urlscan.io logo urlscan.io
SecurityTrails logo

ledger.orangeoffer.com Open in urlscan Pro
2606:4700::6812:13da  Public Scan

Go To Rescan Add Verdict Report
URL: https://ledger.orangeoffer.com/
Submission Tags: 0xscam
Submission: On December 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 1 countries across 10 domains to perform 74 HTTP transactions. The main IP is 2606:4700::6812:13da, located in United States and belongs to CLOUDFLARENET, US. The main domain is ledger.orangeoffer.com.
TLS certificate: Issued by E6 on October 25th 2024. Valid for: 3 months.
This is the only time ledger.orangeoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 142.251.179.155 15169 (GOOGLE)
1 142.251.163.147 15169 (GOOGLE)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
11 172.253.122.139 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 172.253.63.154 15169 (GOOGLE)
3 20.122.63.128 8075 (MICROSOFT...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 142.251.167.154 15169 (GOOGLE)
1 142.251.163.139 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.163.106 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
74 18
29    2606:4700::6812:13da (United States)

ASN13335 (CLOUDFLARENET, US)
ledger.orangeoffer.com
cdn-assets.orangeoffer.com
cdn.orangeoffer.com
3    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4004:c09::64 (Washington, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    142.251.179.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f155.1e100.net
pagead2.googlesyndication.com
1    142.251.163.147 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f147.1e100.net
www.google.com
2    2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
11    172.253.122.139 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f139.1e100.net
fundingchoicesmessages.google.com
2    2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
googleads.g.doubleclick.net
3    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
1    2606:4700:3037::ac43:a732 (United States)

ASN13335 (CLOUDFLARENET, US)
sentry.impressionfox.xyz
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    142.251.167.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f154.1e100.net
ep1.adtrafficquality.google
1    142.251.163.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f139.1e100.net
www.google-analytics.com
2    2607:f8b0:4004:c08::84 (Washington, United States)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    142.251.163.106 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f106.1e100.net
www.google.com
2    2606:4700::6812:12da (United States)

ASN13335 (CLOUDFLARENET, US)
www.orangeoffer.com
Apex Domain
Subdomains		 Transfer
31 orangeoffer.com
ledger.orangeoffer.com
cdn-assets.orangeoffer.com
cdn.orangeoffer.com
www.orangeoffer.com Failed
734 KB
16 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
192 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
p.clarity.ms — Cisco Umbrella Rank: 9040
c.clarity.ms — Cisco Umbrella Rank: 1269
30 KB
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
301 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
173 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 205
770 B
1 impressionfox.xyz
sentry.impressionfox.xyz
794 B
74 10
Domain Requested by
24 cdn-assets.orangeoffer.com ledger.orangeoffer.com
14 fundingchoicesmessages.google.com ledger.orangeoffer.com
pagead2.googlesyndication.com
4 pagead2.googlesyndication.com ledger.orangeoffer.com
pagead2.googlesyndication.com
cdn-assets.orangeoffer.com
4 ledger.orangeoffer.com cdn-assets.orangeoffer.com
3 p.clarity.ms ledger.orangeoffer.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.google-analytics.com cdn-assets.orangeoffer.com
ledger.orangeoffer.com
3 www.googletagmanager.com ledger.orangeoffer.com
cdn-assets.orangeoffer.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 www.orangeoffer.com ledger.orangeoffer.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms ledger.orangeoffer.com
www.clarity.ms
2 www.google.com ledger.orangeoffer.com
ep2.adtrafficquality.google
1 ep1.adtrafficquality.google ledger.orangeoffer.com
1 c.bing.com 1 redirects
1 sentry.impressionfox.xyz ledger.orangeoffer.com
1 cdn.orangeoffer.com ledger.orangeoffer.com
74 17
Subject Issuer Validity Valid
orangeoffer.com
E6		 2024-10-25 -
2025-01-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
impressionfox.xyz
WE1		 2024-11-12 -
2025-02-10		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://ledger.orangeoffer.com/
Frame ID: 3A161B1DE50F02B5CF6454377D5ABF69
Requests: 68 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-5P5M9GV4
Frame ID: EAE3EF684AFD4CB050B696E071A6462A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Frame ID: 8B267C6C958AB5FB826761F4C6C5E5DD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733638892&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fledger.orangeoffer.com%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733638892375&bpp=8&bdt=640&idt=513&shv=r20241120&mjsv=m202412030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5018817367098&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31089332%2C95344790%2C95347445%2C95345967%2C95340252%2C95340254&oid=2&pvsid=682823683428713&tmod=1635899726&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=536
Frame ID: F50CE8F8594527A31E29497D3BB417D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&h=120&slotname=5841751240&adk=924028629&adf=2416941911&pi=t.ma~as.5841751240&w=878&abgtt=6&lmt=1733638893&rafmt=11&format=878x120&url=https%3A%2F%2Fledger.orangeoffer.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733638892763&bpp=4&bdt=1028&idt=243&shv=r20241120&mjsv=m202412030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5018817367098&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=201&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=33&eid=42533202%2C31089332%2C95344790%2C95347445%2C95345967%2C95340252%2C95340254&oid=2&pvsid=682823683428713&tmod=1635899726&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=257
Frame ID: BAF475BA6F529B97BD7695DE33DA2C93
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 4AF1D17478AEB2684B80C8C17EE34EEF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 424F2A46C5EF733EAD4E5E14B84A98DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ledger Discount Codes 2024: 40% OFF

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

74
Requests

93 %
HTTPS

50 %
IPv6

10
Domains

17
Subdomains

18
IPs

1
Countries

1472 kB
Transfer

5682 kB
Size

32
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=46C766795D0844B4B14A69DF4139837A&RedC=c.clarity.ms&MXFR=37DA34F7156E6ACA257521B8116E64E0 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C766795D0844B4B14A69DF4139837A&MUID=2DA0D2023CE3606D28FDC74D3D18613D

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ledger.orangeoffer.com/ 		455 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43e39b42b3e6a1ac6cd2815de40f6136c2736b7c89d5caff3d51c4f4dca4e12e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8eeaa7df6d0d7c73-LAX
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 08 Dec 2024 06:21:31 GMT
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		277 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YQW93GBH6X
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aedd4b827a4d78fb276d182852f5fe5b578a81554172dc9e1537f02b68010687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 08 Dec 2024 06:21:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98802
x-xss-protection
0
server
Google Tag Manager
pub-8170686022786770
fundingchoicesmessages.google.com/i/ 		196 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-8170686022786770?ers=1
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7ae8f5cd556ac452ca0ea376d7ed72d0abde58c6f902f311bdd002a4099d2aa
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0DEErpcuObO9bsp8tw_wRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiJvjzdcru9gEPvRd0VXSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTQyMNUzMIkvMAAAv9U9uA"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-0DEErpcuObO9bsp8tw_wRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8170686022786770
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
073a975d808d775d26ea19504fb269731469f8251d7b998a1a84b67e1a3ffdde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ledger.orangeoffer.com
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
br
etag
6231764980447253952
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 06:21:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53357
x-xss-protection
0
server
cafe
ads.js
www.google.com/adsense/search/ 		141 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.147 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f147.1e100.net
Software
sffe /
Resource Hash
ee0dac93046c4ee0f4ae7e3f8400a4dd3fc782baffbf28b16c5a412dd341ba63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
etag
"9851480012625974796"
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 06:21:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
link
<https://syndicatedsearch.goog>; rel="preconnect"
cache-control
private, max-age=3600
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
x-xss-protection
0
server
sffe
runtime.eae3d.js
cdn-assets.orangeoffer.com/_nuxt/ 		23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/runtime.eae3d.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6919eb2e33d504ce1d0f0c3dc8f6364158ed01d6982e5f42d8eb0cd2e96e8343

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5a7f-193a0e1aa20"
age
67568
cf-ray
8eeaa7e2380d7c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 07 Dec 2024 11:29:24 GMT
vary
Accept-Encoding
server
cloudflare
269.5ac5e.js
cdn-assets.orangeoffer.com/_nuxt/ 		263 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/269.5ac5e.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30f6b19f67e441f8bed0be6c56da35d4ee6d20ae17043bc7b9099e406efd758

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"41cf2-19399c060b0"
age
187339
cf-ray
8eeaa7e2380f7c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 02:15:42 GMT
vary
Accept-Encoding
server
cloudflare
1681.e5545.js
cdn-assets.orangeoffer.com/_nuxt/ 		293 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1681.e5545.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aae61e046749f85663bf6c3d44f6b6075bcc6b81d79e87cf63b2f0e77a62271c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"49527-1939b40c6f0"
age
162151
cf-ray
8eeaa7e2380e7c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 09:15:34 GMT
vary
Accept-Encoding
server
cloudflare
1688.d5851.js
cdn-assets.orangeoffer.com/_nuxt/ 		141 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1688.d5851.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d06542b01c794a73a5ae95bfa75144d5c45fba3412b6accf3c32dfd085e1a65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"234e2-1939b40c6f0"
age
162151
cf-ray
8eeaa7e238107c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 09:15:34 GMT
vary
Accept-Encoding
server
cloudflare
268.4d813.js
cdn-assets.orangeoffer.com/_nuxt/ 		612 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/268.4d813.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484061abe8e104be42d55c81a13cf99bd671f2881b9c37ecad6ae56028239cd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"98fa7-193a0e1aa20"
age
67568
cf-ray
8eeaa7e238117c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 07 Dec 2024 11:29:24 GMT
vary
Accept-Encoding
server
cloudflare
1683.200e3.js
cdn-assets.orangeoffer.com/_nuxt/ 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1683.200e3.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0999eb89bb2ee512db133d41be8b0f073361a061c9953967f1e57787e44b3cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"111df-193a0e1aa20"
age
67568
cf-ray
8eeaa7e248337c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 07 Dec 2024 11:29:24 GMT
vary
Accept-Encoding
server
cloudflare
0.ec7fc.js
cdn-assets.orangeoffer.com/_nuxt/ 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/0.ec7fc.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b2c40d906b89bc435ed6ee053be0e82c95760013ed1938b35e96aa91ccca0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"123ea-1932f456000"
age
1973627
cf-ray
8eeaa7e238137c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 15 Nov 2024 10:01:36 GMT
vary
Accept-Encoding
server
cloudflare
66.e1109.js
cdn-assets.orangeoffer.com/_nuxt/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/66.e1109.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3f92e5aba3ca6cab6f83c86e31d5f06fbc92c2fd81dffc4703a0cdbe4d6ba7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"56ff-1939b40c6f0"
age
162151
cf-ray
8eeaa7e238147c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 09:15:34 GMT
vary
Accept-Encoding
server
cloudflare
1575.0225e.js
cdn-assets.orangeoffer.com/_nuxt/ 		364 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1575.0225e.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b864f8801996f0fdb5ca49de6011515eb0cb43341e407d9c84c09b209e99d1d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"5ae69-1939b40c6f0"
age
162151
cf-ray
8eeaa7e238167c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 09:15:34 GMT
vary
Accept-Encoding
server
cloudflare
3.7bf61.js
cdn-assets.orangeoffer.com/_nuxt/ 		767 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/3.7bf61.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64f36608ffdb691cbbd6f44cd9dce5f4e9d5c7444de63634d979d0573973121

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"bfd4a-1939b40c6f0"
age
162151
cf-ray
8eeaa7e238177c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 09:15:34 GMT
vary
Accept-Encoding
server
cloudflare
1.165de.js
cdn-assets.orangeoffer.com/_nuxt/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/1.165de.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76ccf54641b2319e851abbc99fa2e59f7f191d5a25449dfd33569cfca6132b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"706b-1939b40c6f0"
age
162151
cf-ray
8eeaa7e248277c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 09:15:34 GMT
vary
Accept-Encoding
server
cloudflare
8.8e13d.js
cdn-assets.orangeoffer.com/_nuxt/ 		43 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/8.8e13d.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e60ed47d885ed85c30382f3d36f00ec2942d053a618247cce022d02f402a83f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"ad3c-1939b40c6f0"
age
162151
cf-ray
8eeaa7e2482c7c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 09:15:34 GMT
vary
Accept-Encoding
server
cloudflare
276.3962c.js
cdn-assets.orangeoffer.com/_nuxt/ 		127 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/276.3962c.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
344f64837202aef40b412b533cde0149ef3cb5589882136e409da8c64c194ad1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1fc97-193a0e1aa20"
age
67568
cf-ray
8eeaa7e2482d7c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 07 Dec 2024 11:29:24 GMT
vary
Accept-Encoding
server
cloudflare
278.43121.js
cdn-assets.orangeoffer.com/_nuxt/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/278.43121.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27a71992eb5c62e81de4af02af3ec1527f50e8d61a448ce67f9a36564941960

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"10d2d-193a0e1aa20"
age
67568
cf-ray
8eeaa7e2482e7c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 07 Dec 2024 11:29:24 GMT
vary
Accept-Encoding
server
cloudflare
16.5a06b.js
cdn-assets.orangeoffer.com/_nuxt/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/16.5a06b.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26855730a22d1dbb0fc1cc04cf7cf803c1e5494bde493fbeb0210f1e3b686201

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6399-193913d58a8"
age
329053
cf-ray
8eeaa7e2482f7c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 04 Dec 2024 10:35:37 GMT
vary
Accept-Encoding
server
cloudflare
305.23b1e.js
cdn-assets.orangeoffer.com/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-assets.orangeoffer.com/_nuxt/305.23b1e.js
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e7f153a06ca43fc788572a8ef903535ffec10902ad3e2674d1215f46042562

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"82e-193a0e1aa20"
age
67568
cf-ray
8eeaa7e248327c73-LAX
expires
Mon, 08 Dec 2025 06:21:31 GMT
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 07 Dec 2024 11:29:24 GMT
vary
Accept-Encoding
server
cloudflare
icon-fold.webp
cdn-assets.orangeoffer.com/img/orangeoffer/ 		638 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/orangeoffer/icon-fold.webp
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c569bf5a42380717bdb0b34cf71333ac0a0e21cdfee3cb0bc3eea45a9e99a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"27e-193a0d342a0"
cf-ray
8eeaa7e3a9c07c73-LAX
expires
Wed, 08 Jan 2025 06:21:32 GMT
accept-ranges
bytes
content-length
638
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
image/webp
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
orangeoffer.com.svg
cdn-assets.orangeoffer.com/img/siteLogo/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/siteLogo/orangeoffer.com.svg
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecf36c6dc43022c7818de7f04aa136898adf786ab669730311ece2a084bd13ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
content-encoding
gzip
cf-cache-status
MISS
etag
W/"1fd8-193a0d342a0"
cf-ray
8eeaa7e298807c73-LAX
expires
Wed, 08 Jan 2025 06:21:32 GMT
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
image/svg+xml
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
icon-search.webp
cdn-assets.orangeoffer.com/img/promocodie/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/promocodie/icon-search.webp
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f21cf13348fb20852c706a01c315b235b62a0c3fc2c8583d533f23afa9f7fdc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"4e0-193a0d342a0"
cf-ray
8eeaa7e3a9c47c73-LAX
expires
Wed, 08 Jan 2025 06:21:32 GMT
accept-ranges
bytes
content-length
1248
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
image/webp
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
icon-search.webp
cdn-assets.orangeoffer.com/img/orangeoffer/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/orangeoffer/icon-search.webp
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5aece22048654ac8c3bfca412a112f12ad5b11cf2e11a99d63f5cfb427b657

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"4de-193a0d342a0"
cf-ray
8eeaa7e2987c7c73-LAX
expires
Wed, 08 Jan 2025 06:21:32 GMT
accept-ranges
bytes
content-length
1246
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
image/webp
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
dcs_img_1692022287_5e6a8ad010dd49a8a808533e45eedf81.webp
cdn.orangeoffer.com/ccsimg/dcs/img_tools/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.orangeoffer.com/ccsimg/dcs/img_tools/dcs_img_1692022287_5e6a8ad010dd49a8a808533e45eedf81.webp
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bc204c84368b5c1b736418aa1e4f938080599e7eb5b98ee936c2b76c3ed4c1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

x-amz-id-2
uchnUdkbTD8dgEl8rEw6kfEDZwRP3+WL7aXl5+WRQ51J8nawXgXfON38FDN52xaCyfS2QXzOUg8=
cache-control
public, max-age=2678400
cf-ray
8eeaa7e1ffc27c73-LAX
cf-cache-status
HIT
etag
"170740f8821843c12ac89c92a3ad2917"
x-amz-request-id
HSP6RS1RSPQ98TN6
expires
Wed, 08 Jan 2025 06:21:31 GMT
accept-ranges
bytes
content-length
6050
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
image/webp
last-modified
Mon, 14 Aug 2023 14:11:34 GMT
vary
Accept-Encoding
server
cloudflare
x-amz-server-side-encryption
AES256
icon-verified-de.webp
cdn-assets.orangeoffer.com/img/promocodie/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/promocodie/icon-verified-de.webp
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c091ae3ca8d585c275c123e5b6c93bd753eb7963fce14325bb6b5bb30a25822b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"3de-193a0d342a0"
cf-ray
8eeaa7e2987e7c73-LAX
expires
Wed, 08 Jan 2025 06:21:32 GMT
accept-ranges
bytes
content-length
990
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
image/webp
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
pub-8170686022786770
fundingchoicesmessages.google.com/b/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-8170686022786770
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
662e951c97e0dbd5cdbf40b8e1fc49662cf95c93561befd34f11f68bb91d4c33
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sLTtZm06l-rUO2nHbIR2oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiJvjzdcru9gETpw5oKqkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmhkYKpnYBJfYAAAv-k9tA"
content-security-policy
script-src 'report-sample' 'nonce-sLTtZm06l-rUO2nHbIR2oA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
mxdplpjsrz
www.clarity.ms/tag/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mxdplpjsrz
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5a7c802b9a6f24440e2fffe9458f0543a334e48628e3c9ae879677f4b9b65d2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
689
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/x-javascript
x-azure-ref
20241208T062132Z-165b69996ffxwr78hC1LAXwfp800000006n0000000006prq
gtm.js
www.googletagmanager.com/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5P5M9GV4
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8806b74ef8ce94a8cf316887921caf25d94be114ee0bee570c7d32c802193d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 08 Dec 2024 06:21:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 08 Dec 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76815
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		482 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de5ed8d76a9341be08c77c870d81fca3ec75264601934583bcf00f4d6895dac1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
star_active.png
cdn-assets.orangeoffer.com/img/cpw/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/cpw/star_active.png
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9081a46e5d6e34efd25190223cfd90a18d71aff550b9d1c69a95693a33f5cc5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"49c-193a0d342a0"
cf-ray
8eeaa7e2987b7c73-LAX
expires
Wed, 08 Jan 2025 06:21:32 GMT
accept-ranges
bytes
content-length
1180
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
image/png
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
star_half.png
cdn-assets.orangeoffer.com/img/cpw/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/cpw/star_half.png
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a331f40b7d989a28f8b567fb4456df6f84016b2f2be9c2efb59deb6b2485781e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"547-193a0d342a0"
cf-ray
8eeaa7e258347c73-LAX
expires
Wed, 08 Jan 2025 06:21:31 GMT
accept-ranges
bytes
content-length
1351
date
Sun, 08 Dec 2024 06:21:31 GMT
content-type
image/png
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
star_black.png
cdn-assets.orangeoffer.com/img/cpw/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-assets.orangeoffer.com/img/cpw/star_black.png
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a5df4a40357c26a643745efb611532c94d369de74773c658c52a3c7652379b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=2678400
cf-cache-status
MISS
etag
W/"487-193a0d342a0"
cf-ray
8eeaa7e298797c73-LAX
expires
Wed, 08 Jan 2025 06:21:32 GMT
accept-ranges
bytes
content-length
1159
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
image/png
last-modified
Sat, 07 Dec 2024 11:13:40 GMT
vary
Accept-Encoding
server
cloudflare
clarity.js
www.clarity.ms/s/0.7.56/ 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mxdplpjsrz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

x-azure-ref
20241208T062132Z-165b69996ffxwr78hC1LAXwfp800000006n0000000006psb
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
b5b357b1-e01e-003c-753e-41071c000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 12:08:58 GMT
AGSKWxXCcg-_e0z2JdR9tNaAJazTVCpvxOGI7Pf7PFVwMROzsSomFaG4x48eVXxAb5ONx5rIZ31pv-JsRFh-uEiO5b-_ng==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXCcg-_e0z2JdR9tNaAJazTVCpvxOGI7Pf7PFVwMROzsSomFaG4x48eVXxAb5ONx5rIZ31pv-JsRFh-uEiO5b-_ng==
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Rzlo3gg5a2WQriHIUF15_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoCxAxfr7ByALEQD8ebr1d2sQk0PH73hVHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGZjqGZjHFxgAAGxOJ0s"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Rzlo3gg5a2WQriHIUF15_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://ledger.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/ 		434 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8170686022786770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
058d40abbf959e31b1d3282f707a52965ada28461f555664158a93e5f3b48e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
br
etag
16976266772740233961
age
53092
x-content-type-options
nosniff
expires
Sat, 21 Dec 2024 15:36:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 07 Dec 2024 15:36:40 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147614
x-xss-protection
0
server
cafe
AGSKWxVF2Hb7SahTMgkJ_lRkW7UitjkgCFHorv-Vs3qWfjq8xwzIg4U5J_hO7qMPx57i_Ylw74eoQoA8NtTGcEnLPE85dJXMcW3EYQ7iakvQ2qB3VwbPFWiBnL0xIa-Hrx1W6OeO6WPOtw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVF2Hb7SahTMgkJ_lRkW7UitjkgCFHorv-Vs3qWfjq8xwzIg4U5J_hO7qMPx57i_Ylw74eoQoA8NtTGcEnLPE85dJXMcW3EYQ7iakvQ2qB3VwbPFWiBnL0xIa-Hrx1W6OeO6WPOtw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNjM4ODkyLDQ1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sZWRnZXIub3Jhbmdlb2ZmZXIuY29tLyIsbnVsbCxbWzgsIl85RWRxVjZjSFpVIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d3d0c8f684b5b0ee1f9982db479413d25274d410c1f32ca4f00e3d7d7f9b05c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kHD6XJMGNvGPvDuoEcQ1Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfjzdcru9gEHmz-859RSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBUz8AkvsAAACDTPs0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kHD6XJMGNvGPvDuoEcQ1Wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/268.4d813.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
age
3975
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 07:15:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 05:15:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
ns.html
www.googletagmanager.com/ Frame EAE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-5P5M9GV4
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/269.5ac5e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ledger.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
cross-origin-resource-policy
cross-origin
date
Sun, 08 Dec 2024 06:21:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
1689.fa5bd.js
ledger.orangeoffer.com/_nuxt/ 		177 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.eae3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5bc627e4bb07961e1f05bb327f0c30ed3e818d5c8c78e408ae8b41b43d403b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2c596-193a0e1aa20"
cf-ray
8eeaa7e6fda47c73-LAX
expires
Mon, 08 Dec 2025 06:21:32 GMT
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Sat, 07 Dec 2024 11:29:24 GMT
vary
Accept-Encoding
server
cloudflare
1687.1655c.js
ledger.orangeoffer.com/_nuxt/ 		2 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ledger.orangeoffer.com/_nuxt/1687.1655c.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.eae3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f79f7f9f2d039167c5d57cb981fc5e83b21104ee3ed37ce6966f4b5dcd33e61e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66d-1939b76f220"
cf-ray
8eeaa7e6fda67c73-LAX
expires
Mon, 08 Dec 2025 06:21:32 GMT
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 10:14:44 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
1356.6abc0.js
ledger.orangeoffer.com/_nuxt/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ledger.orangeoffer.com/_nuxt/1356.6abc0.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.eae3d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8deb1c4e4315811546b616c8304f2c9f79dcd899e1e52fb6091f7a7f13b2461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
public, max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"c21-1939b76f220"
cf-ray
8eeaa7e7eea67c73-LAX
expires
Mon, 08 Dec 2025 06:21:32 GMT
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 10:14:44 GMT
vary
Accept-Encoding
server
cloudflare
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/1683.200e3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
2cbd2954b245b1ac75c36f8c5424075cc47f838437a9e832fdd2ca81d98cc0e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ledger.orangeoffer.com
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
br
etag
18074841792921276513
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 06:21:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53353
x-xss-protection
0
server
cafe
AGSKWxWFgGpvbdsPsrrZMTQJ38XIlgfdd1C3wisOZlRFjmZ26IQ5G0o4RsgGGlmxnOntyyBLZUpc7hDth6JixaTrL3Kq72GijN4imUCV3VQMo-c5Ss0C6izGFGxo0t6tckKjssKJce89eA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWFgGpvbdsPsrrZMTQJ38XIlgfdd1C3wisOZlRFjmZ26IQ5G0o4RsgGGlmxnOntyyBLZUpc7hDth6JixaTrL3Kq72GijN4imUCV3VQMo-c5Ss0C6izGFGxo0t6tckKjssKJce89eA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNjM4ODkyLDg4MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbGVkZ2VyLm9yYW5nZW9mZmVyLmNvbS8iLG51bGwsW1s4LCJfOUVkcVY2Y0haVSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
c24b77b1f389d04ace4b420ac8283a13ceda22a94ec32ce5d0a3d8403648ef55
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-khka_5W7yXP2O0djh6zwCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw15BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIDZUuMTqDMSORZdYPYFYtecSqzkQ3193ifU5EM84f5l1ARAXSVxhbQFihq9XWDmAWIiH483XK7vYBBbcnXaKWUkjKb8wPjk_r6QoM6m0JL8oLTkttTi1qCy1KN7IwMjE0MjAVM_AJL7AAAADhEM2"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-khka_5W7yXP2O0djh6zwCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/ Frame 8B26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241120/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledger.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
78681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 Dec 2024 08:30:12 GMT
etag
17661348622971093804
expires
Sat, 21 Dec 2024 08:30:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F50C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1733638892&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fledger.orangeoffer.com%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733638892375&bpp=8&bdt=640&idt=513&shv=r20241120&mjsv=m202412030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5018817367098&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533202%2C31089332%2C95344790%2C95347445%2C95345967%2C95340252%2C95340254&oid=2&pvsid=682823683428713&tmod=1635899726&uas=0&nvt=1&fsapi=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledger.orangeoffer.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
167
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Dec 2024 06:21:33 GMT
expires
Sun, 08 Dec 2024 06:21:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YQW93GBH6X&gtm=45je4c40v9168395566za200&_p=1733638891771&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485&cid=1530198522.1733638893&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1733638892&sct=1&seg=0&dl=https%3A%2F%2Fledger.orangeoffer.com%2F&dt=Ledger%20Discount%20Codes%202024%3A%2040%25%20OFF&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1863
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://ledger.orangeoffer.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
text/plain
server
Golfe2
ads
googleads.g.doubleclick.net/pagead/ Frame BAF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&h=120&slotname=5841751240&adk=924028629&adf=2416941911&pi=t.ma~as.5841751240&w=878&abgtt=6&lmt=1733638893&rafmt=11&format=878x120&url=https%3A%2F%2Fledger.orangeoffer.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1733638892763&bpp=4&bdt=1028&idt=243&shv=r20241120&mjsv=m202412030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5018817367098&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=201&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=33&eid=42533202%2C31089332%2C95344790%2C95347445%2C95345967%2C95340252%2C95340254&oid=2&pvsid=682823683428713&tmod=1635899726&uas=0&nvt=1&fc=1920&brdim=110%2C110%2C110%2C110%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=257
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledger.orangeoffer.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
49777
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 Dec 2024 06:21:33 GMT
expires
Sun, 08 Dec 2024 06:21:33 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
p.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://ledger.orangeoffer.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://ledger.orangeoffer.com
Date
Sun, 08 Dec 2024 06:21:33 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
ca-pub-8170686022786770
fundingchoicesmessages.google.com/i/ 		196 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8170686022786770?href=https%3A%2F%2Fledger.orangeoffer.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
f0a7580e6b187575b332ae62b81eafa3a20e3b35a97959764061f73f03560efd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QVtH-1PG5yr_OD2LcuacNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj7dcru9gEbiw9dINRSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBUz8AkvsAAABDGPl8"
content-security-policy
script-src 'report-sample' 'nonce-QVtH-1PG5yr_OD2LcuacNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
p.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://ledger.orangeoffer.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://ledger.orangeoffer.com
Date
Sun, 08 Dec 2024 06:21:33 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
cornerbig.swf
fundingchoicesmessages.google.com/f/AGSKWxXWLk3MIAVZmrFy6Fs5TOYdy-X7D0UG6V4A9Z5LD15pohT5Qv7-Fkx2kyyatl1ub1No7AkfTLQF0Ghc5ykARIr6Fk0UR4CBiWrUZqCs4qE3hrUsRxorXajkTfCAfXxJ0FLfqPbks4woeh2eHtnKEfw-BrGbF... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXWLk3MIAVZmrFy6Fs5TOYdy-X7D0UG6V4A9Z5LD15pohT5Qv7-Fkx2kyyatl1ub1No7AkfTLQF0Ghc5ykARIr6Fk0UR4CBiWrUZqCs4qE3hrUsRxorXajkTfCAfXxJ0FLfqPbks4woeh2eHtnKEfw-BrGbFKGjf1LvAfBzulef9TL4ZHkaG-p_zuue/_-adsystem-/vast/ads-/auto_ad_/spc.php/cornerbig.swf
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzSDLaO-HT6nbB3RY9t6_2n3xR0NQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
0ab391646f13b34d1018c49e9a279d086b3734ee6fe504d824f4abdd5cfc83b6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Gz2kaOLdBHUAb9bq75ncaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1ZBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj7dcru9gEHkz59JxJSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBUz8AkvsAAABk3PpQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Gz2kaOLdBHUAb9bq75ncaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzSDLaO-HT6nbB3RY9t6_2n3xR0NQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f155.1e100.net
Software
cafe /
Resource Hash
d5061877aeef295ec56acbcfb348d4bbe3ac931a5856455c13f02e97704a313e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
br
etag
15221516189264687287
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 06:21:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53356
x-xss-protection
0
server
cafe
AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UT26CxDGxQd4fpR_R05qCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBicEqfwRoCxAxfr7ByALEQD8fbr1d2sQlM6P7wnEnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGZjqGZjHFxgAAFmIJwU"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UT26CxDGxQd4fpR_R05qCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://ledger.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NNT9P2swMR7oD8-X5FLb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:34 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoExAxfr7ByALEQN8e7r1d2sQn8aJ0rreSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDI0MTPUMzOMLDAAQuSY1"
content-security-policy
script-src 'report-sample' 'nonce-NNT9P2swMR7oD8-X5FLb7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://ledger.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q3M6xO9UmFSvA3CYpAYH1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoCxAxfr7ByALEQD8fbr1d2sQlseLtoP7OSS1J-YXxyfl5Jal6JbmJKsS6IXZSZVFqSX4TCTi0DqcjJT0_PzEuPNzIwMjE0MjDVMzCPLzAAAFeFJwI"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q3M6xO9UmFSvA3CYpAYH1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://ledger.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kM1gocnBM95BDE7bz__aqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktHikmJw1ZBiWMS_i8kpfQZrEBAzfL3CygHEQjwcb79e2cUmcGBh035mJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiaGRgqmdgHl9gAADVkCgX"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kM1gocnBM95BDE7bz__aqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://ledger.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVCny-y0bdqRQwcY2O6_57ZJWUGrRU5RvyYWUSvkIboLZrf07_UMJ4rdLRFQN1-9t7JBEgCeUPX2ZeY0ITodaqjxr2Q4NvJ82YOmeo_0Mu0V9-JFRhe2sbaxo_SOHtpQmPLanp7NQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVCny-y0bdqRQwcY2O6_57ZJWUGrRU5RvyYWUSvkIboLZrf07_UMJ4rdLRFQN1-9t7JBEgCeUPX2ZeY0ITodaqjxr2Q4NvJ82YOmeo_0Mu0V9-JFRhe2sbaxo_SOHtpQmPLanp7NQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNjM4ODkzLDg2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9sZWRnZXIub3Jhbmdlb2ZmZXIuY29tLyIsbnVsbCxbWzgsIl85RWRxVjZjSFpVIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
9e78691ec509a990a5028291350c20084c695ec221229784c0fa6a693cb3673d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vxgup-B_uPAvwaNQ--n-Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:33 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIfj7dcru9gEfiz4d4hZSSMpvzA-OT-vpCgzqbQkvygtOS21OLWoLLUo3sjAyMTQyMBUz8AkvsAAABg6Ppo"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vxgup-B_uPAvwaNQ--n-Qg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWODvqMlweXJs9mmWRpKMnlMiYZs4pzLhuI18oKbKnZs-2aaR6pZ2VBRsnOYm8lHSluuZJ4gMKYtJJizg3S2vAfLMPDEEmJryIzy1vEz_rmY_UJvUW_7HaQmbMBCOayG4Oshbxp2g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWODvqMlweXJs9mmWRpKMnlMiYZs4pzLhuI18oKbKnZs-2aaR6pZ2VBRsnOYm8lHSluuZJ4gMKYtJJizg3S2vAfLMPDEEmJryIzy1vEz_rmY_UJvUW_7HaQmbMBCOayG4Oshbxp2g==
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pg9va-iSsJisNCo8hdtpvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:34 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0JBicEqfwRoExAxfr7ByALEQN8e7r1d2sQlMOH9GR8klKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoZmOoZmMcXGAAAG04mWw"
content-security-policy
script-src 'report-sample' 'nonce-pg9va-iSsJisNCo8hdtpvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://ledger.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX41I9IqPIstCNScsJM2qAABPfYKaktefwvHOb3LM0kfPmb7C6h15ISbBz-f2nZUCqtFKOtlomwPc73MBYxI81mFh4TT6Vnsg2fE1zNa_EJNxglZg7PyYu-h11VU2gLvjmy9JZPqw==
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f139.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jzdttvY18ZzwCjYDDZwHgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:34 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBicEqfwRoExAxfr7ByALEQN8e7r1d2sQl0TLioq-SSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDI0MTPUMzOMLDAAMvCYk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-jzdttvY18ZzwCjYDDZwHgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://ledger.orangeoffer.com
content-length
0
x-xss-protection
0
server
ESF
/
sentry.impressionfox.xyz/api/7/envelope/ 		41 B
794 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.impressionfox.xyz/api/7/envelope/?sentry_key=cbc9fcc6991ec6e954f338a62d732681&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.108.0
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:a732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b9d22486e15ad25b6f4dfcb8904a78088a4760092e07176761e5716701c7e5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ledger.orangeoffer.com/

Response headers

access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
cross-origin-resource-policy
cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=me9j25Lwq%2BzXnUVW%2B1gcMcGxo%2FTkeSLuOQu2mPD3%2B96QKs6UrwaKuegKiSrZJuijAShYNVDn19tDeUnPcdXB5dqwKhp7xe95BxVWlJyPVpM1cJ%2F5U%2BQufY1w3X49MbzhCuvEl2BWCRsEMi5XucEJyupi9oFLdEg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8eeaa7f7fe2cf7a5-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
41
server-timing
cfL4;desc="?proto=TCP&rtt=60611&min_rtt=58243&rtt_var=8258&sent=35&recv=55&lost=0&retrans=0&sent_bytes=4140&recv_bytes=58956&delivery_rate=66443&cwnd=258&unsent_bytes=0&cid=5b0b7ed9ca4267c5&ts=296&x=0"
date
Sun, 08 Dec 2024 06:21:35 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
cloudflare
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=46C766795D0844B4B14A69DF4139837A&RedC=c.clarity.ms&MXFR=37DA34F7156E6ACA257521B8116E64E0
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C766795D0844B4B14A69DF4139837A&MUID=2DA0D2023CE3606D28FDC74D3D18613D
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C766795D0844B4B14A69DF4139837A&MUID=2DA0D2023CE3606D28FDC74D3D18613D
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Sun, 08 Dec 2024 06:21:35 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=46C766795D0844B4B14A69DF4139837A&MUID=2DA0D2023CE3606D28FDC74D3D18613D
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9359C586923545D9BF9E4292358F85D3 Ref B: LAXEDGE1711 Ref C: 2024-12-08T06:21:35Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Sun, 08 Dec 2024 06:21:35 GMT
x-powered-by
ASP.NET
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241120&st=env
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f154.1e100.net
Software
cafe /
Resource Hash
3c5c6c245d711defe2263d61cbf6119110f54d6a4cf27fd9e429653f62878c8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13288
date
Sun, 08 Dec 2024 06:21:35 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YQW93GBH6X&gtm=45je4c40v9168395566za200&_p=1733638891771&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101925629~102067555~102067808~102081485&cid=1530198522.1733638893&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEI&_s=2&sid=1733638892&sct=1&seg=0&dl=https%3A%2F%2Fledger.orangeoffer.com%2F&dt=Ledger%20Discount%20Codes%202024%3A%2040%25%20OFF&en=ad_impression&ep.query_id=COHEmJPEl4oDFR8oaAgdlnMljw&_et=1500&tfd=4183
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.139 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f139.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://ledger.orangeoffer.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:35 GMT
content-type
text/plain
server
Golfe2
favicon.ico
www.orangeoffer.com/ 		0
0
collect
p.clarity.ms/ 		0
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://ledger.orangeoffer.com/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://ledger.orangeoffer.com
Date
Sun, 08 Dec 2024 06:21:35 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412030101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ledger.orangeoffer.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 08 Dec 2024 06:21:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Dec 2024 06:21:35 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 4AF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledger.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
444
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Dec 2024 06:14:12 GMT
expires
Sun, 08 Dec 2024 07:04:12 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 424F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.106 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f106.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7ApgPWGagB2uocMSl1pAPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ledger.orangeoffer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7ApgPWGagB2uocMSl1pAPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Dec 2024 06:21:36 GMT
expires
Sun, 08 Dec 2024 06:21:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
pagepoint
www.orangeoffer.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.orangeoffer.com/api/pagepoint?type=impression
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Origin
https://ledger.orangeoffer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8eeaa7fdaf302eb5-LAX
content-encoding
gzip
content-type
application/json
date
Sun, 08 Dec 2024 06:21:36 GMT
server
cloudflare
vary
Accept-Encoding
pagepoint
www.orangeoffer.com/api/ 		30 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.orangeoffer.com/api/pagepoint?type=impression
Requested by
Host: ledger.orangeoffer.com
URL: https://ledger.orangeoffer.com/_nuxt/1689.fa5bd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f60a90cfd1df0a601554f3f4f3cb629b3a0b23650fcb1d5159ea416517d723

Request headers

Referer
https://ledger.orangeoffer.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryaIdaWlVKAAy4wi4a

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8eeaa7fe88802eb5-LAX
access-control-allow-origin
*
date
Sun, 08 Dec 2024 06:21:36 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
components
www.orangeoffer.com/api/ Frame 		0
0
components
www.orangeoffer.com/api/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.orangeoffer.com
URL
https://www.orangeoffer.com/favicon.ico
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241120&jk=682823683428713&bg=!IyClIG_NAAaIaF9IqGg7ADQBe5WfODWlJKxbzTJO0aK5RcuZ39IBnG2EVGP2YH56PREVYhcWsaZOmuhkF979Rj4cc-q5AgAAAHdSAAAABGgBB34ANmoLMMpI0vKvEtcRyOwDw7je3jZSjDUuT-aXJITF9kqxCpNx71sQuIxwRtJQ40fMfFzgE7qh9pkCsa6Hnf1dqrgvQhdSNOViZjdieLkPA2S6yKHdYt1eRiAIc0IZSschP2OdFLSyUvE_L7S6lvXpOJbOmJyCpqQbz8mckd5bS2NJFJvCPXA0Je8oCda9sPAJwNvIm1zuFHs1ACt6Vml_aiOnSxJ68OrDnvKbayJBB7F3gGPVW4tNIvq1fe3PZmXpnsXskB9RzTX_NhOnVawMFj8vUOIWpqgWV4EbSNjYj0hPh3DYIRZFM-D8UnX8mNbuzlc8AJwargcJKR01bvpXrMS8KOxFKNZ8EMExQhVtsubqBzlIEkj7Z9-Lt91eMspKlb6elidzBDLuesIgM9Sscsti6dDrBbJMUb5Gweaz5zkRhUFIEXZXt7mnm5w1IIFnryqkPMTFw1HvlGxKwv0aitlC4kj9SMmAfWi2NwuoVr1y1_ETmrnvMzCGU4wjSh3WhggDBnyKfFvlRndaQTADp3y3O7kYjTGZN5dMDt3m_ndj-9iQCSs7zxbRt4Pm6kllrHwy3VOE8F7YXp1oe5vIJImF3y1N0NEcnSEwZihTkW4FUjxqsI9VaMrRsj_p993A3ovYT-0wrpjQBLt3MY39Y-0FZMX1l7-MB6Kr6YXo-Xu8FWx5Gbz0cLmDK4I-5DhxUi7jVOvCKtVzxjM8aXJ6mxE_6cqMYbJ3wANC9jLtxxyc4woqJlP_KK7b3wDKJdSGqoRII-C8GPm3ZpgsQg04SL8G4UKVst_wsHc_WcpHd-oWXEFp-LIyp8DBbtiQnVo6N5dkabIMgi9HvZngYqU1Q01j6ZDzmysKIcqs9bUsVn0owMdCQd1wRtlY9u79RmX0HZO2HnnBjUmHZZYs8jGgKk08iuJ1BEwNLNz__jbqQdraLgW_rad7u0OztgHUT5rXP65sikI4LaYJeH_ByDHCmpEwjfZq5HU4uFuz
Domain
www.orangeoffer.com
URL
https://www.orangeoffer.com/api/components
Domain
www.orangeoffer.com
URL
https://www.orangeoffer.com/api/components

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| gtag object| dataLayer function| __h82AlnkH6D91__ function| _googCsa function| clarity object| adsbygoogle object| __NUXT__ function| __p4qa8r1lb17__ string| cHViLTgxNzA2ODYwMjI3ODY3NzA= number| googleNDT_ number| googleAltLoader object| google object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YTllMGY4MGRhZjFhZGMzOGxvYWRlcl9qcw== string| YTllMGY4MGRhZjFhZGMzOGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady string| GoogleAnalyticsObject function| ga function| _ object| $nuxt object| google_tag_manager function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| __SENTRY__ object| googletag object| gaGlobal object| gaplugins object| gaData boolean| adsbygoogle_ama_fc_has_run boolean| 7ef897d7-5f71-4afb-8df7-9f848c7f8cd6 object| GoogleGcLKhOms object| google_image_requests

32 Cookies

Domain/Path Name / Value
.ledger.orangeoffer.com/ Name: __cf_bm
Value: 5HSCbWQLZ93_pQhnfYimH6VAPEp6rQaf9h1Lx7K3sXg-1733638891-1.0.1.1-ISftu9zW8gYn.YnND5ZEVFf9yAFq25AB2ZuVmrUN9nlUaE7fft_ef0SZ6ZgE91kkjpDSgcbbuRZTwtTOEXOQ9Q
.cdn.orangeoffer.com/ Name: __cf_bm
Value: hmoqH_dt3SCDlS.2R.WBx1t..S43jDRctsvluvypVLo-1733638891-1.0.1.1-_2GRpOGqEyvqS1RNT8uZsifwz8atHloDUJ.NghYk88pjZ9mAhDWVFS0mX80WcPihXBNrAUEj7BqDKI3IFNdK.w
.cdn-assets.orangeoffer.com/ Name: __cf_bm
Value: hDpu049HsIwZuUUp.pgYESrhh1R9b0JghTyYeEU7hSY-1733638892-1.0.1.1-MLPNjwTdIVhdspCSDMg6W8UP.ar4mdnF4vnjoPZm22nIVzz87ezV3jHkUekNYxJWQ2D7iXqJRWOoslJ7CtOkdg
www.clarity.ms/ Name: CLID
Value: 3aec3e3cb63f4391af9d7c645ff9dcf7.20241208.20251208
ledger.orangeoffer.com/ Name: merchantInfo
Value: %7B%22id%22%3A6918%7D
.orangeoffer.com/ Name: _clck
Value: rgg293%7C2%7Cfrj%7C0%7C1803
.orangeoffer.com/ Name: _ivr
Value: 263839702317975
.orangeoffer.com/ Name: td_ray
Value: 8eeaa7df6d0d7c73
.orangeoffer.com/ Name: _ga
Value: GA1.2.1530198522.1733638893
.orangeoffer.com/ Name: _gid
Value: GA1.2.185347145.1733638893
.orangeoffer.com/ Name: _clsk
Value: 1g7kis2%7C1733638893457%7C1%7C1%7Cp.clarity.ms%2Fcollect
.orangeoffer.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-DaT_Lp6dTEzx4B3Hp4EKcDgIBy3V0EQQdmliLGEgcYe4_a85vUrogtGI69LcsX4iN89SA7Kf2gJ2A7ifbsuvcAkNJv3JUalKeXCtCuvgo18pZS5fUChq09LB2vYKA6U2ribU7Sxbod372N4_8p-_NasCw4A%3D%3D%22%5D%5D
.doubleclick.net/ Name: IDE
Value: AHWqTUmhbNskhJPJNsIpB5aMW6MX4HPPy_c9Bn3P_Vaci5wkMBDTBngiN1hBIYbIDOY
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: Z1U67sAoI70AAB8sA.MaPQAA
.casalemedia.com/ Name: CMPS
Value: 2297
.casalemedia.com/ Name: CMPRO
Value: 2297
.orangeoffer.com/ Name: __gads
Value: ID=f227008f29c6ed1a:T=1733638893:RT=1733638893:S=ALNI_MaZUoIur1nkMZs5pLg7MRYYcl7Jrg
.orangeoffer.com/ Name: __gpi
Value: UID=00000faa13b6c452:T=1733638893:RT=1733638893:S=ALNI_MYxtPOaYY_kZRPp4jiZ7_p1GRd3yg
.orangeoffer.com/ Name: __eoi
Value: ID=2d5fe0d1773e28ce:T=1733638893:RT=1733638893:S=AA-AfjYpTfLdxVCgxb95FGR_jwPR
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.orangeoffer.com/ Name: _ga_YQW93GBH6X
Value: GS1.1.1733638892.1.0.1733638895.0.0.0
.www.orangeoffer.com/ Name: __cf_bm
Value: bTGDQtJlrUw6w1W1.mKhffK9XeUk8Sm2vTOyCEM9u34-1733638895-1.0.1.1-8noXl.mu.rFXTgjEfPChOvcsAQvIU4H7JpYYFtrH6.SXHdPO.Datzs_ZG0M0Yto70z_u51YWwNt5SyQ5p41q.w
.bing.com/ Name: MUID
Value: 2DA0D2023CE3606D28FDC74D3D18613D
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2DA0D2023CE3606D28FDC74D3D18613D
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2DA0D2023CE3606D28FDC74D3D18613D
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
ledger.orangeoffer.com/ Name: BUILD_ID
Value: m4e3bb9h

1 Console Messages

Source Level URL
Text
network error URL: https://www.orangeoffer.com/favicon.ico
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn-assets.orangeoffer.com
cdn.orangeoffer.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ledger.orangeoffer.com
p.clarity.ms
pagead2.googlesyndication.com
sentry.impressionfox.xyz
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.orangeoffer.com
ep1.adtrafficquality.google
www.orangeoffer.com
142.251.163.106
142.251.163.139
142.251.163.147
142.251.167.154
142.251.179.155
172.253.122.139
172.253.63.154
20.110.205.119
20.122.63.128
2606:4700:3037::ac43:a732
2606:4700::6812:12da
2606:4700::6812:13da
2607:f8b0:4004:c08::84
2607:f8b0:4004:c09::64
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c19::61
2620:1ec:bdf::40
2620:1ec:c11::237
058d40abbf959e31b1d3282f707a52965ada28461f555664158a93e5f3b48e8c
073a975d808d775d26ea19504fb269731469f8251d7b998a1a84b67e1a3ffdde
0999eb89bb2ee512db133d41be8b0f073361a061c9953967f1e57787e44b3cbc
0ab391646f13b34d1018c49e9a279d086b3734ee6fe504d824f4abdd5cfc83b6
1bc204c84368b5c1b736418aa1e4f938080599e7eb5b98ee936c2b76c3ed4c1a
1d06542b01c794a73a5ae95bfa75144d5c45fba3412b6accf3c32dfd085e1a65
1d3d0c8f684b5b0ee1f9982db479413d25274d410c1f32ca4f00e3d7d7f9b05c
26855730a22d1dbb0fc1cc04cf7cf803c1e5494bde493fbeb0210f1e3b686201
2cbd2954b245b1ac75c36f8c5424075cc47f838437a9e832fdd2ca81d98cc0e9
344f64837202aef40b412b533cde0149ef3cb5589882136e409da8c64c194ad1
3c5c6c245d711defe2263d61cbf6119110f54d6a4cf27fd9e429653f62878c8e
3f21cf13348fb20852c706a01c315b235b62a0c3fc2c8583d533f23afa9f7fdc
43c569bf5a42380717bdb0b34cf71333ac0a0e21cdfee3cb0bc3eea45a9e99a7
43e39b42b3e6a1ac6cd2815de40f6136c2736b7c89d5caff3d51c4f4dca4e12e
484061abe8e104be42d55c81a13cf99bd671f2881b9c37ecad6ae56028239cd6
5a7c802b9a6f24440e2fffe9458f0543a334e48628e3c9ae879677f4b9b65d2d
662e951c97e0dbd5cdbf40b8e1fc49662cf95c93561befd34f11f68bb91d4c33
67b2c40d906b89bc435ed6ee053be0e82c95760013ed1938b35e96aa91ccca0a
68a5df4a40357c26a643745efb611532c94d369de74773c658c52a3c7652379b
6919eb2e33d504ce1d0f0c3dc8f6364158ed01d6982e5f42d8eb0cd2e96e8343
6b9d22486e15ad25b6f4dfcb8904a78088a4760092e07176761e5716701c7e5b
81e7f153a06ca43fc788572a8ef903535ffec10902ad3e2674d1215f46042562
8deb1c4e4315811546b616c8304f2c9f79dcd899e1e52fb6091f7a7f13b2461d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d5aece22048654ac8c3bfca412a112f12ad5b11cf2e11a99d63f5cfb427b657
9e3f92e5aba3ca6cab6f83c86e31d5f06fbc92c2fd81dffc4703a0cdbe4d6ba7
9e78691ec509a990a5028291350c20084c695ec221229784c0fa6a693cb3673d
a331f40b7d989a28f8b567fb4456df6f84016b2f2be9c2efb59deb6b2485781e
aae61e046749f85663bf6c3d44f6b6075bcc6b81d79e87cf63b2f0e77a62271c
aedd4b827a4d78fb276d182852f5fe5b578a81554172dc9e1537f02b68010687
b864f8801996f0fdb5ca49de6011515eb0cb43341e407d9c84c09b209e99d1d2
b9081a46e5d6e34efd25190223cfd90a18d71aff550b9d1c69a95693a33f5cc5
bc5bc627e4bb07961e1f05bb327f0c30ed3e818d5c8c78e408ae8b41b43d403b
c091ae3ca8d585c275c123e5b6c93bd753eb7963fce14325bb6b5bb30a25822b
c24b77b1f389d04ace4b420ac8283a13ceda22a94ec32ce5d0a3d8403648ef55
d0f60a90cfd1df0a601554f3f4f3cb629b3a0b23650fcb1d5159ea416517d723
d27a71992eb5c62e81de4af02af3ec1527f50e8d61a448ce67f9a36564941960
d5061877aeef295ec56acbcfb348d4bbe3ac931a5856455c13f02e97704a313e
d76ccf54641b2319e851abbc99fa2e59f7f191d5a25449dfd33569cfca6132b9
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5ed8d76a9341be08c77c870d81fca3ec75264601934583bcf00f4d6895dac1
e30f6b19f67e441f8bed0be6c56da35d4ee6d20ae17043bc7b9099e406efd758
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60ed47d885ed85c30382f3d36f00ec2942d053a618247cce022d02f402a83f6
e64f36608ffdb691cbbd6f44cd9dce5f4e9d5c7444de63634d979d0573973121
e8806b74ef8ce94a8cf316887921caf25d94be114ee0bee570c7d32c802193d5
ecf36c6dc43022c7818de7f04aa136898adf786ab669730311ece2a084bd13ce
ee0dac93046c4ee0f4ae7e3f8400a4dd3fc782baffbf28b16c5a412dd341ba63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a7580e6b187575b332ae62b81eafa3a20e3b35a97959764061f73f03560efd
f79f7f9f2d039167c5d57cb981fc5e83b21104ee3ed37ce6966f4b5dcd33e61e
f7ae8f5cd556ac452ca0ea376d7ed72d0abde58c6f902f311bdd002a4099d2aa
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99