insane-offers.net Open in urlscan Pro
2606:4700:3035::ac43:dd87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://exclusiveworld.club/rd/c26312dPgVT29612334cCGU1796IHT17562mSwe3971
Effective URL:
https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=...
Submission: On July 09 via api (July 9th 2021, 5:51:19 am UTC) from BE

Summary HTTP 52 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3035::ac43:dd87, located in United States and belongs to CLOUDFLARENET, US. The main domain is insane-offers.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2021. Valid for: a year.

This is the only time insane-offers.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	45.159.188.184 45.159.188.184	14576 (HOSTING-S...) (HOSTING-SOLUTIONS)
1 1	34.95.111.202 34.95.111.202	15169 (GOOGLE) (GOOGLE)
1 1	13.248.176.207 13.248.176.207	16509 (AMAZON-02) (AMAZON-02)
11	2606:4700:303... 2606:4700:3035::ac43:dd87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
52	6

2 45.159.188.184 (Meppel, Netherlands) 1 redirects

ASN14576 (HOSTING-SOLUTIONS, US)
PTR: customer.clientshostname.com

exclusiveworld.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.111.202 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 202.111.95.34.bc.googleusercontent.com

www.blossomforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.176.207 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb2870044200d04a.awsglobalaccelerator.com

t.trkngoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3035::ac43:dd87 (United States)

ASN13335 (CLOUDFLARENET, US)

insane-offers.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

static-13333.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	kxcdn.com static-13333.kxcdn.com	2 MB
11	insane-offers.net insane-offers.net	234 KB
6	gstatic.com fonts.gstatic.com	87 KB
2	exclusiveworld.club 1 redirects exclusiveworld.club	577 B
1	googleapis.com fonts.googleapis.com	1 KB
1	trkngoo.net 1 redirects t.trkngoo.net	2 KB
1	blossomforyou.com 1 redirects www.blossomforyou.com	420 B
52	7

	Domain	Requested by
31	static-13333.kxcdn.com	insane-offers.net static-13333.kxcdn.com
11	insane-offers.net	exclusiveworld.club insane-offers.net
6	fonts.gstatic.com	fonts.googleapis.com
2	exclusiveworld.club	1 redirects
1	fonts.googleapis.com	static-13333.kxcdn.com
1	t.trkngoo.net	1 redirects
1	www.blossomforyou.com	1 redirects
52	7

This site contains links to these domains. Also see Links.

Domain
static-13333.kxcdn.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
Frame ID: 9F408D7C8949D42516B9668FF7F98E10
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://exclusiveworld.club/rd/c26312dPgVT29612334cCGU1796IHT17562mSwe3971 Page URL
http://exclusiveworld.club/track/c26312dPgVT29612334cCGU1796IHT17562mSwe3971 HTTP 302
https://www.blossomforyou.com/59QC8Z/D4C75DM/?sub1=2&sub2=3971-26312&sub3=29612334-1796-17562 HTTP 302
https://t.trkngoo.net/c?aid=eKvWz5&lpid=HxxBJt&aff_sub4=95&aff_sub2=2&aff_sub5=d69655fdc66b4c1f877... HTTP 302
https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9... Page URL

Detected technologies

Essential JS 2 () Expand

Overall confidence: 100%
Detected patterns

html /<[^<]+class="[^"]*[^-](?:e-control|e-lib)/i

Page Statistics

52
Requests

94 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

2507 kB
Transfer

9398 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://static-13333.kxcdn.com/4310/media/testimonial_1.mp4
Title: … ein völlig neuer Ansatz, etwas zu wissen something before it really happens Sarah M., Ungarn

Search URL Search Domain Scan URL

URL: https://static-13333.kxcdn.com/4310/media/testimonial_2.mp4
Title: Dieses Produkt hat vieles für mich geändert… Robert W., GB

Search URL Search Domain Scan URL

URL: https://static-13333.kxcdn.com/4310/media/testimonial_3.mp4
Title: Ich fühle mich immernoch als würde ich träumen… Dean S., USA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://exclusiveworld.club/rd/c26312dPgVT29612334cCGU1796IHT17562mSwe3971 Page URL
http://exclusiveworld.club/track/c26312dPgVT29612334cCGU1796IHT17562mSwe3971 HTTP 302
https://www.blossomforyou.com/59QC8Z/D4C75DM/?sub1=2&sub2=3971-26312&sub3=29612334-1796-17562 HTTP 302
https://t.trkngoo.net/c?aid=eKvWz5&lpid=HxxBJt&aff_sub4=95&aff_sub2=2&aff_sub5=d69655fdc66b4c1f87768a35a7294d50 HTTP 302
https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c26312dPgVT29612334cCGU1796IHT17562mSwe3971 Show response
exclusiveworld.club/rd/ 235 B
352 B 57ms
45ms Document
text/html 45.159.188.184
HOSTING-SOLUTIONS

General

Check archive.org

Show headers Download Go to

Full URL: http://exclusiveworld.club/rd/c26312dPgVT29612334cCGU1796IHT17562mSwe3971
Protocol: HTTP/1.1
Server: 45.159.188.184 Meppel, Netherlands, ASN14576 (HOSTING-SOLUTIONS, US),
Reverse DNS: customer.clientshostname.com
Software: /
Resource Hash: e46f3127e1d2d73084efc503b86c3c5ab7091677b493e10d59f0cf4375b9a1e7

Request headers

Host: exclusiveworld.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Fri, 09 Jul 2021 05:51:02 GMT
Content-Length: 235

GET
H2

200

Primary Request / Show response
insane-offers.net/the-news-spy-wv1/
Redirect Chain

http://exclusiveworld.club/track/c26312dPgVT29612334cCGU1796IHT17562mSwe3971
https://www.blossomforyou.com/59QC8Z/D4C75DM/?sub1=2&sub2=3971-26312&sub3=29612334-1796-17562
https://t.trkngoo.net/c?aid=eKvWz5&lpid=HxxBJt&aff_sub4=95&aff_sub2=2&aff_sub5=d69655fdc66b4c1f87768a35a7294d50
https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&a...

32 KB
7 KB

275ms
239ms

Document
text/html

2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg

Requested by

Host: exclusiveworld.club
URL: http://exclusiveworld.club/rd/c26312dPgVT29612334cCGU1796IHT17562mSwe3971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

94d5566f94ca005ed2105fe1c95ba91b1f8294e3a26d6776e34329fc8f724c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: insane-offers.net
:scheme: https
:path: /the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://exclusiveworld.club/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://exclusiveworld.club/rd/c26312dPgVT29612334cCGU1796IHT17562mSwe3971

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; expires=Fri, 09-Jul-2021 07:51:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D; expires=Fri, 09-Jul-2021 07:51:01 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-proc: 3
x-powered-by: centminmod
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=fqyUPt%2Fybri2PaMkjLojnyOpxxWriTwm6AFPksmszFF7TSjz4cwqfQCmqfF2SeeoCXOCBKGjMqMaBae4MJ2xNjQWUrKfARAKmcIX4BxuKClpBlF0Mei4uQZRl8PSFMlEXgNmyzYhOU7ydhQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66bf472e5ede4e86-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

apigw-requestid: CMCGvjUYjoEEPyQ=
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 66bf472c0f87ede3-CDG
content-type: text/html; charset=UTF-8
date: Fri, 09 Jul 2021 05:51:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xJmYAwWCnmTFiRumAwDILm%2FHWedAdoa92XLT1TUuyDyiFFyPMQ5JvpVtsbs8IK7b02PlAEeynh4OK0Nix5mQZpM7rymuCZ3ahglkC%2FhjB3c2QuRNyXz79vBhrFAOyZ6JaoFCVHWaWcVjlnaw0u3SureTH3aHS7xcKyMX"}],"group":"cf-nel","max_age":604800}
server: Caddy cloudflare
set-cookie: XSRF-TOKEN=eyJpdiI6IkFObW4wbDdCRExJaFlwM28rR01LR0E9PSIsInZhbHVlIjoiN3dtaFBscDhVOUxJZERSWEZ4Yzd6N1ZWOEJyM3duUmhqUHF2bCtoMUFQZEc5OW9oYUVCQ0l0VHh5bW5ZYUtqZ24rTkQ3aG5ialdYdFl4WklWK3A3MHBjbi9LUFN1SlVBU2h6T3lialQrU2lPSTBQSUY4WXdBajgrMFBORkdoR08iLCJtYWMiOiIzMTc4NDdkN2MxZDVjZjgxN2U4NTI5YzBhOWZiMzQ2YTU2NTk2NTg0YTlmZjFlY2NiYzc3ZWU0MDRiNTlhZWE0In0%3D; expires=Fri, 09-Jul-2021 07:51:00 GMT; Max-Age=7200; path=/; samesite=lax clickbit_session=eyJpdiI6IlZLOU9xUlNaVVpCMkRwaE5zcTBickE9PSIsInZhbHVlIjoiSWJVdzRyTlJtOTdPSkttWHV0YzBoZmV4ZzB1Vk1pM0pmVWZoTEo5MjF4WUhjQVhZTmcxbTk0NWVaZHc5cUliWmJqOEZjRUtHa0N5bkRDVUg5bnl4RjhBcHpJZmk5bUNBTkVtbTltMURObmVUSnV5Q2o4MU9Id2t3U0xQNVFYdUgiLCJtYWMiOiJmNTA2ZGExMGIxYzQ1NmUzYTJiZWZiZDcyZTBlZWJhYjAwMTNiMWQ0YjA1ODZhNDJkZDkzZjgwNjIxODE5MjA4In0%3D; expires=Fri, 09-Jul-2021 07:51:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax cid=eyJpdiI6IkUzZTRiUlZxSHFTeEN5cnJUY1RUbkE9PSIsInZhbHVlIjoiN2MxMCtmOG01RFVGOUUxZnRHNU9JNkNzWElVbTB4bko3Y2xhVFMwMDMza2h4ZkZvRk84QllJbE1sM1NIWWd1WDU4MWFkM0l6ZExRazNFVTd4ZithK1lFZUxZUEhDZlR5QStvMzlNRm1CSGc9IiwibWFjIjoiMTc4OTZiMjc2MzIxNzdkNjhiNzIwYzdhZWRkMTZmYTg4MDNiYTY1OTFjYjMzOTg0ZDA2MTMxMGIzNTFkODFiMSJ9; expires=Sat, 14-Jan-2073 11:42:00 GMT; Max-Age=1625809860; path=/; httponly; samesite=lax EA1rbuAJUckLeyaEk9AGSRfdnec1vZmKYzD5uo5g=eyJpdiI6Im9kK2pVU09YK2RtSkRmRnpHYU1adlE9PSIsInZhbHVlIjoiSEVmV29zNDNpMUlJL1cwU1YyR09hS213OTM3U1JpZGZaMXF2R1Q3ZzVNbVdGVDNLUUg0c2lWSlVlVGd1eXVPbEhMOUdQdUFBajIrTFQ1M1ZKcGFSa1ZCeWlTaCtOYVIyMlNSa1pZbDF0dkY1cURzRmxjQVBPZWtNbEFmYlRScWl1bXRHeCtWTGxVazk0Y00wMXZtVE84QkI1Sm5EaHpUY1ZTYUVOQzAyYjJkQzJudXY2RCt4K0NJcmM5ekFMYXFWby8yNjdNQUhTMFRDRGlBMGtRSGtpUkY0R0ppb21OZFlqcnNQSTFXZmNoV25WdmZHa2t1cVBMQTVYdndPck1yZ1Z1Y1JMRFI0STZORlVqZTNvVHZ2K092SHNWdXVpZHo3OXJ6M0lkeXVPdEJ2bW5seEpxODZsY2xvRWdzR2loZVVMYjlJRVNpN2M5STFSOVIwWmNZSDNNM3dLMHdkRFBSY0pRSEprWWRXSmhaeGRMWG9KNFE0YVRaaC93eHVCakNwWERUdW95TURNMTlobDFDTHZtWStMYjRzckc3T3ozQ3dFU01zNmFzMC9POFJ4OThUUGFRSFhyTS9mWDdXZE8xbHBmNlhKMkpSeDdZMWJxOGVSYlNHcEVHUHJzbHpVTG5mYlQwYUk2THEyYUU9IiwibWFjIjoiMGZjMTU4Y2E5ZTIwNzlmNjI1Y2FmYjYzZDAxZjQ4OWU5NzU0YTNhYTA3Y2ZmZjk5MWE5OTAwOTE1YmFhZDMwYSJ9; expires=Fri, 09-Jul-2021 07:51:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 1350

GET
H3-29 200 forms.css
insane-offers.net/css/ 20 KB
3 KB 33ms
17ms Stylesheet
text/css 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/css/forms.css?id=108aa07ef4cadffb88ba

Requested by

Host: insane-offers.net
URL: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/forms.css?id=108aa07ef4cadffb88ba
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6742
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jun 2021 12:24:24 GMT
server: cloudflare
etag: W/"60dc6278-5107"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NBvodvURcVOD7FRaB0oO0qO3yyRqxT%2B4yxFng%2Fil1G%2BwYuKEh4eUbeIw3PQBvsVwehBFfbQX1MT%2Fd86LMlMnKNJKGfOGO9S3yfj9IgPQXvtdoMB%2BLo%2BLGtcemjKlJomXJpIVnjGo1K781II%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66bf47300ba54e1a-FRA

GET
H3-29 200 flow.css
insane-offers.net/css/ 385 B
773 B 29ms
13ms Stylesheet
text/css 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/css/flow.css?id=1a2dada5ba76c1b29ae1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /css/flow.css?id=1a2dada5ba76c1b29ae1
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6742
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jun 2021 12:24:27 GMT
server: cloudflare
etag: W/"60dc627b-181"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hk3lissgooB82iuAFivRRWPvxeAYhRvF0dA4g%2Be5TOegyXGSfBQasm%2FOfJUeD4I78Qn4DFDbNDUurt1rkfjaHiknn9C%2BoNwqptWJX6uXqiJtluaBv9s0jy7oB1U02julkTDJyScSCceBcj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 66bf47300b9e4e1a-FRA

GET
H2 200 funnel.css
static-13333.kxcdn.com/4310/build/ 130 KB
32 KB 27ms
8ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/4310/build/funnel.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

063a9fdf80724d361516576ec7f4aed7320aabe367eb766cf7e7de5d04da7a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001494fc0-0060e6550c-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
last-modified: Fri, 21 May 2021 13:16:49 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"f6491f5ef1d596b83a39bb785f483e30"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/build/funnel.css>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 logo.svg
static-13333.kxcdn.com/4310/images/ 9 KB
4 KB 51ms
45ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

f1dfbb8670e1ac2d01bd522bbe42d7702779c2b57b4c81de095650c5d0033ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001473193-0060e6550d-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
last-modified: Fri, 21 May 2021 13:17:07 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"71ca2cdc8d449c7a2bff98b07d1566af"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/logo.svg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H3-29 200 check-icon.png
insane-offers.net/images/ 44 KB
45 KB 16ms
11ms Image
image/png 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insane-offers.net/images/check-icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /images/check-icon.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6703
x-powered-by: centminmod
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45018
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jun 2021 12:22:18 GMT
server: cloudflare
etag: "60dc61fa-afda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BxzCaU5msc8ZNddnGp1c8e6ksWmmuSfvaNtH4BeX3fRiYrnR%2Beuo3oRakt9omJA29rH7VSG1cxnGCAO6pcv86wEqtiStaDOc%2Bxdc6avw74VgsKJRIC5l%2FCEQEID%2BJf7SweY%2BWcXZAZ2CfAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66bf47305c594e1a-FRA

GET
H2 200 cnbc.png
static-13333.kxcdn.com/4310/images/logos/ 6 KB
6 KB 51ms
45ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/logos/cnbc.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

fdab34b63147ffbc18d6f883885a568a0f27b26789fa84ee9b091d51346baf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001495072-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 6054
last-modified: Fri, 21 May 2021 13:17:12 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "130e3d283924264167ca070a447394ed"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/logos/cnbc.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 bitcoin.png
static-13333.kxcdn.com/4310/images/logos/ 4 KB
4 KB 51ms
45ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/logos/bitcoin.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

0dbedc599f5320b64452c8282a160e9fef1b2356257d6ad2e771272add9baad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx00000000000000149506f-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 4002
last-modified: Fri, 21 May 2021 13:17:12 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "f7f1bfccf6d5d0c9e18d31ae3683147e"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/logos/bitcoin.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 coindesk.png
static-13333.kxcdn.com/4310/images/logos/ 4 KB
5 KB 52ms
45ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/logos/coindesk.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

e27674bfff8b9b83eb86c981de1e8a1fe94ecbea31c0dc4f3fec5e317eec168b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001473197-0060e6550d-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 4415
last-modified: Fri, 21 May 2021 13:17:12 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "75bcd6fbad02c9368ae48e93543825fe"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/logos/coindesk.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 ccnews.png
static-13333.kxcdn.com/4310/images/logos/ 4 KB
4 KB 52ms
46ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/logos/ccnews.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

a49f84612bca59f7db1f95595a97a1f4760bdb26c1340e6d295f3b4a696b45b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001473198-0060e6550d-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 3769
last-modified: Fri, 21 May 2021 13:17:13 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "3e04758d3718cd93355d96ef0b28942c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/logos/ccnews.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 newsbtc.png
static-13333.kxcdn.com/4310/images/logos/ 5 KB
6 KB 52ms
46ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/logos/newsbtc.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

c198faf1cfb86f96e3ac49fe70cf67f0b2b5fa170e1a915f6e4827e669f4b484

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001473199-0060e6550d-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 5132
last-modified: Fri, 21 May 2021 13:17:13 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "c1525d362236fe3bc97f1214f870513d"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/logos/newsbtc.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 cointelegraph.png
static-13333.kxcdn.com/4310/images/logos/ 6 KB
7 KB 52ms
46ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/logos/cointelegraph.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

0c741875cdf633240fa79aa86ca81bc63f7fc5e623728cd39facfa18e8bad5ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001495074-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 6374
last-modified: Fri, 21 May 2021 13:17:13 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "b0de81496bf4a18e5b29bda4e0ae0639"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/logos/cointelegraph.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 cnbc.png
static-13333.kxcdn.com/4310/images/ 5 KB
6 KB 52ms
46ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/cnbc.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

7f020186aca9f50b8f981d159109fb4355b1a39e4afd8156dc132af5cfa22963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001495075-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 5408
last-modified: Fri, 21 May 2021 13:17:07 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "fb036e55416c81a697edc879fe16c617"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/cnbc.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 box2chart2.png
static-13333.kxcdn.com/4310/images/ 5 KB
5 KB 52ms
46ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/box2chart2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

62190b4123c48efaf85aeeeb7d0a6ac2ea25e0d805b09fa69f8606a7459f4fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001473f75-0060e65516-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 5076
last-modified: Fri, 21 May 2021 13:17:07 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "357ad48ba5e6764f1a9c00fb06266fa5"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/box2chart2.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 box2chart1.png
static-13333.kxcdn.com/4310/images/ 57 KB
58 KB 52ms
47ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/box2chart1.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

b7982a625a649f0435346eedea7807d4e251f29bec1498cf8ebb142a6c94b129

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx0000000000000014970b3-0060e65520-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 58644
last-modified: Fri, 21 May 2021 13:17:14 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "ac5510aecd66701492e34b53c36985ad"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/box2chart1.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 exp.png
static-13333.kxcdn.com/4310/images/ 6 KB
6 KB 52ms
47ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/exp.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

a18f9f752ed2903edaa0cf864631c8bc3698fa35ad3f5f19d4492dd4ba2c54a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx0000000000000014970dc-0060e65520-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 5688
last-modified: Fri, 21 May 2021 13:17:05 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "d16da5640cd43caf81b6a58e723776fe"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/exp.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 box2chart3.png
static-13333.kxcdn.com/4310/images/ 9 KB
9 KB 53ms
48ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/box2chart3.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

7c61e52b3d91819a1044df5d5b899601d1fd205f37443dbb6fa2260f68c72feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001475771-0060e65523-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 8955
last-modified: Fri, 21 May 2021 13:17:06 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "61a412489fbf5f3a488c622f2bdd9fc2"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/box2chart3.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 chart2.png
static-13333.kxcdn.com/4310/images/ 191 KB
192 KB 53ms
49ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/chart2.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

fd8ae502690c68a20c9f5845b74ca2cffa6f6a04d8ee933c56bb079b1778f431

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001497c95-0060e65526-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 196020
last-modified: Fri, 21 May 2021 13:17:07 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "241c32f564c827fdf5764293b907141f"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/chart2.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 video-1-thumbnail.png
static-13333.kxcdn.com/4310/images/ 369 KB
370 KB 53ms
49ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/video-1-thumbnail.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

92761cdffc409e4eff8a24cc837cafd5f5fabc9b4df2691a98dbaa1d020bac52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx0000000000000014950fe-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 378131
last-modified: Fri, 21 May 2021 13:17:06 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "4fb63f1ad162906406b0b3d2b7fb2acd"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/video-1-thumbnail.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 video-2-thumbnail.png
static-13333.kxcdn.com/4310/images/ 397 KB
398 KB 53ms
49ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/video-2-thumbnail.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

0dfab832a822989707793e71b25ccce17f5ae5b35acbaab9fba13576f1067f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx0000000000000014950fa-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 406358
last-modified: Fri, 21 May 2021 13:17:13 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "7110fb56b10505bc9d32cb16f9955b92"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/video-2-thumbnail.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 video-3-thumbnail.png
static-13333.kxcdn.com/4310/images/ 408 KB
409 KB 53ms
50ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/video-3-thumbnail.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

911becabec4b20cd5c545c6bec4127eb78fb2a05a12cd3339905b3b1776f1e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001473226-0060e6550d-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 418287
last-modified: Fri, 21 May 2021 13:17:08 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "c3feda99cb74625b476b55aea0462e33"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/video-3-thumbnail.png>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 806.gif
static-13333.kxcdn.com/4310/images/ 18 KB
18 KB 53ms
50ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/806.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001495073-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 17963
last-modified: Fri, 21 May 2021 13:17:07 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "313d1440d21ae95e5dcfa2f447f14456"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/806.gif>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H3-29 200 sad-face.svg
insane-offers.net/media/ 1 KB
1 KB 27ms
25ms Image
image/svg+xml 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insane-offers.net/media/sad-face.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /media/sad-face.svg
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6703
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jun 2021 12:24:27 GMT
server: cloudflare
etag: W/"60dc627b-5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=naPoeLMtMWoUC7%2F2DHBFxa0eS4c005DJG%2B1RSzOoKQQzeiOALYG%2Ft%2Bczrba9V8RhKCS6IS8rO%2FshDHEYlDZik6nctPWsqIIJkGBV8%2F3nQ8HP6XbKqShoYNJ3%2FU6u33MBaF47QlCqGlBII8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 66bf47305c5e4e1a-FRA

GET
H3-29 200 email-decode.min.js Show response
insane-offers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b2b6ad21500004e1a160db000000001
last-modified: Tue, 29 Jun 2021 09:14:34 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60dae47a-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sN0OMGaQ56Dgxa1X41b%2FrVviu7KC0Dtjux1lFI%2BD4aaDHTRloXC%2BoibahHjXX7l%2BWWhXJZL1JQpFzY1utiNiIz1X0XA7m5lZsXuOuge3ffft1wmke8G%2FEYDy9FEfg3ptclgEUw%2Fur7Hqnak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 66bf47302be74e1a-FRA
expires: Sun, 11 Jul 2021 05:51:01 GMT

GET
H3-29 200 redirect.js Show response
insane-offers.net/js/ 3 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/js/redirect.js?id=bd8708e91008076c9ff9

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/redirect.js?id=bd8708e91008076c9ff9
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 3
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6742
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jun 2021 12:24:31 GMT
server: cloudflare
etag: W/"60dc627f-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PVuA2HPhkOTwY02hbdWrWN182NNyqzRt5NpaPvtCpoPyCzk6Xy%2Bva6B1JFk5CbjEOW0iDheR%2B5c3wA1dVVfCZD6SYGB4regNq16tc7aqizYftZ%2B7f18aMdSkEeI5bq07056jEeAIcQGqHUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 66bf47302bef4e1a-FRA

GET
H3-29 200 l.js Show response
insane-offers.net/js/ 401 KB
103 KB 34ms
33ms Script
application/javascript 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/js/l.js?id=2fce19b964aac64916f7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/l.js?id=2fce19b964aac64916f7
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkdCUVFIQmFmMGZuSjQwV2V4a2JPK2c9PSIsInZhbHVlIjoiMVhFVWJEYXNDTHA5RTAyNDd5VTdpWFpRQ2VJWnhLcFpiUERESDN1ZTJaQjB5cW9MbmVGRlVJWHpWUklGdU8yViIsIm1hYyI6IjRiM2MwYTNhNjk2YzE3YTk2ZDc3N2U2ZDk2NjhmMWIzZTA1ZDJlYjgwODk0MzM3ZjNlZGIwNGEyOTQyOTViMDkifQ%3D%3D; c=eyJpdiI6ImJyTXppb1Z2c0oxd2VWXC8zcktYbnNnPT0iLCJ2YWx1ZSI6IjRuaFdSMXQ4QkszK3BvUkFnUGhHU042Yk5wQms0bGxzUVRhQXg5eFErbkc0MGhXa1JIeEJKdlNLUkFhbTVsdEgiLCJtYWMiOiI4ZWUxZmZlYThiOTVlMTQyZTU2NDlkOWM5MmNjYjhlZTg5NGM1ODI1Y2Q2ZWI1ODBiNjg4MjJjNzE4MTU4YTM3In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 6703
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jun 2021 12:24:24 GMT
server: cloudflare
etag: W/"60dc6278-6459b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=i1vf8iLq2195qyR6mg6w3a3yiest8%2BQi%2F2wA6SYKkB1SfdvHHPgRiUs%2BLjUkJCs%2FKo%2B5kaezvmt66SVed78BA9ShbcITBALEQyBqpAq2z09jQHJxkUYFARMH2fsyO%2BmJjaaPmuRDMuJNOJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 66bf47304c3e4e1a-FRA

GET
H2 200 funnel.js Show response
static-13333.kxcdn.com/4310/build/ 774 KB
268 KB 29ms
29ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/4310/build/funnel.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

99018625a43af93d5a907da60bc57b6d4748bf84fbc07aea5293432eaca1fb0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001494fbe-0060e6550c-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
last-modified: Fri, 21 May 2021 13:16:49 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"5a19d520c10a4a72d51c49342dbc2228"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/build/funnel.js>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static-13333.kxcdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Jul 2021 05:41:08 GMT
server: ESF
date: Fri, 09 Jul 2021 05:51:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Jul 2021 05:51:01 GMT

GET
H2 206 de-1.mp4
static-13333.kxcdn.com/4310/media/ 64 KB
0 42ms
42ms Media
video/mp4 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/4310/media/de-1.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx00000000000000149523b-0060e6550e-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
Content-Range: bytes 0-27297691/27297692
Content-Length: 27297692
last-modified: Fri, 21 May 2021 13:16:52 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "d874c35ca41813b4cbb497fb549f3118-6"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: video/mp4
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/media/de-1.mp4>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 bg-intro.jpg
static-13333.kxcdn.com/4310/images/ 68 KB
69 KB 36ms
36ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/bg-intro.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

e7c2c6d7f4e8121e6ca82bf0b4f818539365e709e6bb7b025308151ebe17b2e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001473164-0060e6550d-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 69795
last-modified: Fri, 21 May 2021 13:17:06 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "576a26306d252de573d695cfb9c24af3"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/bg-intro.jpg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 bg-about.jpg
static-13333.kxcdn.com/4310/images/ 66 KB
67 KB 104ms
61ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/bg-about.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

dbbcb822cadda4c1faba767fd0f4d9e5eb9b752f75e156104e69ed2f1549302c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001495050-0060e6550d-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 67802
last-modified: Fri, 21 May 2021 13:17:15 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "0edffcf49194b48305dda2cb3a1de39c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/bg-about.jpg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 bg-steps.jpg
static-13333.kxcdn.com/4310/images/ 96 KB
97 KB 105ms
69ms Image
image/jpeg 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/bg-steps.jpg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

a9ec61ed47e1d50384c61caa02aa49565781274bdddfef445e2c0a12223ef7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001f29e6d-0060e6a8a7-135e6320-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 98533
last-modified: Fri, 21 May 2021 13:17:15 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "57e0cda550b026453b669b9df0045b3b"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/bg-steps.jpg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 icon-pencil.svg
static-13333.kxcdn.com/4310/images/ 4 KB
1 KB 96ms
69ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/icon-pencil.svg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

d464a465e8f33a726605088afd0f16cf9c6b8d8c28f6596061af532b7ec94206

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001f4bdb8-0060e6a8a7-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
last-modified: Fri, 21 May 2021 13:17:09 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"c06d232f75b2feb50e573889bfaba273"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/icon-pencil.svg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 icon-purchase.svg
static-13333.kxcdn.com/4310/images/ 4 KB
1 KB 96ms
70ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/icon-purchase.svg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

e2457d602bb898aad96751cd2cd83d4f9df80e0ced1385f67c6061d3437789e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001f4bdba-0060e6a8a7-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
last-modified: Fri, 21 May 2021 13:17:06 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"c093c2ae1fda0e2bc7b2bc61d6c1b8a2"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/icon-purchase.svg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 icon-money.svg
static-13333.kxcdn.com/4310/images/ 4 KB
2 KB 96ms
70ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/icon-money.svg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

bd826e6cd29c90c9467bafbaa5239f1949e72a68c61ad8367fc5df68e0e5ff71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001f4bdb6-0060e6a8a7-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
last-modified: Fri, 21 May 2021 13:17:08 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"4137abf5f3303127f6ef8f31b4a0c1ca"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/icon-money.svg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 icon-plus.svg
static-13333.kxcdn.com/4310/images/ 3 KB
1 KB 97ms
71ms Image
image/svg+xml 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/icon-plus.svg

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

e71c08be6f0b2ff164c581a52e5be372aa39335a121b0c4f4fe7bb04251f36e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001f4bdb9-0060e6a8a7-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
last-modified: Fri, 21 May 2021 13:17:15 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: W/"e72459395d8b570b7830661e875ef1d5"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/icon-plus.svg>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 27ms
2ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insane-offers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:09:28 GMT
x-content-type-options: nosniff
age: 258093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:09:28 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insane-offers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 23:06:01 GMT
x-content-type-options: nosniff
age: 283500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 23:06:01 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 30ms
5ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insane-offers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:26:54 GMT
x-content-type-options: nosniff
age: 257047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:26:54 GMT

GET
H2 200 memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 35ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWyV9hrIqM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insane-offers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:01:04 GMT
x-content-type-options: nosniff
age: 280197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13916
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:01:04 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insane-offers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 11:17:37 GMT
x-content-type-options: nosniff
age: 239604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 11:17:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://insane-offers.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 01:01:52 GMT
x-content-type-options: nosniff
age: 276549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 01:01:52 GMT

GET
H2 200 locate Show response
insane-offers.net/ 150 B
938 B 109ms
109ms XHR
application/json 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/locate

Requested by

Host: insane-offers.net
URL: https://insane-offers.net/js/l.js?id=2fce19b964aac64916f7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

a9444725fb48cd94db4b9c4e1544b3ace3c54ccd0d1a289f124d36b69c9d6a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /locate
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: application/json, text/plain, */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/plain, */*
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VJWtR0M3lsNKhT311ihC5USESf%2B6GgrHC9tWe32NFXyhHmLZUAF%2FdLE6JjaVye5B4hpU7YkmBtojBs4W2HR5KUa5pe%2FRq36uZF1rLJrqDD90s%2Bx5FkWbEbJq1rIAUSZzYZYPrIGs%2B7twA6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InJZVEN6NmtTQVVKd1RtbTJmcStHelE9PSIsInZhbHVlIjoiQU15SHJybUpQcjBMc1gyc0JNMjZZR3Excmw3UjZBNGw4djZFbVQ1dTBJbjVGd28xY09RWFJ4SmtsK2E5ZlhNSCIsIm1hYyI6IjNlN2I4NWYyYmYxZDZhMjJlMDYwYjExNDc1ODBmODNkMTZmYWZjYjQ2YzYyZDdkODA4ZWYwMzMwNTRhMGYzN2EifQ%3D%3D; expires=Fri, 09-Jul-2021 07:51:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6IlZwMGVEeE1aODl5TlBRRXk3UmFvd3c9PSIsInZhbHVlIjoicVlqTkRQT1hpbVF5cnNPYXBCQU5QejVncGNlTzZoWnpSbTk1alRXa2FjaWdqSmtDOU9xU0M0MTNyMmZ5UlRcL2kiLCJtYWMiOiI3ZGUyZDJlYzA1MGMxOWM4MTY2MDdkYzk1ZmI3N2I4NzgzNDQ3NzgxZWY5ZGRhYzg3NDZlNWNmMTIzOGRjMGE3In0%3D; expires=Fri, 09-Jul-2021 07:51:01 GMT; Max-Age=7200; path=/; httponly
cf-ray: 66bf47331e844e86-FRA

GET
H2 200 flags.png
insane-offers.net/images/vendor/intl-tel-input/build/ 69 KB
70 KB 12ms
11ms Image
image/png 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://insane-offers.net/images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44

Requested by

Host: insane-offers.net
URL: https://insane-offers.net/css/forms.css?id=108aa07ef4cadffb88ba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /images/vendor/intl-tel-input/build/flags.png?416250f60d785a2e02f17e054d2e4e44
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: insane-offers.net
referer: https://insane-offers.net/css/forms.css?id=108aa07ef4cadffb88ba
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://insane-offers.net/css/forms.css?id=108aa07ef4cadffb88ba
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 2
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5117
x-powered-by: centminmod
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 70857
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jun 2021 12:24:24 GMT
server: cloudflare
etag: "60dc6278-114c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yW12myHvS3DznuHRPmTxkq6YKq2QV%2Fxjh7%2BEcLRbde%2F7QDXVQngdu7rqhRYL1DVWwPnWT%2FdPjxtVaXYu%2Fow7pqG%2BWzK%2F69xN%2B19JfwgiUhJ1RPIjExDmlO8E%2BQkffIfMa76Uc0a4OfmMkHw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66bf47331e874e86-FRA

GET
BLOB 200
OK 6e21ea00-e8a3-449a-8d88-ede15bbbfffb
https://insane-offers.net/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://insane-offers.net/6e21ea00-e8a3-449a-8d88-ede15bbbfffb
Requested by: Host: insane-offers.net
URL: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 403 videothumbnail.jpg
static-13333.kxcdn.com/4310/images/ 0
0 27ms
27ms Image
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-13333.kxcdn.com/4310/images/videothumbnail.jpg
Requested by: Host: insane-offers.net
URL: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://insane-offers.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://insane-offers.net
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 ajax-loader.gif
static-13333.kxcdn.com/4310/images/ 4 KB
5 KB 6ms
6ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-13333.kxcdn.com/4310/images/ajax-loader.gif

Requested by

Host: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/build/funnel.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://static-13333.kxcdn.com/4310/build/funnel.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx000000000000001f4beba-0060e6a8a7-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
content-length: 4178
last-modified: Fri, 21 May 2021 13:17:15 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "c5cd7f5300576ab4c88202b42f6ded62"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/gif
access-control-allow-origin: *
x-rgw-object-type: Normal
accept-ranges: bytes
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/images/ajax-loader.gif>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

HEAD de-2.mp4
static-13333.kxcdn.com/4310/media/ 0
0

GET
H2 206 de-1.mp4
static-13333.kxcdn.com/4310/media/ 130 KB
131 KB 8ms
8ms Media
video/mp4 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/4310/media/de-1.mp4

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

8f85aae01dab3ca66819de56a05cef0edc5bec528c7d2ec2596f143a46142a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=27164672-

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx00000000000000149523b-0060e6550e-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
Content-Range: bytes 27164672-27297691/27297692
Content-Length: 133020
last-modified: Fri, 21 May 2021 13:16:52 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "d874c35ca41813b4cbb497fb549f3118-6"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: video/mp4
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/media/de-1.mp4>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

POST
H3-29 201 event Show response
insane-offers.net/ 2 B
1 KB 253ms
252ms XHR
application/json 2606:4700:3035::ac43:dd87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://insane-offers.net/event?hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9

Requested by

Host: insane-offers.net
URL: https://insane-offers.net/js/l.js?id=2fce19b964aac64916f7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:dd87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://insane-offers.net
x-xsrf-token: eyJpdiI6InJZVEN6NmtTQVVKd1RtbTJmcStHelE9PSIsInZhbHVlIjoiQU15SHJybUpQcjBMc1gyc0JNMjZZR3Excmw3UjZBNGw4djZFbVQ1dTBJbjVGd28xY09RWFJ4SmtsK2E5ZlhNSCIsIm1hYyI6IjNlN2I4NWYyYmYxZDZhMjJlMDYwYjExNDc1ODBmODNkMTZmYWZjYjQ2YzYyZDdkODA4ZWYwMzMwNTRhMGYzN2EifQ==
accept-language: en-US
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cookie: XSRF-TOKEN=eyJpdiI6InJZVEN6NmtTQVVKd1RtbTJmcStHelE9PSIsInZhbHVlIjoiQU15SHJybUpQcjBMc1gyc0JNMjZZR3Excmw3UjZBNGw4djZFbVQ1dTBJbjVGd28xY09RWFJ4SmtsK2E5ZlhNSCIsIm1hYyI6IjNlN2I4NWYyYmYxZDZhMjJlMDYwYjExNDc1ODBmODNkMTZmYWZjYjQ2YzYyZDdkODA4ZWYwMzMwNTRhMGYzN2EifQ%3D%3D; c=eyJpdiI6IlZwMGVEeE1aODl5TlBRRXk3UmFvd3c9PSIsInZhbHVlIjoicVlqTkRQT1hpbVF5cnNPYXBCQU5QejVncGNlTzZoWnpSbTk1alRXa2FjaWdqSmtDOU9xU0M0MTNyMmZ5UlRcL2kiLCJtYWMiOiI3ZGUyZDJlYzA1MGMxOWM4MTY2MDdkYzk1ZmI3N2I4NzgzNDQ3NzgxZWY5ZGRhYzg3NDZlNWNmMTIzOGRjMGE3In0%3D
content-length: 188
:path: /event?hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json;charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: insane-offers.net
referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://insane-offers.net/the-news-spy-wv1/?oid=48&qze=5051&hitid=93ddd5eb-f0d4-495b-b6dd-4dfb515b60c9&aff_sub=&saf=2&cvu=&action=95&aff_sub5=d69655fdc66b4c1f87768a35a7294d50&url_id=48&aff_sub2=2&aff_sub3=&aff_sub4=95&tracker=cg
X-XSRF-TOKEN: eyJpdiI6InJZVEN6NmtTQVVKd1RtbTJmcStHelE9PSIsInZhbHVlIjoiQU15SHJybUpQcjBMc1gyc0JNMjZZR3Excmw3UjZBNGw4djZFbVQ1dTBJbjVGd28xY09RWFJ4SmtsK2E5ZlhNSCIsIm1hYyI6IjNlN2I4NWYyYmYxZDZhMjJlMDYwYjExNDc1ODBmODNkMTZmYWZjYjQ2YzYyZDdkODA4ZWYwMzMwNTRhMGYzN2EifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
x-proc: 1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: centminmod
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0qu3mNtagEJaNl%2BCyeeWuDKFPjPn%2B49LZvsw%2FOcyOjuZxq6ZHQ%2F9Glmv4p%2FkFry5JMDfdxIvvKVF92v1lBV0vhQrT4ibVnA6DCJ80%2Bxlg2gthvtkn4gEOckVgUvX7QfFiUubqukGBfSUGOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://insane-offers.net
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ik9FUzVlZnRuTkNJVXh5dWdBRTZCSWc9PSIsInZhbHVlIjoiQmhzYmNnSTFrSXNlazRMVzByeXVYd1lIanJJdTlXeDhHeVwvb0M1UldhZzIrNEt4TU52TFZ0MjcxMHMxcUN0V1oiLCJtYWMiOiIzNjAwNmFlM2RlNDIxODdhZTUxZmY4ZWE3ZjNlMDFmOGQ5MzZjNjJhZTRjNjIwODc0ZDM3OTc4YWNiZmFkMWU1In0%3D; expires=Fri, 09-Jul-2021 07:51:01 GMT; Max-Age=7200; path=/ c=eyJpdiI6Inh2UjlpczZnSHM1VmZ6OEdIQkdnY0E9PSIsInZhbHVlIjoieldzOXpQQ3lYbVJvMnBPYjRCSkV6UGRoWGg5a3pwTW5Ia0ZoY3BwUVwvNmgyS295ZVFxV1paRlVVczVnd0hDdXQiLCJtYWMiOiIxNzc0MmU4OTgxMWE4Njg3ZDU4MzU4NmExMzkwZjQ0NWQwZGNiNzIxMGQyM2I4MjQ4YmNiYWFiOTAzODgzYTM3In0%3D; expires=Fri, 09-Jul-2021 07:51:01 GMT; Max-Age=7200; path=/; httponly
cf-ray: 66bf4733eb194e1a-FRA

GET
H2 206 de-1.mp4
static-13333.kxcdn.com/4310/media/ 6 MB
0 16ms
15ms Media
video/mp4 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://static-13333.kxcdn.com/4310/media/de-1.mp4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://insane-offers.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=65536-

Response headers

date: Fri, 09 Jul 2021 05:51:01 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: tx00000000000000149523b-0060e6550e-1379bb6c-fra1a
x-edge-location: defr
x-cache: HIT
Content-Range: bytes 65536-27297691/27297692
Content-Length: 27232156
last-modified: Fri, 21 May 2021 13:16:52 GMT
server: keycdn-engine
cache-control: max-age=31556940
etag: "d874c35ca41813b4cbb497fb549f3118-6"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: video/mp4
access-control-allow-origin: *
x-rgw-object-type: Normal
link: <https://cdn-serv.fra1.digitaloceanspaces.com/4310/media/de-1.mp4>; rel="canonical"
expires: Sat, 09 Jul 2022 11:40:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static-13333.kxcdn.com
URL: https://static-13333.kxcdn.com/4310/media/de-2.mp4

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			insane-offers.net/	1970-01-19 19:36:57	Name: c Value: eyJpdiI6IlZwMGVEeE1aODl5TlBRRXk3UmFvd3c9PSIsInZhbHVlIjoicVlqTkRQT1hpbVF5cnNPYXBCQU5QejVncGNlTzZoWnpSbTk1alRXa2FjaWdqSmtDOU9xU0M0MTNyMmZ5UlRcL2kiLCJtYWMiOiI3ZGUyZDJlYzA1MGMxOWM4MTY2MDdkYzk1ZmI3N2I4NzgzNDQ3NzgxZWY5ZGRhYzg3NDZlNWNmMTIzOGRjMGE3In0%3D
			insane-offers.net/	1970-01-19 19:36:57	Name: XSRF-TOKEN Value: eyJpdiI6InJZVEN6NmtTQVVKd1RtbTJmcStHelE9PSIsInZhbHVlIjoiQU15SHJybUpQcjBMc1gyc0JNMjZZR3Excmw3UjZBNGw4djZFbVQ1dTBJbjVGd28xY09RWFJ4SmtsK2E5ZlhNSCIsIm1hYyI6IjNlN2I4NWYyYmYxZDZhMjJlMDYwYjExNDc1ODBmODNkMTZmYWZjYjQ2YzYyZDdkODA4ZWYwMzMwNTRhMGYzN2EifQ%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static-13333.kxcdn.com/4310/build/funnel.js(Line 2) Message: No country specific register popup video found for current visitor.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

exclusiveworld.club
fonts.googleapis.com
fonts.gstatic.com
insane-offers.net
static-13333.kxcdn.com
t.trkngoo.net
www.blossomforyou.com
static-13333.kxcdn.com
13.248.176.207
2606:4700:3035::ac43:dd87
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a0b:4d07:101::1
34.95.111.202
45.159.188.184
063a9fdf80724d361516576ec7f4aed7320aabe367eb766cf7e7de5d04da7a4a
0979e653bf7370685f5d0ec7448e28d33f46754d5411cf5a7cd3df6ecafc1a35
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0c741875cdf633240fa79aa86ca81bc63f7fc5e623728cd39facfa18e8bad5ad
0dbedc599f5320b64452c8282a160e9fef1b2356257d6ad2e771272add9baad6
0dfab832a822989707793e71b25ccce17f5ae5b35acbaab9fba13576f1067f9f
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
186b9079a05f19ddd2a548dbc1ec2c69087c76d8e9e1637dbced630edb793104
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5cc75f6ff6ccc8f9737ba9b6e44903687d4cd600464dc9a25b2fcfbfd231ebc6
62190b4123c48efaf85aeeeb7d0a6ac2ea25e0d805b09fa69f8606a7459f4fd7
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79bb457691c6f5dc0d3fd537218a627750b199db5253e22dad9dc4f78fa48016
7c61e52b3d91819a1044df5d5b899601d1fd205f37443dbb6fa2260f68c72feb
7c9e72fed9f647684a0437f185bf4ed620de7b49f236453256716b639ac56f04
7f020186aca9f50b8f981d159109fb4355b1a39e4afd8156dc132af5cfa22963
8f85aae01dab3ca66819de56a05cef0edc5bec528c7d2ec2596f143a46142a88
911becabec4b20cd5c545c6bec4127eb78fb2a05a12cd3339905b3b1776f1e5a
92761cdffc409e4eff8a24cc837cafd5f5fabc9b4df2691a98dbaa1d020bac52
94d5566f94ca005ed2105fe1c95ba91b1f8294e3a26d6776e34329fc8f724c0d
99018625a43af93d5a907da60bc57b6d4748bf84fbc07aea5293432eaca1fb0e
9eb415e636624f1c12d9faa4e023cdefcfc7df8554f172077eccb6ce94971fed
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a18f9f752ed2903edaa0cf864631c8bc3698fa35ad3f5f19d4492dd4ba2c54a5
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a49f84612bca59f7db1f95595a97a1f4760bdb26c1340e6d295f3b4a696b45b2
a9444725fb48cd94db4b9c4e1544b3ace3c54ccd0d1a289f124d36b69c9d6a20
a9ec61ed47e1d50384c61caa02aa49565781274bdddfef445e2c0a12223ef7de
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b7982a625a649f0435346eedea7807d4e251f29bec1498cf8ebb142a6c94b129
bd826e6cd29c90c9467bafbaa5239f1949e72a68c61ad8367fc5df68e0e5ff71
c198faf1cfb86f96e3ac49fe70cf67f0b2b5fa170e1a915f6e4827e669f4b484
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
d464a465e8f33a726605088afd0f16cf9c6b8d8c28f6596061af532b7ec94206
dbbcb822cadda4c1faba767fd0f4d9e5eb9b752f75e156104e69ed2f1549302c
df456c4794989b11dda8d76813cbf505b2707048f4cc89d7db15956779ca3fb0
e2457d602bb898aad96751cd2cd83d4f9df80e0ced1385f67c6061d3437789e2
e27674bfff8b9b83eb86c981de1e8a1fe94ecbea31c0dc4f3fec5e317eec168b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46f3127e1d2d73084efc503b86c3c5ab7091677b493e10d59f0cf4375b9a1e7
e71c08be6f0b2ff164c581a52e5be372aa39335a121b0c4f4fe7bb04251f36e5
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7c2c6d7f4e8121e6ca82bf0b4f818539365e709e6bb7b025308151ebe17b2e9
f1dfbb8670e1ac2d01bd522bbe42d7702779c2b57b4c81de095650c5d0033ba7
f95799c3fd4e8f9124459f03b697451744cec2c9fbc74626d2dd50c17e5c72bb
fd8ae502690c68a20c9f5845b74ca2cffa6f6a04d8ee933c56bb079b1778f431
fdab34b63147ffbc18d6f883885a568a0f27b26789fa84ee9b091d51346baf6e

insane-offers.net Open in urlscan Pro 2606:4700:3035::ac43:dd87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

94 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

6 IPs

4 Countries

2507 kBTransfer

9398 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

insane-offers.net Open in urlscan Pro
2606:4700:3035::ac43:dd87 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

94 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

2507 kB
Transfer

9398 kB
Size

2
Cookies

52 HTTP transactions
1 data transactions