n1muz/QAgUll0xCGnb76+gNPfihSBlCLh9eIczKw5pQEpVe4ga2cKXq01Zg3BkTG4G6YhSoxL3gkAvWu/L5l+lotHhGYZMsl4qQ5x88iXTuXg5gm4RHcGJuvjL5aL94XW++ECI9I57iTROgoLntSXa5Wgkr6iurqdQUjyF5mwWQE/jNslYcHxUd7dsXROGXSu8pWSRD2op2sUAyaKhfXKKl1wi6ymVlZVndG5r4hsxDcJ3xa8R12TBCbmRmjUHuMiH+ajJaaKMmvKARmazgXmVG/n8/NE9ixp4WSoqMQXRgJaathIN+UCJ7sjZNe3ETjvPCeuT0P/VWTVsPbkv+WunKM1X3hNFElWGbN0xDaH2bNdPhVOCzojVCtvnUOB3z2oN8+D/DBeSTlA6iKpQL8aKIpPWNh0+Ae6dYwr7afE62C8DTI3A946QLX1CdZKKA8SV8dQpE3jMvHvhtEgg3NeiIVIi72oWeJWvvMvk/vF75jOKhsmHf8ApXBIKxM1pNebnbdmEtPq5NdAWK/pLVmhnWiOELr6e1FjyuNs4t6FaToAPwgmafrwPdkjgYDdC3FInfNyigU/kOH/+EwnGgYrP4xIDyLDrAInZkaHI4+4Gi11g8Z/tjtBnrK1XhghUVOZqwmMd/sUidzZwtzqTXsxMf16Ap+OE1n3SKfvYKNojHxXUSmBNHg6Yu1aKMTHsja+n1hTUCH4t3cNPHVWlgfbp5wJV/buoAXccDg6LVUFxddnTnGbjWW0/TQ8rYOn7XdRInoaBqJ2kfh7Azuqo8dZNIE/4JhYYos65O5aoBeDtPY8Wsn7OgZinO0eVmgLGRpZ2VzdD0xOTQwMzYscz1hMzljYWJhNDgwOWJhNTY0OTc4MzllNzg4NDdlNmI4Mjc2NmU5OTlmN2RhMzZhODY4MTlkOGRhNGFhYWE4MDdkOGJhNjZjYjA3OTdhNzE2ZA==
.amazingoffersforyou.com/	1970-01-21 00:31:03	Name: _ga Value: GA1.2.692221663.1695303917
.amazingoffersforyou.com/	1970-01-20 14:56:30	Name: _gid Value: GA1.2.1302179845.1695303917
.amazingoffersforyou.com/	1970-01-20 14:55:03	Name: _gat_UA-121799710-1 Value: 1
www.clarity.ms/	1970-01-20 23:40:39	Name: CLID Value: 80ae986884f94828b13f654dd3e7c20c.20230921.20240920
.amazingoffersforyou.com/	1970-01-20 23:40:39	Name: _clck Value: 1cunjo4\|2\|ff7\|0\|1359
.amazingoffersforyou.com/	1970-01-21 00:31:03	Name: _ga_EF9BEB72TC Value: GS1.2.1695303917.1.0.1695303917.60.0.0
.amazingoffersforyou.com/	1970-01-20 14:56:30	Name: _clsk Value: 69tm0j\|1695303917395\|1\|1\|n.clarity.ms/collect
.bing.com/	1970-01-21 00:16:39	Name: MUID Value: 0761831107DC6F6B3C30908206BE6E24
.c.bing.com/	1970-01-20 15:05:08	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:16:39	Name: SRM_B Value: 0761831107DC6F6B3C30908206BE6E24
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:16:39	Name: MUID Value: 0761831107DC6F6B3C30908206BE6E24
.c.clarity.ms/	1970-01-20 15:05:08	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 14:55:04	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.requesthandlers.com
amazingoffersforyou.com
analytics.google.com
c.bing.com
c.clarity.ms
cdn.requesthandlers.com
cdnjs.cloudflare.com
cl.requesthandlers.com
consumertransferservice.com
fonts.googleapis.com
fonts.gstatic.com
n.clarity.ms
stats.g.doubleclick.net
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
20.110.205.119
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700::6811:190e
2607:f8b0:4004:c08::9d
2607:f8b0:4006:80a::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::200e
2620:1ec:48:1::40
2620:1ec:c11::200
2a02:e980::3d
45.60.0.61
45.60.6.61
52.184.204.244
088fe953667c6f80eee0f43f1ecd3bd137daf49daff006367e9f877c947df659
0a5ab498bfd3d7512823217bf4c860d9ef0500bd7b3bf7def7a07fb5dd3e2d2e
0ba4847c8134a262d1d2160f2cc94ddb0819922e0957a6fdd85ffa6af53bc208
157d48876bf4ea02be2eac512290d249867aee96dbfe3409d8ee9f0765493b69
191ab4d9d1305e084b80ee5c4c22fb51754437cee4fc424a3d498f0c296c448a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
22e906285b7a86d23d066b1a3a10c6ac8341f22be5fe1b99cfa1c7d61d187ace
3327b27f7de663b7bcfdbb68afcf5f51f0dd78a41a88652232b1f56198a89656
358124058d9fb9ce4c8f22f93cd58fb641199741f3158847bcf22a4804628f0c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
485481f82a5f54540ca63125731a309408ae19c8ccd7e9f94f091f44d9744fa5
4f54b99785acc4da20eed75eb0bf1505a4c155f1234a5fd315b0be963536220f
5138ee8bac76394c066d824b022e3af2815b3f3c2c4b967725836b278df547e3
59fe8727441dfe63fa8a55465ff53704ea332f565b1a31b5a5f842f43e0a1674
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad9d542a74d1012718b488977d0097dcb3f9859bca58ec657104036486498a0
5be427b308e1b0a462217601d559d85fb29d3b5be02aefbde82617ca3bf376c2
5ecccb15a55cbbc3a010264d1fa3e4569998e87fd261eb6756852ff805adeef1
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61b559f87f3dc22b0ec0fd76b4fa592ee2b4a5b299fb0466b946ddc1a59d118d
76b0ddd40e84ab7c3abef327a5a0045a39a897e6aba9c781b32cc411ece73223
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78e52891bfd18c3c3b912faf0f06dab4dacb37c048bef12194b339ca881c0c8a
7c60998f0f3864d7d2ba1a748b3acdbf69b5849bdb3bf8d4bc928c3910ada5af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
894ed22c072f853205849d44fdeb81b17672ec6ddc58f6cb970bbb6b300c7101
8e58aa04cbafbedb94b5fc2336564cd3d64c96f63e46b1d9ed2d526ee3142bea
93087cc3ef657668539a5585ded8d33c1c71f205a054fec834a9de72d649acdb
97ac5eba21b58460149454c9115b09ed01937650647fdcfe405d5d61d85b72e5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
adc81b8310b55e5d431f5b40035fb860afe4ff5fbed53a22350952b97e4d12e7
b0e55d808246271a2eee843a1def491b589e3674c269fc625ae79dded13b3cab
b8f41f30c86c1730481d8d26a289ef81fe91a9a305818009a554edba0191b09e
bd5da4364c94b11a9e56f0d0388439082ef6d3b29c15255ac17bad40abe0c248
c92a63048ba3151b548b5af521d8076e5ac04a809774c03bc670b6ed5ba4a86b
cd511273991c7b7d57490be46d3a5bb38c645261c1bd05d1e9419fa5ed6638b6
d30fb11dba004a4c4ecbf958152586f4856e88b9e8be5e9133609a6624851237
dd4f7e1ffc75a48add06553dd1892e1527e2452f338f85ec04f265c4afaeb1c2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65be61e734df82e8aaa5503c9bbb29b4125f52311cb8f57efa4db12bb1f7d65
e7d658d195f811eadf472163b3b9f540160879e76385342891eaabd314f81859
ea8488295d448feb86e380c6dbafcb0eed8af12ef0e81888d657ebcddd161705
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b84465147cf1f1549caabdc703b355f7aa8d9a1b874ea0bf6fabde80001998
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

amazingoffersforyou.com Open in urlscan Pro 45.60.6.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

75 %IPv6

12 Domains

18 Subdomains

15 IPs

1 Countries

1043 kBTransfer

2500 kBSize

19 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

amazingoffersforyou.com Open in urlscan Pro
45.60.6.61 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

75 %
IPv6

12
Domains

18
Subdomains

15
IPs

1
Countries

1043 kB
Transfer

2500 kB
Size

19
Cookies

62 HTTP transactions
0 data transactions