www.couponbirds.com Open in urlscan Pro
104.18.12.221 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.couponbirds.com/codes/officeworks.com.au
Submission Tags: demotag1 demotag2 Search All
Submission: On October 06 via api (October 6th 2021, 3:49:34 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 13 domains to perform 47 HTTP transactions. The main IP is 104.18.12.221, located in and belongs to CLOUDFLARENET, US. The main domain is www.couponbirds.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2021. Valid for: a year.

This is the only time www.couponbirds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	104.18.12.221 104.18.12.221	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
5	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	172.67.38.97 172.67.38.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.221.29 104.16.221.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.71.156 74.125.71.156	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	198.145.13.12 198.145.13.12	2044 (DF-PTL01) (DF-PTL01)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1 8	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
1	213.254.244.20 213.254.244.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
47	20

8 104.18.12.221 (None, )

ASN13335 (CLOUDFLARENET, US)

www.couponbirds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.couponbirds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.38.97 (United States)

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.29 (None, )

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.12 (Portland, United States)

ASN2044 (DF-PTL01, US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.129 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps30.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	278 KB
8	couponbirds.com www.couponbirds.com static.couponbirds.com	154 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	26 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com	114 KB
2	google.com adservice.google.com www.google.com	2 KB
2	getclicky.com static.getclicky.com in.getclicky.com	6 KB
2	statcounter.com www.statcounter.com c.statcounter.com	14 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	doubleverify.com tps30.doubleverify.com	367 B
1	googletagservices.com www.googletagservices.com	38 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	googleadservices.com partner.googleadservices.com	660 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
47	13

	Domain	Requested by
8	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	www.couponbirds.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	fonts.gstatic.com	www.couponbirds.com fonts.googleapis.com
5	www.couponbirds.com	www.couponbirds.com static.cloudflareinsights.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	static.couponbirds.com	www.couponbirds.com
2	ad.doubleclick.net	2 redirects
2	www.google-analytics.com	www.couponbirds.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	tps30.doubleverify.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	in.getclicky.com	static.getclicky.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.statcounter.com	www.statcounter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.cloudflareinsights.com	www.couponbirds.com
1	static.getclicky.com	www.couponbirds.com
1	www.statcounter.com	www.couponbirds.com
47	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.pinterest.com

Subject Issuer	Validity	Valid
couponbirds.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
us-dallas.statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-13` - `2021-11-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.getclicky.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-03` - `2022-08-03`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2019-11-05` - `2021-12-13`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.couponbirds.com/codes/officeworks.com.au
Frame ID: 2BB0F4808C4B68FBDFEA547BD137AFC3
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html
Frame ID: 2ABD05F8A7159E971589306B73D9BF74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1700405896540198&output=html&h=280&slotname=6062149152&adk=2614364139&adf=4291403611&pi=t.ma~as.6062149152&w=825&fwrn=4&fwrnh=100&lmt=1633535369&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369723&bpp=5&bdt=182&idt=135&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5064071397651&frm=20&pv=2&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GasAigrGs4&p=https%3A//www.couponbirds.com&dtd=151
Frame ID: C754D23E72E8C2A7EA35995FD90EA1B1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1700405896540198&output=html&adk=1812271804&adf=3025194257&lmt=1633535369&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369739&bpp=1&bdt=198&idt=142&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=825x280&nras=1&correlator=5064071397651&frm=20&pv=1&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=151
Frame ID: FDCD30CF1F50A52AE6FD5B3E1F29A3B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 784CEEA67EC6E9EF7FF5E7D425E451D5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E207016FF1B10D6EF3BC1B75D42482FC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Enjoy 25% Off Officeworks Coupons & Promo Codes October, 2021

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

Page Statistics

47
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

20
IPs

2
Countries

657 kB
Transfer

1615 kB
Size

16
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/couponbirdscom/

Search URL Search Domain Scan URL

URL: https://twitter.com/couponbirdscom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/couponbirds2012/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/couponbirds/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnn8WMZhCwCRiwCTII4jBbAU9Ixm8 HTTP 301
https://tpc.googlesyndication.com/simgad/9288950999397694842

Request Chain 36

https://ad.doubleclick.net/ddm/ad/N128002.134426GOOGLEDISPLAYNETWO/B25087192.290605717;sz=1x1;ord=414561227;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://ad.doubleclick.net/ddm/ad/N128002.134426GOOGLEDISPLAYNETWO/B25087192.290605717;dc_pre=CInm9buRtvMCFRSXdwod-GwPyg;sz=1x1;ord=414561227;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent= HTTP 302
https://tps30.doubleverify.com/visit.jpg?ctx=14199192&cmp=25087192&sid=2121545&plc=290605717&num=&adid=&advid=4877208&adsrv=1&btreg=483819809&btadsrv=doubleclick&crt=142925563&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.img&

47 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request officeworks.com.au Show response
www.couponbirds.com/codes/ 213 KB
38 KB 204ms
162ms Document
text/html 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.couponbirds.com/codes/officeworks.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34f1022f0168df5bc83ef3b0486fe838927fc720e201e769f62c366cb71717f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:method: GET
:authority: www.couponbirds.com
:scheme: https
:path: /codes/officeworks.com.au
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: recent=%7B%22officeworks.com.au%22%3A%7B%22brand%22%3A%22Officeworks%22%2C%22timestamp%22%3A1633535369%2C%22website%22%3A%22officeworks.com.au%22%7D%7D; expires=Sat, 16-Oct-2021 15:49:29 GMT; Max-Age=864000; path=/ XSRF-TOKEN=eyJpdiI6InB1S1JXUi9TOTRjZHFnaEhZN1I2QUE9PSIsInZhbHVlIjoiNDJrcGROYkh0NTYxbDlVb2o3YzZ1V241dTl3anJ0bDdmZC80bVU1T2I1NXVOaDVoMytiY3lQalM5SmtyZzU1b1V0a2haNGx2OHJXVVFIdjh3SGtuU3lEY0Vna1JvdGNHM2RET01MZFArSWswOG9IMXZlYVpNTjY4ODBmd0poTjIiLCJtYWMiOiIyOGQ2NmNmODIyNmMzYTU3YTQ0ZWZmYzE1OGE2NDc1ZDkzMDQ2M2VjYWY4ZmZkMDk5ZWVjNmI2ZDNkYjY0YjQ3In0%3D; expires=Wed, 06-Oct-2021 17:49:29 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IjNLUVVNbk1QdTVheCtwcytsclA5cUE9PSIsInZhbHVlIjoibjNMeUUxYUlRSTRrOGZnVzNSWWtlMW9sYXkvS283cVk1QWw4UmFoSVJ4ZDU3czBIMFFlNzMxVlNEb2o3cG5Ed0tleW02VnBUZVJhalZGL2hyU01WOXhYMUQzUjhLK1k2RDZKTW9yc2Ywa0VWTjZRbDNWckowanVYdEphaXJvckYiLCJtYWMiOiJiMzcyZTZjMDhiMzcyNTQ4MmJlZGE0NTk1NWNiNDgzY2MyZmJkZDdkZDJkYjYyY2IwOGZjM2QzMDcxYzUwY2VmIn0%3D; expires=Wed, 06-Oct-2021 17:49:29 GMT; Max-Age=7200; path=/; httponly; samesite=lax c_vid=0908923572e96799c197c311ec9728a1; path=/;domain=.couponbirds.com; Max-Age=63072000; __cf_bm=xKwgB3O4OypJ5_kqKt_ylCk2jgV5PSgenT8sIyt1J8Q-1633535369-0-Adfne8r01mGgkAsch38soghF7n9KRFvKDQs8k9C15B8LUxPvhQbEbeMFXqN42qD4Sx/BUi0Y1MYFZLOxPze2q5I=; path=/; expires=Wed, 06-Oct-21 16:19:29 GMT; domain=.couponbirds.com; HttpOnly; Secure; SameSite=None
cache-control: no-cache, private
strict-transport-security: max-age=63072000
x-frame-options: DENY
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69a00a3a9affdfe7-FRA
content-encoding: gzip

GET
H2 200 vender.js Show response
www.couponbirds.com/js/ 284 KB
88 KB 27ms
27ms Script
application/javascript 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.couponbirds.com/js/vender.js?v=2021093001
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9808b71e8043adeb534feb4ec78c13b66906150729775dd2c737765914e6d032

Request headers

:path: /js/vender.js?v=2021093001
pragma: no-cache
cookie: recent=%7B%22officeworks.com.au%22%3A%7B%22brand%22%3A%22Officeworks%22%2C%22timestamp%22%3A1633535369%2C%22website%22%3A%22officeworks.com.au%22%7D%7D; XSRF-TOKEN=eyJpdiI6InB1S1JXUi9TOTRjZHFnaEhZN1I2QUE9PSIsInZhbHVlIjoiNDJrcGROYkh0NTYxbDlVb2o3YzZ1V241dTl3anJ0bDdmZC80bVU1T2I1NXVOaDVoMytiY3lQalM5SmtyZzU1b1V0a2haNGx2OHJXVVFIdjh3SGtuU3lEY0Vna1JvdGNHM2RET01MZFArSWswOG9IMXZlYVpNTjY4ODBmd0poTjIiLCJtYWMiOiIyOGQ2NmNmODIyNmMzYTU3YTQ0ZWZmYzE1OGE2NDc1ZDkzMDQ2M2VjYWY4ZmZkMDk5ZWVjNmI2ZDNkYjY0YjQ3In0%3D; laravel_session=eyJpdiI6IjNLUVVNbk1QdTVheCtwcytsclA5cUE9PSIsInZhbHVlIjoibjNMeUUxYUlRSTRrOGZnVzNSWWtlMW9sYXkvS283cVk1QWw4UmFoSVJ4ZDU3czBIMFFlNzMxVlNEb2o3cG5Ed0tleW02VnBUZVJhalZGL2hyU01WOXhYMUQzUjhLK1k2RDZKTW9yc2Ywa0VWTjZRbDNWckowanVYdEphaXJvckYiLCJtYWMiOiJiMzcyZTZjMDhiMzcyNTQ4MmJlZGE0NTk1NWNiNDgzY2MyZmJkZDdkZDJkYjYyY2IwOGZjM2QzMDcxYzUwY2VmIn0%3D; c_vid=0908923572e96799c197c311ec9728a1; __cf_bm=xKwgB3O4OypJ5_kqKt_ylCk2jgV5PSgenT8sIyt1J8Q-1633535369-0-Adfne8r01mGgkAsch38soghF7n9KRFvKDQs8k9C15B8LUxPvhQbEbeMFXqN42qD4Sx/BUi0Y1MYFZLOxPze2q5I=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.couponbirds.com
referer: https://www.couponbirds.com/codes/officeworks.com.au
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/codes/officeworks.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Apr 2021 11:04:38 GMT
server: cloudflare
age: 557322
etag: W/"608006c6-4841c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1728000
cf-polished: origSize=295964
cf-bgj: minify
cf-ray: 69a00a3bccb5dfe7-FRA
expires: Tue, 26 Oct 2021 15:49:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
5ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6503
date: Wed, 06 Oct 2021 14:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 06 Oct 2021 16:01:06 GMT

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97a4442b2109a67e0355a9a74b37979ab9a9f26a2d0378a3f686f4cf2c1dd5d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 531 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab25e72db8b014ce3f89260961af99b05db2ba2c6b60ed0c751c16e355033e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 34ms
11ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couponbirds.com/
Origin: https://www.couponbirds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 22:05:11 GMT
x-content-type-options: nosniff
age: 150258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13944
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 18:23:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 04 Oct 2022 22:05:11 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 38ms
16ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couponbirds.com/
Origin: https://www.couponbirds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 17:33:01 GMT
x-content-type-options: nosniff
age: 252988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14076
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 18:24:00 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 17:33:01 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 13 KB
14 KB 32ms
10ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.couponbirds.com/
Origin: https://www.couponbirds.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 17:55:42 GMT
x-content-type-options: nosniff
age: 597227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 18:23:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Sep 2022 17:55:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 71ms
33ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

0645648a1b453935a001a10bca25c4218a0309499bc53536115bf0b9d04a27e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51228
x-xss-protection: 0
server: cafe
etag: 2359432286849977119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 15:49:29 GMT

GET
H2 200 officeworks-com-au-IrJi.jpg
static.couponbirds.com/project_coupon_logo/ 4 KB
4 KB 41ms
22ms Image
image/webp 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.couponbirds.com/project_coupon_logo/officeworks-com-au-IrJi.jpg
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4cae47924062d5a4b50b869be2ce14457e2d8a762c2df457b5b65e2f8ef1fe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
via: 1.1 241b025da3883bdb653910a6da97c0a8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 124675
cf-polished: qual=85, origFmt=jpeg, origSize=4374
x-cache: Miss from cloudfront
x-edge-origin-shield-skipped: 0
content-disposition: inline; filename="officeworks-com-au-IrJi.webp"
content-length: 3684
last-modified: Thu, 01 Jul 2021 08:25:09 GMT
server: cloudflare
etag: "86574aab043ba574ae7ffeaf27b75a1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 13 Oct 2021 15:49:29 GMT
cache-control: public, max-age=604800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
cf-ray: 69a00a3c4d64dfe7-FRA
x-amz-cf-id: P1_rEFzE9xVSzbjtW6YqXN_qobEVdtp3msu6hBihbJR8CD9qBk7AwQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 Katherine_Lei.jpg
static.couponbirds.com/project-static-page/specialist/2020/11/ 11 KB
11 KB 39ms
20ms Image
image/webp 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.couponbirds.com/project-static-page/specialist/2020/11/Katherine_Lei.jpg
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 104ae528208b47a5247885ff6634186b882de1efb28411851226f7b229515c7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1757189
cf-polished: qual=85, origFmt=jpeg, origSize=23554
x-cache: Hit from cloudfront
content-disposition: inline; filename="Katherine_Lei.webp"
content-length: 11004
last-modified: Mon, 16 Nov 2020 03:36:46 GMT
server: cloudflare
etag: "fa893bc2c29bf322b7f9d9b45f576b3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 06 Oct 2021 19:49:29 GMT
cache-control: public, max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 69a00a3c4d67dfe7-FRA
x-amz-cf-id: Tfjhkh0N6nJkKjTryuaHH4_HYJubY5SHsnKMKyFITGdUwxds_talnQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 mail_big.png
static.couponbirds.com/project-static-resource/codes/ 2 KB
2 KB 43ms
25ms Image
image/webp 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.couponbirds.com/project-static-resource/codes/mail_big.png
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e29eb5341834fe65728dc56efb0e92e17c7689b6d55aa6c3969ee8db4695ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d39.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1115221
cf-polished: origFmt=png, origSize=3878
x-cache: Hit from cloudfront
x-edge-origin-shield-skipped: 0
content-disposition: inline; filename="mail_big.webp"
cf-bgj: imgq:85,h2pri
content-length: 2036
last-modified: Sat, 20 Feb 2021 07:02:51 GMT
server: cloudflare
etag: "2fbea193f07eae181577617c4feb6060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=14400
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
cf-ray: 69a00a3c4d66dfe7-FRA
x-amz-cf-id: t7YZZ448Wev_lld4kz4TpDkCRIOdkw7vQNlhfY0tOHFFy0P3O2q1Uw==
expires: Wed, 06 Oct 2021 19:49:29 GMT

GET
H2 200 base-brand.js Show response
www.couponbirds.com/js/ 40 KB
10 KB 24ms
23ms Script
application/javascript 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.couponbirds.com/js/base-brand.js?v=2021093001
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5acbde4a8abf4a4fc68da222fa1e89c736aa391d5b63ee96f09108f1a9cb8299

Request headers

:path: /js/base-brand.js?v=2021093001
pragma: no-cache
cookie: recent=%7B%22officeworks.com.au%22%3A%7B%22brand%22%3A%22Officeworks%22%2C%22timestamp%22%3A1633535369%2C%22website%22%3A%22officeworks.com.au%22%7D%7D; XSRF-TOKEN=eyJpdiI6InB1S1JXUi9TOTRjZHFnaEhZN1I2QUE9PSIsInZhbHVlIjoiNDJrcGROYkh0NTYxbDlVb2o3YzZ1V241dTl3anJ0bDdmZC80bVU1T2I1NXVOaDVoMytiY3lQalM5SmtyZzU1b1V0a2haNGx2OHJXVVFIdjh3SGtuU3lEY0Vna1JvdGNHM2RET01MZFArSWswOG9IMXZlYVpNTjY4ODBmd0poTjIiLCJtYWMiOiIyOGQ2NmNmODIyNmMzYTU3YTQ0ZWZmYzE1OGE2NDc1ZDkzMDQ2M2VjYWY4ZmZkMDk5ZWVjNmI2ZDNkYjY0YjQ3In0%3D; laravel_session=eyJpdiI6IjNLUVVNbk1QdTVheCtwcytsclA5cUE9PSIsInZhbHVlIjoibjNMeUUxYUlRSTRrOGZnVzNSWWtlMW9sYXkvS283cVk1QWw4UmFoSVJ4ZDU3czBIMFFlNzMxVlNEb2o3cG5Ed0tleW02VnBUZVJhalZGL2hyU01WOXhYMUQzUjhLK1k2RDZKTW9yc2Ywa0VWTjZRbDNWckowanVYdEphaXJvckYiLCJtYWMiOiJiMzcyZTZjMDhiMzcyNTQ4MmJlZGE0NTk1NWNiNDgzY2MyZmJkZDdkZDJkYjYyY2IwOGZjM2QzMDcxYzUwY2VmIn0%3D; c_vid=0908923572e96799c197c311ec9728a1; __cf_bm=xKwgB3O4OypJ5_kqKt_ylCk2jgV5PSgenT8sIyt1J8Q-1633535369-0-Adfne8r01mGgkAsch38soghF7n9KRFvKDQs8k9C15B8LUxPvhQbEbeMFXqN42qD4Sx/BUi0Y1MYFZLOxPze2q5I=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.couponbirds.com
referer: https://www.couponbirds.com/codes/officeworks.com.au
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/codes/officeworks.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 05:00:43 GMT
server: cloudflare
age: 557322
etag: W/"6155447b-9f76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1728000
cf-bgj: minify
cf-ray: 69a00a3c3d3adfe7-FRA
expires: Tue, 26 Oct 2021 15:49:29 GMT

GET
H2 200 coupon_abc_zone.js Show response
www.couponbirds.com/static/new_index/js/ 0
148 B 395ms
394ms Script
application/javascript 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.couponbirds.com/static/new_index/js/coupon_abc_zone.js?v=6260733
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /static/new_index/js/coupon_abc_zone.js?v=6260733
pragma: no-cache
cookie: recent=%7B%22officeworks.com.au%22%3A%7B%22brand%22%3A%22Officeworks%22%2C%22timestamp%22%3A1633535369%2C%22website%22%3A%22officeworks.com.au%22%7D%7D; XSRF-TOKEN=eyJpdiI6InB1S1JXUi9TOTRjZHFnaEhZN1I2QUE9PSIsInZhbHVlIjoiNDJrcGROYkh0NTYxbDlVb2o3YzZ1V241dTl3anJ0bDdmZC80bVU1T2I1NXVOaDVoMytiY3lQalM5SmtyZzU1b1V0a2haNGx2OHJXVVFIdjh3SGtuU3lEY0Vna1JvdGNHM2RET01MZFArSWswOG9IMXZlYVpNTjY4ODBmd0poTjIiLCJtYWMiOiIyOGQ2NmNmODIyNmMzYTU3YTQ0ZWZmYzE1OGE2NDc1ZDkzMDQ2M2VjYWY4ZmZkMDk5ZWVjNmI2ZDNkYjY0YjQ3In0%3D; laravel_session=eyJpdiI6IjNLUVVNbk1QdTVheCtwcytsclA5cUE9PSIsInZhbHVlIjoibjNMeUUxYUlRSTRrOGZnVzNSWWtlMW9sYXkvS283cVk1QWw4UmFoSVJ4ZDU3czBIMFFlNzMxVlNEb2o3cG5Ed0tleW02VnBUZVJhalZGL2hyU01WOXhYMUQzUjhLK1k2RDZKTW9yc2Ywa0VWTjZRbDNWckowanVYdEphaXJvckYiLCJtYWMiOiJiMzcyZTZjMDhiMzcyNTQ4MmJlZGE0NTk1NWNiNDgzY2MyZmJkZDdkZDJkYjYyY2IwOGZjM2QzMDcxYzUwY2VmIn0%3D; c_vid=0908923572e96799c197c311ec9728a1; __cf_bm=xKwgB3O4OypJ5_kqKt_ylCk2jgV5PSgenT8sIyt1J8Q-1633535369-0-Adfne8r01mGgkAsch38soghF7n9KRFvKDQs8k9C15B8LUxPvhQbEbeMFXqN42qD4Sx/BUi0Y1MYFZLOxPze2q5I=
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.couponbirds.com
referer: https://www.couponbirds.com/codes/officeworks.com.au
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/codes/officeworks.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:30 GMT
cf-cache-status: MISS
last-modified: Thu, 15 Apr 2021 10:38:05 GMT
server: cloudflare
etag: "6078178d-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1728000
accept-ranges: bytes
cf-ray: 69a00a3c3d3bdfe7-FRA
content-length: 0
expires: Tue, 26 Oct 2021 15:49:30 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 38 KB
13 KB 56ms
28ms Script
application/x-javascript 172.67.38.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b96ebcd88975441922975f3ff294f65099b87f48367b9513a2b05472dfb621

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Aug 2021 09:31:44 GMT
server: cloudflare
age: 23737
etag: W/"61163c00-99a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=43200
cf-ray: 69a00a3c5d895c44-FRA
expires: Wed, 06 Oct 2021 21:13:52 GMT

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 41ms
13ms Script
text/javascript 104.16.221.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.221.29 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 82062
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 13 Oct 2021 15:49:29 GMT
cache-control: public, max-age=604800
cf-ray: 69a00a3c5c52435d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-proxy-cache: HIT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 55ms
39ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.couponbirds.com
URL: https://www.couponbirds.com/codes/officeworks.com.au
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 69a00a3c4dac2fa5-FRA

GET
DATA 200
OK truncated
/ 931 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 678cd2709e891329740ba523741e931b4b7fda0f24cf31845632ad1200814e8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 13ms
13ms XHR
text/plain 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=126063292&t=pageview&_s=1&dl=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&ul=en-us&de=UTF-8&dt=Enjoy%2025%25%20Off%20Officeworks%20Coupons%20%26%20Promo%20Codes%20October%2C%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1001672846&gjid=1444377300&cid=545379639.1633535370&tid=UA-67282613-3&_gid=2030549733.1633535370&_r=1&_slc=1&z=716672496

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.couponbirds.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 15:49:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.couponbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
463 B 48ms
14ms XHR
text/plain 74.125.71.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-67282613-3&cid=545379639.1633535370&jid=1001672846&gjid=1444377300&_gid=2030549733.1633535370&_u=IEBAAEAAAAAAAC~&z=1990340405

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.couponbirds.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 06 Oct 2021 15:49:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.couponbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
572 B 133ms
132ms XHR
application/json 172.67.38.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=10880558&u1=63208E8505CC4F198B99107AD6F796C1&java=1&security=0b6047bd&sc_snum=1&sess=508215&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.couponbirds.com/codes/officeworks.com.au&t=Enjoy%2025%25%20Off%20Officeworks%20Coupons%20%26%20Promo%20Codes%20October%2C%202021&invisible=1&sc_rum_e_s=376&sc_rum_e_e=380&sc_rum_f_s=0&sc_rum_f_e=353&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69a00a3cbe915c44-FRA
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin: https://www.couponbirds.com
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 257 KB
95 KB 98ms
75ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

f28eef56b80f199deadd51753addbbfe6ab731312d0daa09573de6c749960d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97173
x-xss-protection: 0
server: cafe
etag: 2721350736796222760
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 15:49:29 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/ Frame 2ABD 10 KB
5 KB 31ms
9ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211004/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.couponbirds.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Oct 2021 03:55:03 GMT
expires: Wed, 20 Oct 2021 03:55:03 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 42866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
660 B 42ms
15ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.couponbirds.com&callback=_gfp_s_&client=ca-pub-1700405896540198

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f22c0e06d7632d616cc93de0530d27f9ba0e39c740b106fb6330abbaf3c8e679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 45ms
16ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.couponbirds.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 15:49:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C754 77 KB
19 KB 624ms
610ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1700405896540198&output=html&h=280&slotname=6062149152&adk=2614364139&adf=4291403611&pi=t.ma~as.6062149152&w=825&fwrn=4&fwrnh=100&lmt=1633535369&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369723&bpp=5&bdt=182&idt=135&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5064071397651&frm=20&pv=2&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GasAigrGs4&p=https%3A//www.couponbirds.com&dtd=151

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

385a971d2bfa5f5be1cb5a9266d122eedebed300228e55ca99fa06b48f003188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1700405896540198&output=html&h=280&slotname=6062149152&adk=2614364139&adf=4291403611&pi=t.ma~as.6062149152&w=825&fwrn=4&fwrnh=100&lmt=1633535369&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369723&bpp=5&bdt=182&idt=135&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5064071397651&frm=20&pv=2&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GasAigrGs4&p=https%3A//www.couponbirds.com&dtd=151
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.couponbirds.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 06 Oct 2021 15:49:30 GMT
server: cafe
content-length: 19752
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 16:04:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 15:49:30 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDCD 0
19 B 85ms
85ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1700405896540198&output=html&adk=1812271804&adf=3025194257&lmt=1633535369&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369739&bpp=1&bdt=198&idt=142&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=825x280&nras=1&correlator=5064071397651&frm=20&pv=1&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=151

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1700405896540198&output=html&adk=1812271804&adf=3025194257&lmt=1633535369&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369739&bpp=1&bdt=198&idt=142&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=825x280&nras=1&correlator=5064071397651&frm=20&pv=1&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=151
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.couponbirds.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 06 Oct 2021 15:49:29 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 06-Oct-2021 16:04:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 06 Oct 2021 15:49:29 GMT
cache-control: private

GET
H2 200 in.php Show response
in.getclicky.com/ 139 B
435 B 445ms
147ms Script
text/javascript 198.145.13.12
DF-PTL01

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101266611&type=pageview&href=%2Fcodes%2Fofficeworks.com.au&title=Enjoy%2025%25%20Off%20Officeworks%20Coupons%20%26%20Promo%20Codes%20October%2C%202021&res=1600x1200&lang=en&jsuid=1683229599&mime=js&x=0.5800785523928598
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.145.13.12 Portland, United States, ASN2044 (DF-PTL01, US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: f3c4d5fc7c201b1b68f3e67d41db50c384b3bb33b5c00cdb8832dc96af807cb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C754 3 KB
1 KB 40ms
16ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1700405896540198&output=html&h=280&slotname=6062149152&adk=2614364139&adf=4291403611&pi=t.ma~as.6062149152&w=825&fwrn=4&fwrnh=100&lmt=1633535369&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369723&bpp=5&bdt=182&idt=135&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5064071397651&frm=20&pv=2&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GasAigrGs4&p=https%3A//www.couponbirds.com&dtd=151

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 14:38:43 GMT
server: ESF
date: Wed, 06 Oct 2021 15:49:30 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 06 Oct 2021 15:49:30 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame C754 1 KB
944 B 37ms
12ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
server: cafe
etag: 7640065535275194769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 15:44:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame C754 18 KB
8 KB 29ms
7ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 15:38:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame C754 3 KB
1 KB 35ms
13ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 15:48:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C754 122 KB
38 KB 57ms
35ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Oct 2021 15:49:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame C754 14 KB
6 KB 30ms
8ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:45:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Oct 2021 15:45:37 GMT

GET
H2 200 8400539943eb1c96fa551c508d61e34e.js Show response
www.gstatic.com/mysidia/ Frame C754 26 KB
12 KB 56ms
16ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 10:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11136
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 18:12:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 03 Jan 2022 10:35:08 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame C754 19 KB
20 KB 48ms
17ms Image
image/jpeg 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcROD_ksj410i7PpV-b3uvG_sOCS73wPiQoavi0DrpAuSvDcPKvC08VTGQwgFzo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

1d2860b48f71ead34b6a64e8940096c100d6f1113d459925015ca9a6d910a7d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 22:55:39 GMT
x-content-type-options: nosniff
last-modified: Sat, 30 May 2020 09:36:37 GMT
server: sffe
age: 233631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19724
x-xss-protection: 0
expires: Mon, 03 Oct 2022 22:55:39 GMT

GET
H3

200

9288950999397694842
tpc.googlesyndication.com/simgad/ Frame C754
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCnn8WMZhCwCRiwCTII4jBbAU9Ixm8
https://tpc.googlesyndication.com/simgad/9288950999397694842

83 KB
83 KB

37ms
14ms

Image
image/png

142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9288950999397694842

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a096b9f9a7b79e0bcda28f9c7a443c211242d9613b77fea6222acf440d9f6ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 15:18:27 GMT
x-content-type-options: nosniff
age: 174663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85380
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 10:05:52 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 15:18:27 GMT

Redirect headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 13:08:43 GMT
x-content-type-options: nosniff
server: cafe
age: 9647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9288950999397694842
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Nov 2021 13:08:43 GMT

GET
H/1.1

200
OK

visit.jpg Show response
tps30.doubleverify.com/ Frame C754
Redirect Chain

https://ad.doubleclick.net/ddm/ad/N128002.134426GOOGLEDISPLAYNETWO/B25087192.290605717;sz=1x1;ord=414561227;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=?
https://ad.doubleclick.net/ddm/ad/N128002.134426GOOGLEDISPLAYNETWO/B25087192.290605717;dc_pre=CInm9buRtvMCFRSXdwod-GwPyg;sz=1x1;ord=414561227;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://tps30.doubleverify.com/visit.jpg?ctx=14199192&cmp=25087192&sid=2121545&plc=290605717&num=&adid=&advid=4877208&adsrv=1&btreg=483819809&btadsrv=doubleclick&crt=142925563&crtname=&chnl=&unit=&...

305 B
367 B

311ms
9ms

Fetch
image/jpeg

213.254.244.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps30.doubleverify.com/visit.jpg?ctx=14199192&cmp=25087192&sid=2121545&plc=290605717&num=&adid=&advid=4877208&adsrv=1&btreg=483819809&btadsrv=doubleclick&crt=142925563&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.img&
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1700405896540198&output=html&h=280&slotname=6062149152&adk=2614364139&adf=4291403611&pi=t.ma~as.6062149152&w=825&fwrn=4&fwrnh=100&lmt=1633535369&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369723&bpp=5&bdt=182&idt=135&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5064071397651&frm=20&pv=2&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GasAigrGs4&p=https%3A//www.couponbirds.com&dtd=151
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Oct 2021 15:49:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Content-Length: 142
Expires: 10/5/2021 3:49:30 PM

Redirect headers

pragma: no-cache
date: Wed, 06 Oct 2021 15:49:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://tps30.doubleverify.com/visit.jpg?ctx=14199192&cmp=25087192&sid=2121545&plc=290605717&num=&adid=&advid=4877208&adsrv=1&btreg=483819809&btadsrv=doubleclick&crt=142925563&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.img&
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C754 0
0 18ms
18ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClK0picVdYaDbN47I1fAPooSt8Abl1brLZZuP-aHCDovyl46SDhABIJv5r0NgyQagAYffkewDyAEGqAMByAMCqgTqAU_QMPEd7efsfFEiBEq129hwiDP5ESK7MRFPALyOcBqNf3O-XNRdy1LuJXigooiy_UqaN4BZeopTfPgHZcCxTmOsjceW4E7TXWtRJHKlIga3oi02I2SwHZJB4FwMl6MorcVzQHOlNaGduWPXbEql3Ka4XKeIDasvjFdsLgyQl-QQkPZcJ5Y_q_4DVxN7PFAKBavtghKBxoOdITgiQtQn6wfkiaEl7B3Wt0CfYhVLRfj08iu3cUPEpcNzlJv9nZdOrNWIqPJY-fd23DsVZBmztHEvnopbPaA17jjEh5LQ_EBgzE_D0-egcwaNfsAEzIriuqUDkgUECAQYAZIFBAgFGASgBjeAB9uE0yWoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBDM3VXSCAcIgGEQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTE3MDA0MDU4OTY1NDAxOTgYAA&sigh=uVQV2cdaydg&uach_m=[UACH]&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1700405896540198&output=html&h=280&slotname=6062149152&adk=2614364139&adf=4291403611&pi=t.ma~as.6062149152&w=825&fwrn=4&fwrnh=100&lmt=1633535369&rafmt=1&psa=0&format=825x280&url=https%3A%2F%2Fwww.couponbirds.com%2Fcodes%2Fofficeworks.com.au&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633535369723&bpp=5&bdt=182&idt=135&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=5064071397651&frm=20&pv=2&ga_vid=545379639.1633535370&ga_sid=1633535370&ga_hid=126063292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=245&ady=654&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=972447958810658&pem=118&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GasAigrGs4&p=https%3A//www.couponbirds.com&dtd=151
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 06 Oct 2021 15:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Oct 2021 15:49:30 GMT

GET
DATA 200
OK truncated
/ Frame C754 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 623592818efff0aacc3ac43dbeffa7eb10b35222b5a20c2ceef62501a2d37f00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame C754 20 KB
20 KB 21ms
6ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 259198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 15:49:32 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame C754 21 KB
21 KB 23ms
9ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 06:58:12 GMT
x-content-type-options: nosniff
age: 291078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Oct 2022 06:58:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 52ms
28ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211004&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

18c064ec513c354d2a6a57bf6317858a2c7994ab2d27f524781fce593d14a77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 06 Oct 2021 15:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8457
x-xss-protection: 0

POST
H2 200 rum Show response
www.couponbirds.com/cdn-cgi/ 0
237 B 15ms
15ms XHR
text/plain 104.18.12.221
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.couponbirds.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.221 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.couponbirds.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: recent=%7B%22officeworks.com.au%22%3A%7B%22brand%22%3A%22Officeworks%22%2C%22timestamp%22%3A1633535369%2C%22website%22%3A%22officeworks.com.au%22%7D%7D; XSRF-TOKEN=eyJpdiI6InB1S1JXUi9TOTRjZHFnaEhZN1I2QUE9PSIsInZhbHVlIjoiNDJrcGROYkh0NTYxbDlVb2o3YzZ1V241dTl3anJ0bDdmZC80bVU1T2I1NXVOaDVoMytiY3lQalM5SmtyZzU1b1V0a2haNGx2OHJXVVFIdjh3SGtuU3lEY0Vna1JvdGNHM2RET01MZFArSWswOG9IMXZlYVpNTjY4ODBmd0poTjIiLCJtYWMiOiIyOGQ2NmNmODIyNmMzYTU3YTQ0ZWZmYzE1OGE2NDc1ZDkzMDQ2M2VjYWY4ZmZkMDk5ZWVjNmI2ZDNkYjY0YjQ3In0%3D; laravel_session=eyJpdiI6IjNLUVVNbk1QdTVheCtwcytsclA5cUE9PSIsInZhbHVlIjoibjNMeUUxYUlRSTRrOGZnVzNSWWtlMW9sYXkvS283cVk1QWw4UmFoSVJ4ZDU3czBIMFFlNzMxVlNEb2o3cG5Ed0tleW02VnBUZVJhalZGL2hyU01WOXhYMUQzUjhLK1k2RDZKTW9yc2Ywa0VWTjZRbDNWckowanVYdEphaXJvckYiLCJtYWMiOiJiMzcyZTZjMDhiMzcyNTQ4MmJlZGE0NTk1NWNiNDgzY2MyZmJkZDdkZDJkYjYyY2IwOGZjM2QzMDcxYzUwY2VmIn0%3D; c_vid=0908923572e96799c197c311ec9728a1; __cf_bm=xKwgB3O4OypJ5_kqKt_ylCk2jgV5PSgenT8sIyt1J8Q-1633535369-0-Adfne8r01mGgkAsch38soghF7n9KRFvKDQs8k9C15B8LUxPvhQbEbeMFXqN42qD4Sx/BUi0Y1MYFZLOxPze2q5I=; _ga=GA1.2.545379639.1633535370; _gid=GA1.2.2030549733.1633535370; _gat=1; sc_is_visitor_unique=rx10880558.1633535370.63208E8505CC4F198B99107AD6F796C1.1.1.1.1.1.1.1.1.1; _first_pageview=1; _jsuid=1683229599; __gads=ID=e208de5439ff4a7c-2212999ce8ca002c:T=1633535369:RT=1633535369:S=ALNI_Mas_BOTCnosuG1dSzmdvbPlQm5MGA
content-length: 10337
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.couponbirds.com
referer: https://www.couponbirds.com/codes/officeworks.com.au
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.couponbirds.com/codes/officeworks.com.au
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Wed, 06 Oct 2021 15:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.couponbirds.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 69a00a428d79dfe7-FRA
vary: Origin

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 15:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 06 Oct 2021 15:49:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 784C 12 KB
5 KB 13ms
13ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.couponbirds.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 06 Oct 2021 15:20:09 GMT
expires: Thu, 06 Oct 2022 15:20:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E207 783 B
1 KB 41ms
19ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

cb8c00870201fbee163a8589512006f50ea80af6663dcb8d67177728a1ba2a9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v0p/R63qrn7IdpTh5cfAxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.couponbirds.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 06 Oct 2021 15:49:30 GMT
date: Wed, 06 Oct 2021 15:49:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-v0p/R63qrn7IdpTh5cfAxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js Show response
pagead2.googlesyndication.com/bg/ Frame 784C 35 KB
13 KB 16ms
15ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 13:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13365
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 05 Oct 2022 13:10:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E207 0
0 69ms
69ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211004&jk=972447958810658&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
69ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20211004&jk=972447958810658&bg=!GhmlGV3NAAZE-GIIRPg7ACkAdvg8WhuIxi5YTyBCvdjhdF3JSdnA2zMQ_l8p4JuK9B2xy9eqAUz6AwIAAABmUgAAAAtoAQeZAsb8DKiqn2Tnt4dFiKf3_hZVeaTFWpU3FD0Je8hyZljqSca3tUNVyUwVlYj9lNd2xVjRqtwxDHdUeJsOEkk8nForGvHqgzdBqK0mZ0eAbVf1YOJS5u3r28VmCGZHqcskHxGZZDySUXHxWx3gLDEImPOPOuudOUJY3XK4TTZoGKrE-gIiG4teV3TsE1-qyz8UysvK8SjFKIBG5SuolusiMBgABVabNsc8AAtLFVnZJhqGo-vtkOHDRG5Ps-vIR7B_Tk33SqEZIF9UOaTTCePhfc5OeckWxOOiMBsDJ4TH5xmZcG6jp4yXxtFtQ7Cf_uDS03UdwcKDHxEjzG_96N9-tFoc5axMIjuVPk2JEvKlc72Ps7FAzcBowOH9BTIS_O28AzRBCX9kXWjs6i88IwKNxi4_pNlt3KpIEOEjER2iIWr4DN-owHrssgb8qvaBepyYRj4UEMLlpUAulMYRFmjdTGmRVSMGB_MGXroUMwGuyh9kqoPq8q4BddnNxpSc-PNjT_7E_hzffrb9r0BNL64zTHR4fQJNZ4B6ZSPPgDobrcu6QlDlFP-0U214Gv4m0kWf8OaF46iYVcUW9QxXr_CNWzuaU81Sa9h8hJpLJ5wLbkWAcOdK3jeC0QRMEGkG9k0GtTDLMq9ZbzTs8RGnKDc6SuEFqRt8KN001x2CeAjGvG4XSaTQOdFeblqfLZTa8rn_2pndJ_KCLJMHRmx1MNzVOjQssLg25CIHjSQQC2128VBT1TSWuz3goSpJTGAI6_lcWQcMP5XnAKpXxqnK0EfHWamxgZupsDY2ZsfMLK247NZip1nP8LcJugtidpox55S3qPA6A2qLrGaM9_PVfDMOF8FK1ynva_uQFMgyD4ieum8Ll1ZHuTmMnrginnjhZ6aEN8mKYjmfraO0zHPR5IZJW5glNE2x4n2p2zNJqWfGryKSe0aisoDUVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.couponbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C754 42 B
64 B 54ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcuc0H04FX51SQtgMT3J0ob92JVtnQi8sLcSgs-QmAZuFg9GdIVwcEJ1j4Y-y4FzG5WEluuHivv7KxwVYdQGH_PGReSIX4WDQ_kFXgOsGnUklPVJ4&sai=AMfl-YRRoX2kfFt0yERIeeR7i440koiMOVqYBqJtc2vvH2hoVwfIh1lS-lUaG5ejILggTljErtdMh6ske7VO&sig=Cg0ArKJSzL6wyIGmUovBEAE&id=lidar2&mcvt=1000&p=0,0,280,825&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2614364139&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633535369876&rpt=751

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Oct 2021 15:49:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.couponbirds.com/	1970-01-19 21:59:59	Name: recent Value: %7B%22officeworks.com.au%22%3A%7B%22brand%22%3A%22Officeworks%22%2C%22timestamp%22%3A1633535369%2C%22website%22%3A%22officeworks.com.au%22%7D%7D
www.couponbirds.com/	1970-01-19 21:45:42	Name: XSRF-TOKEN Value: eyJpdiI6InB1S1JXUi9TOTRjZHFnaEhZN1I2QUE9PSIsInZhbHVlIjoiNDJrcGROYkh0NTYxbDlVb2o3YzZ1V241dTl3anJ0bDdmZC80bVU1T2I1NXVOaDVoMytiY3lQalM5SmtyZzU1b1V0a2haNGx2OHJXVVFIdjh3SGtuU3lEY0Vna1JvdGNHM2RET01MZFArSWswOG9IMXZlYVpNTjY4ODBmd0poTjIiLCJtYWMiOiIyOGQ2NmNmODIyNmMzYTU3YTQ0ZWZmYzE1OGE2NDc1ZDkzMDQ2M2VjYWY4ZmZkMDk5ZWVjNmI2ZDNkYjY0YjQ3In0%3D
www.couponbirds.com/	1970-01-19 21:45:42	Name: laravel_session Value: eyJpdiI6IjNLUVVNbk1QdTVheCtwcytsclA5cUE9PSIsInZhbHVlIjoibjNMeUUxYUlRSTRrOGZnVzNSWWtlMW9sYXkvS283cVk1QWw4UmFoSVJ4ZDU3czBIMFFlNzMxVlNEb2o3cG5Ed0tleW02VnBUZVJhalZGL2hyU01WOXhYMUQzUjhLK1k2RDZKTW9yc2Ywa0VWTjZRbDNWckowanVYdEphaXJvckYiLCJtYWMiOiJiMzcyZTZjMDhiMzcyNTQ4MmJlZGE0NTk1NWNiNDgzY2MyZmJkZDdkZDJkYjYyY2IwOGZjM2QzMDcxYzUwY2VmIn0%3D
.couponbirds.com/	1970-01-20 15:16:47	Name: c_vid Value: 0908923572e96799c197c311ec9728a1
.couponbirds.com/	1970-01-19 21:45:37	Name: __cf_bm Value: xKwgB3O4OypJ5_kqKt_ylCk2jgV5PSgenT8sIyt1J8Q-1633535369-0-Adfne8r01mGgkAsch38soghF7n9KRFvKDQs8k9C15B8LUxPvhQbEbeMFXqN42qD4Sx/BUi0Y1MYFZLOxPze2q5I=
.couponbirds.com/	1970-01-20 15:16:47	Name: _ga Value: GA1.2.545379639.1633535370
.couponbirds.com/	1970-01-19 21:47:01	Name: _gid Value: GA1.2.2030549733.1633535370
.couponbirds.com/	1970-01-19 21:45:35	Name: _gat Value: 1
.couponbirds.com/	1970-01-20 15:16:47	Name: sc_is_visitor_unique Value: rx10880558.1633535370.63208E8505CC4F198B99107AD6F796C1.1.1.1.1.1.1.1.1.1
.statcounter.com/	1970-01-21 17:33:10	Name: is_unique Value: sc10880558.1633535369.0
.statcounter.com/	1970-01-20 15:16:22	Name: is_visitor_unique Value: 1633535369170725073
.couponbirds.com/	1970-01-19 21:45:35	Name: _first_pageview Value: 1
.couponbirds.com/	1970-01-20 06:31:11	Name: _jsuid Value: 1683229599
.couponbirds.com/	1970-01-20 07:07:11	Name: __gads Value: ID=e208de5439ff4a7c-2212999ce8ca002c:T=1633535369:RT=1633535369:S=ALNI_Mas_BOTCnosuG1dSzmdvbPlQm5MGA
in.getclicky.com/	1970-01-20 06:31:11	Name: cluid Value: 1683229599
.doubleclick.net/	1970-01-20 15:16:47	Name: IDE Value: AHWqTUlKjcx0vmBzRSlpmOv3UnopgdFTHRadFgwrmOqGouV82RzYVed1BOHuG9sxGI4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
c.statcounter.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.getclicky.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.cloudflareinsights.com
static.couponbirds.com
static.getclicky.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tps30.doubleverify.com
www.couponbirds.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
104.16.221.29
104.16.95.65
104.18.12.221
142.250.184.194
142.250.184.196
142.250.184.234
142.250.185.163
142.250.185.206
142.250.185.98
142.250.186.129
142.250.186.130
142.250.186.66
142.250.186.98
142.250.186.99
142.250.74.206
172.67.38.97
198.145.13.12
213.254.244.20
216.58.212.134
74.125.71.156
0645648a1b453935a001a10bca25c4218a0309499bc53536115bf0b9d04a27e4
104ae528208b47a5247885ff6634186b882de1efb28411851226f7b229515c7c
18c064ec513c354d2a6a57bf6317858a2c7994ab2d27f524781fce593d14a77c
1d2860b48f71ead34b6a64e8940096c100d6f1113d459925015ca9a6d910a7d6
25e29eb5341834fe65728dc56efb0e92e17c7689b6d55aa6c3969ee8db4695ce
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
34f1022f0168df5bc83ef3b0486fe838927fc720e201e769f62c366cb71717f1
385a971d2bfa5f5be1cb5a9266d122eedebed300228e55ca99fa06b48f003188
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
5acbde4a8abf4a4fc68da222fa1e89c736aa391d5b63ee96f09108f1a9cb8299
5ae91fe13f17bd08dbfa835ba6128d165dba3c87ed1d3d1619e22e458657d681
623592818efff0aacc3ac43dbeffa7eb10b35222b5a20c2ceef62501a2d37f00
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
678cd2709e891329740ba523741e931b4b7fda0f24cf31845632ad1200814e8e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
880615098e4a8fa71bedc4b510d6b74145e0528eef749bf4127ee6db7989a1fd
97a4442b2109a67e0355a9a74b37979ab9a9f26a2d0378a3f686f4cf2c1dd5d2
9808b71e8043adeb534feb4ec78c13b66906150729775dd2c737765914e6d032
a096b9f9a7b79e0bcda28f9c7a443c211242d9613b77fea6222acf440d9f6ddb
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b907cd5b9c690c51dffd25fed156e1f024bf46db2ed8778273cf7657b4f35a05
bacfe860f5e5d8ddc38de0220d3625bdf3cd201e85b963865a4f25fc66cb60a2
c4cae47924062d5a4b50b869be2ce14457e2d8a762c2df457b5b65e2f8ef1fe9
cb8c00870201fbee163a8589512006f50ea80af6663dcb8d67177728a1ba2a9d
cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
d6b96ebcd88975441922975f3ff294f65099b87f48367b9513a2b05472dfb621
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
eab25e72db8b014ce3f89260961af99b05db2ba2c6b60ed0c751c16e355033e9
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22c0e06d7632d616cc93de0530d27f9ba0e39c740b106fb6330abbaf3c8e679
f28eef56b80f199deadd51753addbbfe6ab731312d0daa09573de6c749960d74
f3c4d5fc7c201b1b68f3e67d41db50c384b3bb33b5c00cdb8832dc96af807cb5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

www.couponbirds.com Open in urlscan Pro 104.18.12.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

0 %IPv6

13 Domains

22 Subdomains

20 IPs

2 Countries

657 kBTransfer

1615 kBSize

16 Cookies

4 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.couponbirds.com Open in urlscan Pro
104.18.12.221 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

20
IPs

2
Countries

657 kB
Transfer

1615 kB
Size

16
Cookies

47 HTTP transactions
4 data transactions