magguts.orangeoffer.com Open in urlscan Pro
2606:4700::6812:12da Public Scan

Go To Rescan
Add Verdict Report

URL:
https://magguts.orangeoffer.com/
Submission Tags: 0xscam
Submission: On November 04 via api (November 4th 2024, 4:23:22 pm UTC) from US — Scanned from US

Summary HTTP 73 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 73 HTTP transactions. The main IP is 2606:4700::6812:12da, located in United States and belongs to CLOUDFLARENET, US. The main domain is magguts.orangeoffer.com.
TLS certificate: Issued by E6 on October 25th 2024. Valid for: 3 months.

This is the only time magguts.orangeoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700::68... 2606:4700::6812:12da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c19::61	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4004:c07::8a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::93	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4004:c17::64	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c07::9c	15169 (GOOGLE) (GOOGLE)
3	23.96.124.68 23.96.124.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::6a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:105e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
73	15

30 2606:4700::6812:12da (United States)

ASN13335 (CLOUDFLARENET, US)

magguts.orangeoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-assets.orangeoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.orangeoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.orangeoffer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4004:c07::8a (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c1d::9a (Washington, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::9c (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::9a (Washington, United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::84 (Washington, United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:105e (United States)

ASN13335 (CLOUDFLARENET, US)

sentry.impressionfox.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	orangeoffer.com magguts.orangeoffer.com cdn-assets.orangeoffer.com cdn.orangeoffer.com www.orangeoffer.com Failed	712 KB
16	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682 www.google.com — Cisco Umbrella Rank: 3	195 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 634 s.clarity.ms — Cisco Umbrella Rank: 7093 c.clarity.ms — Cisco Umbrella Rank: 1236	30 KB
5	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	335 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245 ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383	19 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	171 KB
1	impressionfox.xyz sentry.impressionfox.xyz	771 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 190	772 B
73	10

	Domain	Requested by
23	cdn-assets.orangeoffer.com	magguts.orangeoffer.com
14	fundingchoicesmessages.google.com	magguts.orangeoffer.com pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	magguts.orangeoffer.com pagead2.googlesyndication.com cdn-assets.orangeoffer.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	magguts.orangeoffer.com	magguts.orangeoffer.com cdn-assets.orangeoffer.com
3	s.clarity.ms	magguts.orangeoffer.com
3	www.google-analytics.com	www.googletagmanager.com cdn-assets.orangeoffer.com magguts.orangeoffer.com
3	www.googletagmanager.com	magguts.orangeoffer.com cdn-assets.orangeoffer.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	c.clarity.ms	1 redirects
2	www.orangeoffer.com	magguts.orangeoffer.com
2	www.clarity.ms	magguts.orangeoffer.com www.clarity.ms
2	www.google.com	magguts.orangeoffer.com ep2.adtrafficquality.google
1	sentry.impressionfox.xyz	magguts.orangeoffer.com
1	ep1.adtrafficquality.google	magguts.orangeoffer.com
1	c.bing.com	1 redirects
1	cdn.orangeoffer.com	magguts.orangeoffer.com
73	17

This site contains links to these domains. Also see Links.

Domain
www.orangeoffer.com
coopercases.orangeoffer.com
jammer-store.orangeoffer.com
trademore.orangeoffer.com
phoneremedies.orangeoffer.com
welectronics.orangeoffer.com
stellarinfo.orangeoffer.com
www.facebook.com
pokemoncenter.orangeoffer.com
plantshedcom.orangeoffer.com
samsungparts.orangeoffer.com
subimods.orangeoffer.com
sullivansupply.orangeoffer.com
ihatestevensinger.orangeoffer.com
pastbook.orangeoffer.com
vanquishfitness.orangeoffer.com
estreetplastics.orangeoffer.com
jetbrains.orangeoffer.com
capriottis.orangeoffer.com
fossilera.orangeoffer.com

Subject Issuer	Validity	Valid
orangeoffer.com E6	`2024-10-25` - `2025-01-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
impressionfox.xyz WE1	`2024-09-14` - `2024-12-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://magguts.orangeoffer.com/
Frame ID: 780AE07E054986167F83CCF25A3225D4
Requests: 67 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-5P5M9GV4
Frame ID: 5F7CBE1C903ACE5C2F78A029C55CEA81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: BE71B8A372999202A58A22E630EDD933
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730737396&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmagguts.orangeoffer.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730737395757&bpp=4&bdt=273&idt=449&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5458990054912&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C95344187%2C95344787%2C95345788%2C95345962&oid=2&pvsid=308398902999847&tmod=1428011365&uas=0&nvt=1&fsapi=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=467
Frame ID: C37003C266CA34BA47824990742A7F1D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&h=120&slotname=2341686216&adk=2281827064&adf=1351002786&pi=t.ma~as.2341686216&w=880&abgtt=6&lmt=1730737396&rafmt=11&format=880x120&url=https%3A%2F%2Fmagguts.orangeoffer.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730737396088&bpp=3&bdt=604&idt=191&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5458990054912&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=19&eid=44759875%2C44759926%2C95346097%2C95344187%2C95344787%2C95345788%2C95345962&oid=2&pvsid=308398902999847&tmod=1428011365&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=203
Frame ID: 897DEE44F6514E1612E4E43819DE9B0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 821C2915D381967967E1313C6155892F
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: C8FD098E9F37066AE10AE00F07611ED6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7AF2B9DA66386885528462F414529132
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Magguts Discount Codes, Promo Codes. Sales & Special Deals in November 2024

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

73
Requests

96 %
HTTPS

87 %
IPv6

10
Domains

17
Subdomains

15
IPs

1
Countries

1483 kB
Transfer

5668 kB
Size

36
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.orangeoffer.com/

Search URL Search Domain Scan URL

URL: https://www.orangeoffer.com/stores/
Title: All Stores

Search URL Search Domain Scan URL

URL: https://www.orangeoffer.com/offers/
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://coopercases.orangeoffer.com/

Search URL Search Domain Scan URL

URL: https://jammer-store.orangeoffer.com/

Search URL Search Domain Scan URL

URL: https://trademore.orangeoffer.com/

Search URL Search Domain Scan URL

URL: https://phoneremedies.orangeoffer.com/

Search URL Search Domain Scan URL

URL: https://welectronics.orangeoffer.com/

Search URL Search Domain Scan URL

URL: https://stellarinfo.orangeoffer.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MagGuts-389341521134702/

Search URL Search Domain Scan URL

URL: https://pokemoncenter.orangeoffer.com/
Title: Pokemon Center Promo Codes

Search URL Search Domain Scan URL

URL: https://plantshedcom.orangeoffer.com/
Title: Plantshed.com Discount Codes

Search URL Search Domain Scan URL

URL: https://samsungparts.orangeoffer.com/
Title: Samsung Parts Discount Codes

Search URL Search Domain Scan URL

URL: https://subimods.orangeoffer.com/
Title: Subimods Discount Codes

Search URL Search Domain Scan URL

URL: https://sullivansupply.orangeoffer.com/
Title: Sullivan Supply Coupon Codes

Search URL Search Domain Scan URL

URL: https://ihatestevensinger.orangeoffer.com/
Title: I Hate Steven Singer Promo Codes

Search URL Search Domain Scan URL

URL: https://pastbook.orangeoffer.com/
Title: PastBook Coupons

Search URL Search Domain Scan URL

URL: https://vanquishfitness.orangeoffer.com/
Title: Vanquish Fitness Discount Codes

Search URL Search Domain Scan URL

URL: https://estreetplastics.orangeoffer.com/
Title: eStreetPlastics Coupons

Search URL Search Domain Scan URL

URL: https://jetbrains.orangeoffer.com/
Title: Jetbrains Discount Codes

Search URL Search Domain Scan URL

URL: https://capriottis.orangeoffer.com/
Title: Capriotti's Coupons

Search URL Search Domain Scan URL

URL: https://fossilera.orangeoffer.com/
Title: Fossilera Promo Codes

Search URL Search Domain Scan URL

URL: https://www.orangeoffer.com/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.orangeoffer.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.orangeoffer.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=69B3962B6D474CC283C7F1397D94C2D2&RedC=c.clarity.ms&MXFR=13B13FB35EF063BA0AD72A9E5AF06D4E HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69B3962B6D474CC283C7F1397D94C2D2&MUID=00781D4E51496F3F2E43086350506ECE

73 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
magguts.orangeoffer.com/ 389 KB
64 KB 467ms
256ms Document
text/html 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4702008be38fbf5be82af7abeaab3ceb9c03c0347a09fd1b3b3981c28669c9eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8dd5f2902fa6422d-EWR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 04 Nov 2024 16:23:15 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
96 KB 78ms
33ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YQW93GBH6X

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d73b6b68a811ee7de43f44edffc4c28d0cfbc881c583c11300da5a92e41fa437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 04 Nov 2024 16:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97832
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 pub-8170686022786770 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 88ms
44ms Script
application/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-8170686022786770?ers=1

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72f1a1bad745bb3e5aaaf41f0d34f3f6fb1ee5a1041010aa3d3748178b7e2626

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PSuOmXuNDt_AErArLDUi4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Pr9cvJNN4MTzDz1MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBsYGegYG8QUGAJxCQJc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-PSuOmXuNDt_AErArLDUi4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 81ms
42ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8170686022786770

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4b0e91c0224e32b2a4d101266b5ab619bca8d898fa629cd05dd022738124c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://magguts.orangeoffer.com
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: br
etag: 4663542872867922362
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53311
x-xss-protection: 0
server: cafe

GET
H2 200 ads.js Show response
www.google.com/adsense/search/ 145 KB
53 KB 61ms
21ms Script
text/javascript 2607:f8b0:4004:c17::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a83bc44c889499e320cefa249438abeed046ce47eac4cd810b324c3c72979d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
etag: "1549445527165786724"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
link: <https://syndicatedsearch.goog>; rel="preconnect"
cache-control: private, max-age=3600
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
accept-ranges: bytes
x-xss-protection: 0
server: sffe

GET
H2 200 runtime.e978a.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 22 KB
11 KB 268ms
86ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.e978a.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 899517e69681b3ab7e3f8bcdef83033b46ebe23712056998343b6e3f9e5d5257

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"592d-192f6d1ce70"
age: 18912
cf-ray: 8dd5f292fc5c422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 267.41141.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 263 KB
89 KB 252ms
71ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/267.41141.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78347a3c747de3c1e47d3ed37d39b1ade00c33650d48ced4a6e848391d4a4a60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"41cf2-192f6d1ca88"
age: 18912
cf-ray: 8dd5f292fc54422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1655.1bc47.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 293 KB
74 KB 249ms
68ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/1655.1bc47.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d3dce90431d78a98155bf3fee7dd48edb0bbedf5ba3eeece6b9bd4e1ff3ded

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"49527-192f51a4300"
age: 48179
cf-ray: 8dd5f2930c8a422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 02:56:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1662.98190.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 141 KB
45 KB 242ms
61ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/1662.98190.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97cd8dbc3afd3ef3c9ea8485136880153f19cc4772c82ae3d272ba8d22691a92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"234e2-192f51a4300"
age: 48179
cf-ray: 8dd5f2930c61422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 02:56:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 266.e6078.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 607 KB
135 KB 217ms
37ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/266.e6078.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75faf9a115076029d04b85b60516bccd5b2666fee5fe5ea25e47f8fdfe045923

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"97cdc-192f6d1ca88"
age: 18912
cf-ray: 8dd5f292fc5f422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1657.13284.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 67 KB
23 KB 214ms
34ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/1657.13284.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19ada5fe3febcb986a3269f46bbbb23bc469395dc4277df285493089171c84ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"10bd0-192f6d1ce70"
age: 18912
cf-ray: 8dd5f292fc58422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 0.4b687.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 73 KB
25 KB 215ms
35ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/0.4b687.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67b2c40d906b89bc435ed6ee053be0e82c95760013ed1938b35e96aa91ccca0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"123ea-192f568cc78"
age: 42677
cf-ray: 8dd5f2930c64422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 04:22:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 64.c1444.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 22 KB
7 KB 232ms
52ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/64.c1444.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f4cb56c00bdfb4f7014abd8d94ecff6a63bf50fca90783bfe1148dec8f079e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"56ff-192f6278c80"
age: 30433
cf-ray: 8dd5f2930c86422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 07:50:40 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1549.0e061.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 336 KB
67 KB 239ms
59ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/1549.0e061.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 768fd4eccbe41e081ea70f68a75f54d364994e6b5c8a945199f4f586a9cb63b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"53f6c-192f6d1ce70"
age: 18912
cf-ray: 8dd5f2930c69422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 2.b79b8.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 767 KB
40 KB 211ms
32ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/2.b79b8.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572d4ad460041c2330034da52f69679ed5ba9091f565650fe1326f12613c00fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"bfd4a-192f568cc78"
age: 42677
cf-ray: 8dd5f2930c6e422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 04:22:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1.d1b11.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 25 KB
7 KB 214ms
36ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/1.d1b11.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a719df48c1c69bf7ff680578dca8aeeeabf1b994a333ad1f3209f9b7c9939600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"656f-192f6d1ca88"
age: 18912
cf-ray: 8dd5f2930c70422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 8.68201.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 41 KB
8 KB 229ms
51ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/8.68201.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbcd5cd5d708a4e3db029180414e479c42e701d84ace7dd50f64a364b07d8794

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"a4b8-192f6d1ca88"
age: 18912
cf-ray: 8dd5f2930c74422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 274.b2fbc.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 123 KB
21 KB 230ms
52ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/274.b2fbc.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a25e36fb70406845298d512f588963f343008af5c756ff56648797d3264713

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1ea30-192f6d1ca88"
age: 18912
cf-ray: 8dd5f2930c77422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 276.14fe2.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 65 KB
13 KB 244ms
66ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/276.14fe2.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 153ad968681542f26d318dd1b2885efbd09fddd54a5fa956d840701cee5cf92f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"10497-192f6d1ca88"
age: 18912
cf-ray: 8dd5f2930c7a422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 17.0349e.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 25 KB
8 KB 229ms
51ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/17.0349e.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e032466e7ff178312c1854350ccbc6b0da09d8be55c2935be781de74e2682dad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6385-192f6d1ca88"
age: 18912
cf-ray: 8dd5f2930c81422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 303.011ef.js Show response
cdn-assets.orangeoffer.com/_nuxt/ 2 KB
1 KB 265ms
87ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-assets.orangeoffer.com/_nuxt/303.011ef.js
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d88bae15aaf85b3054c687c87eb032eee49aa6daf00d9636d7bce78736a3195

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"82e-192f51a3f18"
age: 48179
cf-ray: 8dd5f2930c85422d-EWR
expires: Tue, 04 Nov 2025 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 02:56:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pub-8170686022786770 Show response
fundingchoicesmessages.google.com/b/ 12 KB
5 KB 52ms
49ms Script
application/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-8170686022786770

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c54e2e5a2e8829536ecabcebdb5c46318306e12389a7d75c7ad911566c8d976

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m81Ee8jLZX04g28w7dCGhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Pr9cvJNNYMfR5zOYlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDYwN9AwM4gsMAJktQHE"
content-security-policy: script-src 'report-sample' 'nonce-m81Ee8jLZX04g28w7dCGhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 mxdplpjsrz Show response
www.clarity.ms/tag/ 740 B
1 KB 213ms
63ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/mxdplpjsrz
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a1f4b1ab42a5ce0c88d79b3de71da3e3e3036ed3faba98e7ddd2447fd01d065f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 740
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/x-javascript
x-azure-ref: 20241104T162315Z-1649f4d9cb6kr9q9hC1EWRhbkn00000003pg00000000wy8x

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
75 KB 34ms
31ms Script
application/javascript 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5P5M9GV4

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e629160597356d9dc86f79966c9d1e83f4b9cfbb91c5e3426538c87500f58842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 04 Nov 2024 16:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 75965
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 icon-fold.webp
cdn-assets.orangeoffer.com/img/orangeoffer/ 638 B
715 B 115ms
115ms Image
image/webp 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-assets.orangeoffer.com/img/orangeoffer/icon-fold.webp
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c569bf5a42380717bdb0b34cf71333ac0a0e21cdfee3cb0bc3eea45a9e99a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
cf-cache-status: MISS
etag: W/"27e-192f69ad438"
cf-ray: 8dd5f2939d42422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 638
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/webp
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 orangeoffer.com.svg
cdn-assets.orangeoffer.com/img/siteLogo/ 8 KB
3 KB 222ms
188ms Image
image/svg+xml 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-assets.orangeoffer.com/img/siteLogo/orangeoffer.com.svg
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf36c6dc43022c7818de7f04aa136898adf786ab669730311ece2a084bd13ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
cf-cache-status: MISS
etag: W/"1fd8-192f69ad438"
cf-ray: 8dd5f2930c97422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/svg+xml
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 icon-search.webp
cdn-assets.orangeoffer.com/img/promocodie/ 1 KB
1 KB 108ms
107ms Image
image/webp 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-assets.orangeoffer.com/img/promocodie/icon-search.webp
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f21cf13348fb20852c706a01c315b235b62a0c3fc2c8583d533f23afa9f7fdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
cf-cache-status: MISS
etag: W/"4e0-192f69ad438"
cf-ray: 8dd5f293fdb4422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 1248
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/webp
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 icon-search.webp
cdn-assets.orangeoffer.com/img/orangeoffer/ 1 KB
2 KB 192ms
157ms Image
image/webp 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-assets.orangeoffer.com/img/orangeoffer/icon-search.webp
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d5aece22048654ac8c3bfca412a112f12ad5b11cf2e11a99d63f5cfb427b657

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
cf-cache-status: MISS
etag: W/"4de-192f69ad438"
cf-ray: 8dd5f2930c95422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 1246
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/webp
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 magguts_62fb6965a158a.webp
cdn.orangeoffer.com/mimg/merimg/202207/ 1 KB
2 KB 243ms
142ms Image
image/webp 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.orangeoffer.com/mimg/merimg/202207/magguts_62fb6965a158a.webp
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 692256de85fc569c04b4bbc6d6594b1f2e631b5fa440371b98df62d2b397e2b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cf-ray: 8dd5f2930c9a422d-EWR
cache-control: public, max-age=2678400
cf-cache-status: HIT
etag: "0eba510f92ef1425f3ad6475ec529a5e"
x-amz-request-id: BAE2FA7FCD30HYEP
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 1116
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/webp
last-modified: Wed, 07 Sep 2022 10:11:02 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: JjkIxwefduHucuB226U8ynVRM27/mhRGfQx9JUfxOz7tsUz4/ohKbhXb4l4X1ZtzuzQa3K19Dio=

GET
H2 200 icon-verified-de.webp
magguts.orangeoffer.com/img/promocodie/ 990 B
1 KB 133ms
133ms Image
image/webp 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://magguts.orangeoffer.com/img/promocodie/icon-verified-de.webp
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c091ae3ca8d585c275c123e5b6c93bd753eb7963fce14325bb6b5bb30a25822b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
cf-cache-status: MISS
etag: W/"3de-192f69ad438"
cf-ray: 8dd5f2925b62422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 990
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/webp
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 482 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de5ed8d76a9341be08c77c870d81fca3ec75264601934583bcf00f4d6895dac1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 star_active.png
cdn-assets.orangeoffer.com/img/cpw/ 1 KB
1 KB 195ms
160ms Image
image/png 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-assets.orangeoffer.com/img/cpw/star_active.png
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9081a46e5d6e34efd25190223cfd90a18d71aff550b9d1c69a95693a33f5cc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
cf-cache-status: MISS
etag: W/"49c-192f69ad438"
cf-ray: 8dd5f2930c90422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 1180
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 star_half.png
cdn-assets.orangeoffer.com/img/cpw/ 1 KB
2 KB 186ms
151ms Image
image/png 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-assets.orangeoffer.com/img/cpw/star_half.png
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a331f40b7d989a28f8b567fb4456df6f84016b2f2be9c2efb59deb6b2485781e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
cf-cache-status: MISS
etag: W/"547-192f69ad438"
cf-ray: 8dd5f2930c91422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 1351
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 star_black.png
cdn-assets.orangeoffer.com/img/cpw/ 1 KB
1 KB 188ms
153ms Image
image/png 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-assets.orangeoffer.com/img/cpw/star_black.png
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a5df4a40357c26a643745efb611532c94d369de74773c658c52a3c7652379b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
cf-cache-status: MISS
etag: W/"487-192f69ad438"
cf-ray: 8dd5f2930c8e422d-EWR
expires: Thu, 05 Dec 2024 16:23:15 GMT
accept-ranges: bytes
content-length: 1159
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: image/png
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 AGSKWxXX60tx6IymYMBK2D2Y_aheUFLyNc89F74GTXWHkcQ-Y_YwXTkhrN1WdPT_WsHg5OO1RJWFT5uihDypBNc8glGgU2Ke_geE3ZVdfEF1v2e5XOlw3g33MFoMUs6-HZhrFkHVB4I-kA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 69ms
68ms Script
application/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXX60tx6IymYMBK2D2Y_aheUFLyNc89F74GTXWHkcQ-Y_YwXTkhrN1WdPT_WsHg5OO1RJWFT5uihDypBNc8glGgU2Ke_geE3ZVdfEF1v2e5XOlw3g33MFoMUs6-HZhrFkHVB4I-kA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNzM3Mzk1LDY5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9tYWdndXRzLm9yYW5nZW9mZmVyLmNvbS8iLG51bGwsW1s4LCJZc2dPT2N0dWtySSJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMwbqyuuhMUcpzLS37P4d2w3Bpcdzg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b92839d9f734b334999a8533c8e279c204a77d4547efc8d6450d8b37d19d426

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_RylcYzc4RmjOauxUTttrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw15BiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OD6_XLyTTeDC4oabTEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhgbGBnoGBvEFBgC3d0VT"
content-security-policy: script-src 'report-sample' 'nonce-_RylcYzc4RmjOauxUTttrg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 AGSKWxXCcg-_e0z2JdR9tNaAJazTVCpvxOGI7Pf7PFVwMROzsSomFaG4x48eVXxAb5ONx5rIZ31pv-JsRFh-uEiO5b-_ng== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 141ms
70ms XHR
text/html 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXCcg-_e0z2JdR9tNaAJazTVCpvxOGI7Pf7PFVwMROzsSomFaG4x48eVXxAb5ONx5rIZ31pv-JsRFh-uEiO5b-_ng==

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uFXwsrhcbKgcMQy3Hglf_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uH4_HLxTjaBCwd7fzMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAGYZKXw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uFXwsrhcbKgcMQy3Hglf_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magguts.orangeoffer.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 434 KB
145 KB 86ms
85ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8170686022786770

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b05666618c5864534ed4cf929bfb031ea0732b5906abe19a4a75cd997dd2a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: br
etag: 1359402064133095330
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:23:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147966
x-xss-protection: 0
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 108ms
29ms Fetch
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YQW93GBH6X&gtm=45je4au0v9168395566za200&_p=1730737395536&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101823848~101878899~101878944~101925629&cid=850672019.1730737396&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1730737395&sct=1&seg=0&dl=https%3A%2F%2Fmagguts.orangeoffer.com%2F&dt=Magguts%20Discount%20Codes%2C%20Promo%20Codes.%20Sales%20%26%20Special%20Deals%20in%20November%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=793
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YQW93GBH6X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://magguts.orangeoffer.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:15 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
15ms Script
text/javascript 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/266.e6078.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
age: 6045
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:42:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 14:42:30 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 5F7C 0
0 49ms
23ms Document
text/html 2607:f8b0:4004:c19::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-5P5M9GV4

Requested by

Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/267.41141.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://magguts.orangeoffer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1128:0
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 16:23:15 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1128:0"}],}
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 1663.6ec20.js Show response
magguts.orangeoffer.com/_nuxt/ 177 KB
55 KB 125ms
125ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js
Requested by: Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.e978a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f69ec1f570becdda277db2bb06f94f202829b6ad335a117b95de2e1a8ff3cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2c596-192f6d1ce70"
cf-ray: 8dd5f294bec5422d-EWR
expires: Tue, 04 Nov 2025 16:23:16 GMT
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 1661.e1175.js Show response
magguts.orangeoffer.com/_nuxt/ 2 KB
1 KB 95ms
95ms Script
application/javascript 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magguts.orangeoffer.com/_nuxt/1661.e1175.js
Requested by: Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/runtime.e978a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d9a3a64730aaf624b87dc5cb39cef871f65b01c38a48ab6dba5e5a30fd69d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66d-192f6d1ce70"
cf-ray: 8dd5f294beca422d-EWR
expires: Tue, 04 Nov 2025 16:23:16 GMT
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 04 Nov 2024 10:56:38 GMT
vary: Accept-Encoding
server: cloudflare

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H3 200 AGSKWxWEJEA7JLWpHa0tO3DRFB2QZlk-RI77cxfYlwqxavStDPW9mSHACSM3RhBSufg7LS2hc8MYlMkfslwv38yANSNk4QrIHoDNY0OWnlpMtblQny7uxNwkt-FtKIDr2Hl4__jhqIcNIg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 44ms
43ms Script
application/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWEJEA7JLWpHa0tO3DRFB2QZlk-RI77cxfYlwqxavStDPW9mSHACSM3RhBSufg7LS2hc8MYlMkfslwv38yANSNk4QrIHoDNY0OWnlpMtblQny7uxNwkt-FtKIDr2Hl4__jhqIcNIg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNzM3Mzk2LDExMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbWFnZ3V0cy5vcmFuZ2VvZmZlci5jb20vIixudWxsLFtbOCwiWXNnT09jdHVrckkiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69be142e6309bb9ac9b1794fdcd930a00aa73964b4e790a9fa2a0b6e56c2557e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eUmts2yjRdqxWRHyg8IRFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhbg5vrxcvJNN4MX3-85KGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoYGxgZ6BgbxBQYAaHJAdA"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eUmts2yjRdqxWRHyg8IRFA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.52/ 65 KB
28 KB 22ms
21ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.52/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mxdplpjsrz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 568efa8ba0c030118578f0f0246d624e9eafaeda7a68fae4a72760ca2329f63e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

x-azure-ref: 20241104T162316Z-1649f4d9cb6kr9q9hC1EWRhbkn00000003pg00000000wyad
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCFC008A2E905F"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: 83326a88-001e-0079-7dec-2dd2ff000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Sun, 03 Nov 2024 12:10:42 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 46ms
46ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn-assets.orangeoffer.com
URL: https://cdn-assets.orangeoffer.com/_nuxt/1657.13284.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a47b60e3fe83108d7d6b7cf5528109c7520032a7efe6709c9e974bf063e5a72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://magguts.orangeoffer.com
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: br
etag: 14807218411520957021
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:23:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53310
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame BE71 0
0 42ms
15ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magguts.orangeoffer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 72551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Nov 2024 20:14:05 GMT
etag: 7893594074132303741
expires: Sun, 17 Nov 2024 20:14:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame C370 0
0 526ms
509ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730737396&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fmagguts.orangeoffer.com%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730737395757&bpp=4&bdt=273&idt=449&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=5458990054912&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C95344187%2C95344787%2C95345788%2C95345962&oid=2&pvsid=308398902999847&tmod=1428011365&uas=0&nvt=1&fsapi=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magguts.orangeoffer.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33061
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 16:23:16 GMT
expires: Mon, 04 Nov 2024 16:23:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 897D 0
0 394ms
394ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-8170686022786770&output=html&h=120&slotname=2341686216&adk=2281827064&adf=1351002786&pi=t.ma~as.2341686216&w=880&abgtt=6&lmt=1730737396&rafmt=11&format=880x120&url=https%3A%2F%2Fmagguts.orangeoffer.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730737396088&bpp=3&bdt=604&idt=191&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5458990054912&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=606&biw=1600&bih=1200&scr_x=0&scr_y=19&eid=44759875%2C44759926%2C95346097%2C95344187%2C95344787%2C95345788%2C95345962&oid=2&pvsid=308398902999847&tmod=1428011365&uas=0&nvt=1&fc=1920&brdim=140%2C140%2C140%2C140%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=203

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magguts.orangeoffer.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18898
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 16:23:16 GMT
expires: Mon, 04 Nov 2024 16:23:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
287 B 207ms
123ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://magguts.orangeoffer.com/

Response headers

Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin: https://magguts.orangeoffer.com
Date: Mon, 04 Nov 2024 16:23:16 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 178 KB
60 KB 42ms
42ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d5c3adbc4c857fcd9dc167d3b1c6b5f956b35f361d45445aba03a9ba119ce83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: br
etag: 11988679415573177678
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:23:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 61041
x-xss-protection: 0
server: cafe

GET
H3 200 ca-pub-8170686022786770 Show response
fundingchoicesmessages.google.com/i/ 196 KB
63 KB 48ms
46ms Script
application/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8170686022786770?href=https%3A%2F%2Fmagguts.orangeoffer.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7f520d42539478c3989ed72c407ca02592f0b3330ea5e28cc771528e534402

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2YOYlSG0WGXFoOY-4FpEog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4vrxcvJNNYMHZBc3MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBsYGegYG8QUGAIGeP_8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2YOYlSG0WGXFoOY-4FpEog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 821C 0
0 1ms
1ms Document
text/html 2607:f8b0:4004:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magguts.orangeoffer.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 72551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4124
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Nov 2024 20:14:05 GMT
etag: 7893594074132303741
expires: Sun, 17 Nov 2024 20:14:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST components
www.orangeoffer.com/api/ 0
0

GET
H3 200 ads.asp Show response
fundingchoicesmessages.google.com/f/AGSKWxXinFXxTNcxWQmI-JR5M6qrwS5JHW2Bok7vFVMaPjwWYPpKjIX3iVZ0dnvpbANLzhsnwuqiYIA7mf2JRKoJemXadOUdUE0ucxXgceRa4W9gEjwN7gwvL7aUuF0UOf5ejwjKW_Lx8YOfN1_DDBBzhFTUexeCx... 54 B
109 B 36ms
36ms Script
application/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXinFXxTNcxWQmI-JR5M6qrwS5JHW2Bok7vFVMaPjwWYPpKjIX3iVZ0dnvpbANLzhsnwuqiYIA7mf2JRKoJemXadOUdUE0ucxXgceRa4W9gEjwN7gwvL7aUuF0UOf5ejwjKW_Lx8YOfN1_DDBBzhFTUexeCxOU5I6aEyniwF7g8khPaNphGcj3v1_al/_/track_ad_/ads.asp?.s-result-item:-abp-has(h5.s-sponsored-header)/affiliate_show_iframe./adchoices-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwRucCMv51l-lu8z-L8hWxPWa3zzg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea6af9906d18e8807ff6c0393d021a9f4b03727cbe43dd6febf177330bb623cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h7qhWzcpGDDiZEhO2nXpDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OL68XLyTTeDH1q03mJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA2MDfQMDOILDADM2EXF"
content-security-policy: script-src 'report-sample' 'nonce-h7qhWzcpGDDiZEhO2nXpDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 72 KB
26 KB 14ms
14ms Script
text/javascript 2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eae7c63ce735cec03881270269471e56e709d5da4951cb46aea9af1fc615099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: br
etag: 5796964677923257994
age: 2500
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:41:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 04 Nov 2024 15:41:36 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26789
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 33ms
32ms XHR
text/html 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw==

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c8Chx03eJo_rjH_5zawxSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uH48nLxTjaBHxOPXGdWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGBsaGegbm8QUGAG2YKZE"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-c8Chx03eJo_rjH_5zawxSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magguts.orangeoffer.com
content-length: 0
x-xss-protection: 0
server: ESF

OPTIONS
H2 403 components
www.orangeoffer.com/api/ Frame 0
0 104ms
24ms Preflight
text/html 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.orangeoffer.com/api/components

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Origin: https://magguts.orangeoffer.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: MMcTZBO/vL7LGZjrnZtpHwtgUaqkvLgKPguvwC+chBoCXdw5nUFNLyMdll2c2EPPbXVtqvpnXaLfJZ5pcOupmJBQQsQU4zA9OK+EygXdKYzKOULcCdjY2dfHl5yLynXUBd+GFgsE5zcrAzqWW1jptQ==$Ui8PQbk0zvnVZjgsSFmkGQ==
cf-mitigated: challenge
cf-ray: 8dd5f29b7d747293-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 04 Nov 2024 16:23:17 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw==

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PNPqapX1dIgvkrGkVyIl7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ub4-nLxTjaBG5dviym5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMANYMpAw"
content-security-policy: script-src 'report-sample' 'nonce-PNPqapX1dIgvkrGkVyIl7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magguts.orangeoffer.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
35ms XHR
text/html 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw==

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z-Dmaj-Q8Td5nD4P2Fui3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ub4-nLxTjaBA4cvyii5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMALhEo4w"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Z-Dmaj-Q8Td5nD4P2Fui3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magguts.orangeoffer.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 32ms
30ms XHR
text/html 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw==

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FPAYpt2Fuyar70pnbGgp9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ub4-nLxTjaBA-vuSSm5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMAKQMo1A"
content-security-policy: script-src 'report-sample' 'nonce-FPAYpt2Fuyar70pnbGgp9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magguts.orangeoffer.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUwkqxtdA2T3CX16IeA3YWPSyzQOQ9yzX2jkpxfgvIixZVvg81t84NWoQa0ihQg47YnEIHkl5La9jeEavkavSp9XX1af0FAgBkOUwTf_ryLMcG6ocBqdMBCW1xcfDgUDudf9-PbHQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 41ms
41ms Script
application/javascript 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUwkqxtdA2T3CX16IeA3YWPSyzQOQ9yzX2jkpxfgvIixZVvg81t84NWoQa0ihQg47YnEIHkl5La9jeEavkavSp9XX1af0FAgBkOUwTf_ryLMcG6ocBqdMBCW1xcfDgUDudf9-PbHQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNzM3Mzk3LDM5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJlbiIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL21hZ2d1dHMub3Jhbmdlb2ZmZXIuY29tLyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMTgsIltbWzBdXV0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9be9d19a32dd0829dfdf1e6c7ed3e69e38601089621afaad88dfc9766b2762db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j77eKnHK66i457sm5Fic6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhbg5vr5cvJNN4ELLLzkljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjE0MDYwM9A4P4AgMAUsk_5w"
content-security-policy: script-src 'report-sample' 'nonce-j77eKnHK66i457sm5Fic6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxW2-CmJS7IpVbTM7rRjZIV4LDpFNz-PP0Xic28M5KPlhRbEGw1Xs16-WRF82Vvk0e6VUABLgFe_ehayXvz4q9gwzFuvQ5oGJvlf70j8X7BlUPXoQs6XcfFWrlYFlyXz8XkbDi0D8A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
34ms XHR
text/html 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2-CmJS7IpVbTM7rRjZIV4LDpFNz-PP0Xic28M5KPlhRbEGw1Xs16-WRF82Vvk0e6VUABLgFe_ehayXvz4q9gwzFuvQ5oGJvlf70j8X7BlUPXoQs6XcfFWrlYFlyXz8XkbDi0D8A==

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9TgPzs0Qkp7FdLI7AFzwnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ub4-nLxTjaBDRtWGCq5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMAHy8org"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9TgPzs0Qkp7FdLI7AFzwnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magguts.orangeoffer.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 36ms
35ms XHR
text/html 2607:f8b0:4004:c07::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWq1diwndb18g_nhEhHF6xWJJ6Zb2PYPfE7zqtBWBllEV7q1dalWKv3qSqsM5I4rYaJI1hya5i2tB2yXZEcMGyoBecUc9SivW8tA9Tj0Bifc2dxkpQn3GXzAU76OAKrfrwlCrYniw==

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RpnLcLRNJ8Mbfg-JNtJgZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw15BicEqfwRoCxO5aF1n9gZjh6xVWDiAW4ub4-nLxTjaBD_eXGyu5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0MDY0M9A_P4AgMAOigpEg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RpnLcLRNJ8Mbfg-JNtJgZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://magguts.orangeoffer.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=69B3962B6D474CC283C7F1397D94C2D2&RedC=c.clarity.ms&MXFR=13B13FB35EF063BA0AD72A9E5AF06D4E
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69B3962B6D474CC283C7F1397D94C2D2&MUID=00781D4E51496F3F2E43086350506ECE

42 B
442 B

40ms
39ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69B3962B6D474CC283C7F1397D94C2D2&MUID=00781D4E51496F3F2E43086350506ECE
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Mon, 04 Nov 2024 16:23:16 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=69B3962B6D474CC283C7F1397D94C2D2&MUID=00781D4E51496F3F2E43086350506ECE
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C2248ACFDCB64950AE22D1CDAC691E48 Ref B: EWR30EDGE0312 Ref C: 2024-11-04T16:23:17Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Mon, 04 Nov 2024 16:23:16 GMT
x-powered-by: ASP.NET

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 66ms
41ms XHR
application/json 2607:f8b0:4004:c1f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241030&st=env

Requested by

Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1f::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

454b4af9f5f1725847b4daaea3e454b7269c36f2ac9753810c4a1cd45857122e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12881
date: Mon, 04 Nov 2024 16:23:17 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 25ms
22ms Fetch
text/plain 2607:f8b0:4004:c17::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-YQW93GBH6X&gtm=45je4au0v9168395566za200&_p=1730737395536&gcs=G1--&gcd=13l3l3l3l5l1&npa=0&dma=0&tcfd=10000&tag_exp=101823848~101878899~101878944~101925629&cid=850672019.1730737396&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEI&sid=1730737395&sct=1&seg=0&dl=https%3A%2F%2Fmagguts.orangeoffer.com%2F&dt=Magguts%20Discount%20Codes%2C%20Promo%20Codes.%20Sales%20%26%20Special%20Deals%20in%20November%202024&_s=2&tfd=2603
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://magguts.orangeoffer.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 favicon.ico
www.orangeoffer.com/ 9 KB
3 KB 33ms
32ms Other
image/x-icon 2606:4700::6812:12da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.orangeoffer.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:12da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db660f9b501d752a085a60c61ad93d3652eb10cd824a1b2c342c2f2df450b48c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

cache-control: public, max-age=2678400
content-encoding: gzip
cf-cache-status: HIT
etag: W/"67289a53-25be"
age: 248
cf-ray: 8dd5f29f1e58422d-EWR
expires: Thu, 05 Dec 2024 16:23:17 GMT
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: image/x-icon
last-modified: Mon, 04 Nov 2024 09:56:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 55ms
16ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://magguts.orangeoffer.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 16:23:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 16:23:17 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame C8FD 0
0 43ms
16ms Document
text/html 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magguts.orangeoffer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 15:56:02 GMT
expires: Mon, 04 Nov 2024 16:46:02 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 7AF2 0
0 61ms
34ms Document
text/html 2607:f8b0:4004:c17::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Az2iBcRwaox2c7B9JIWkWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://magguts.orangeoffer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Az2iBcRwaox2c7B9JIWkWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 16:23:17 GMT
expires: Mon, 04 Nov 2024 16:23:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
287 B 29ms
27ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://magguts.orangeoffer.com/

Response headers

Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin: https://magguts.orangeoffer.com
Date: Mon, 04 Nov 2024 16:23:17 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

POST
H3 200 / Show response
sentry.impressionfox.xyz/api/7/envelope/ 41 B
771 B 412ms
254ms Fetch
application/json 2606:4700:3035::6815:105e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.impressionfox.xyz/api/7/envelope/?sentry_key=cbc9fcc6991ec6e954f338a62d732681&sentry_version=7&sentry_client=sentry.javascript.vue%2F7.108.0
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:105e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bf93bf98f87d3dc6e9a2c13950b33161f9467c04d332825ab5b2f23ca83b292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://magguts.orangeoffer.com/

Response headers

access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
cross-origin-resource-policy: cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkBJTLE7hepNvLr91Dv2nD9DVgtqo5aOIB5m2FilsUh2Anghy67H3pkD3N0fyrizscYXVJOw7B8ufPOr3XklW%2B7DAhB7blHM6htkzoVWW0PGgHL%2BZJ1p7LD7ZFA%2FegAel4mj91GEldi4VPw3dqjKSv4%2FUd%2FZWC8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dd5f2a75dcd0f69-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 41
server-timing: cfL4;desc="?proto=QUIC&rtt=8945&sent=17&recv=65&lost=0&retrans=0&sent_bytes=4309&recv_bytes=73183&delivery_rate=3296&cwnd=12000&unsent_bytes=0&cid=74492b7403522981&ts=289&x=1", cfHdrFlush;dur=0
date: Mon, 04 Nov 2024 16:23:19 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: cloudflare

POST
H/1.1 204
No Content collect Show response
s.clarity.ms/ 0
287 B 23ms
21ms XHR
text/plain 23.96.124.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clarity.ms/collect
Requested by: Host: magguts.orangeoffer.com
URL: https://magguts.orangeoffer.com/_nuxt/1663.6ec20.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://magguts.orangeoffer.com/

Response headers

Request-Context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
Access-Control-Allow-Origin: https://magguts.orangeoffer.com
Date: Mon, 04 Nov 2024 16:23:19 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.orangeoffer.com
URL: https://www.orangeoffer.com/api/components

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241030&jk=308398902999847&bg=!PzylPHPNAAbaVSD0-lU7ADQBe5WfOHFrupQVTEwddqBeUt6Th7DcjAznXeczk1ODQ-LB1UGSpPMPuhh7LbFt1Df7BcHvAgAAAEZSAAAAA2gBB34ANiqLwn3FXVLuhc6CEreNe69MBvsvcJzA2MpM7uNuTzbL1l0CNXA3oyH5Vsnb1RDdxwpr4YPbNwoATMnqhjmDVujc0G3AST3LZzy6hNcVrmpcgg-QQuafqCtMs7amW8Ze_Crz8CIp3HWjvoOfagcks3Kz8OrDz3mPyYvmrBwftquDlOhTCYyZArSyvefCI9EcbKX_a4-KaGoBuo0BCWT84cXA2BxJg75R8TUXmrlOE4fbtY5IE3GSr5isRNuCXGyrx45VRdQno3kErVtoMaIDrT5QkTfKsCY3uxPSfaFhE5PWbT0hIkNQ_hDR7nHKhYMiXbO2PGOpsd1yCAc3kj321FzAzlynWiU0aAo6MqLBdzkCyO87xTwGJirxoBGwCD55XZuNwnb3Cd_UmL4GPV1hfQjZVMF9gjg1QUeikISVT8bpRvzMIUY_yOkKSS_wytQnxRHJsA6EyOQzZr5-bFSJ-Rg93a1Qzxl2hpK7pbrh7T0plcdfSGKPWeeqXw01cVrNdNJ0xAVg_vOHSjHBgn2Syvo-4w02PMdlPmuTFLADUndSwYXcdWeXsAeCOfSozIWS6M7bQyZfa0dGoB8pARcdR3oxxTmdQ3Fxll9URVy1RyewX1089bvezRv5NqwzpcuSkTaFJ3KcRMFq75es3MifxL_PRT3AdRMhnwNK_BcDdX-ksrrdC3539hPpRC8M8bLIiBvpHnVN4HJrSQt3vqgpkhtud0oIT5HUPOGJJ4ZpgNsXczomp044O6Odp62iIoB5NXunWzNexvvh19PvwYDqnAx9_sQDz-K7MO-WPGxhQeUD2kfY81G6OTJMewlWg0K-BvYcgKuzWF2YXQF1QbfckaAt_sYgHsVwC1wZy9XFLoqJGUU3QrDPNmrYftLaJOgseTyPwIsYkovi5U5qxZbZAQzFP1lWN95hf29DkE9qZ7ra06dGBh5n7KrjIPVMKoMNQav5kZ9ZegXEaSDWjZKfjBOuV9Kv3mD5Ma60OX8oioczbwMrv6TrxU8CG9LjYk4Qvc95fhaN7OIezrJ02sYEzynA-08QqnpOarM3P95a8QlY1sJSfzPMcBMR99l2fn_GnIjB-kBQYaEzcJmTSg

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
magguts.orangeoffer.com/	1970-01-21 00:46:06	Name: merchantInfo Value: %7B%22id%22%3A6662%7D
.magguts.orangeoffer.com/	1970-01-21 00:45:39	Name: __cf_bm Value: jg_t4oP9509f3x8DSK3ZqtUfxdCFPiZy2vF.uj7sWS4-1730737395-1.0.1.1-fM09IIpAQg7VOGiYQsMrTpRfIAyP5kHvrBaTRANO6yHjMTy71g3B0aoQt3hry_gfUww1lTmPaFFlxa.rzd5OpA
www.clarity.ms/	1970-01-21 09:31:13	Name: CLID Value: 039926ac2332429b83dd980f4fe8a6df.20241104.20251104
.cdn.orangeoffer.com/	1970-01-21 00:45:39	Name: __cf_bm Value: t7jjGzCVne_wo_ExS9hwQlYsyuII0fUYz5qaMbaJvu8-1730737395-1.0.1.1-vOT4OlrqhaO7HboNKe8srgBCk3mzue5QW65bjDHX2z75Vm19lfGnx2crq_j9mMA.l7XP0Lh_EWw8cihcn.iYzA
.cdn-assets.orangeoffer.com/	1970-01-21 00:45:39	Name: __cf_bm Value: N0VmsrMbI89jIuMj7gfHToEft5EeMSV36YmRr_uZee4-1730737395-1.0.1.1-fMWXrdrP4GCZJU.UfMKFOd_egirb.sq0DcdJ6wwwJ1hMyIBJ2asELGmmUyMCchvIhWiDXlylH9kpCenOVd1Zuw
.orangeoffer.com/	1970-01-21 00:46:40	Name: _ivr Value: 255075922344109
.orangeoffer.com/	1970-01-21 00:46:40	Name: td_ray Value: 8dd5f2902fa6422d
.orangeoffer.com/	1970-01-21 10:21:37	Name: _ga Value: GA1.2.850672019.1730737396
.orangeoffer.com/	1970-01-21 00:47:03	Name: _gid Value: GA1.2.298367081.1730737396
.orangeoffer.com/	1970-01-21 09:31:13	Name: _clck Value: z7yfzk%7C2%7Cfql%7C0%7C1769
.orangeoffer.com/	1970-01-21 00:47:03	Name: _clsk Value: 10xjw73%7C1730737396646%7C1%7C1%7Cs.clarity.ms%2Fcollect
.doubleclick.net/	1970-01-21 10:21:37	Name: IDE Value: AHWqTUlu7mlFv1EKAPiGtEM6nQ610JcyNo4TNm009AbwSfbcM6NOR6PMtGwODlC_Vno
.orangeoffer.com/	1970-01-21 10:07:13	Name: __gads Value: ID=512be7bac3cb2952:T=1730737396:RT=1730737396:S=ALNI_MbD3cjT4JB9SSYYQbbYMe-3f0KjVg
.orangeoffer.com/	1970-01-21 10:07:13	Name: __gpi Value: UID=00000f57716d13a1:T=1730737396:RT=1730737396:S=ALNI_MZF14kMqHPLujdlxNT2UAKqOLkUfQ
.orangeoffer.com/	1970-01-21 05:04:49	Name: __eoi Value: ID=9d22b66d7bf31adc:T=1730737396:RT=1730737396:S=AA-AfjZ42EnQS-rL99SO6na1po3q
.criteo.com/	1970-01-21 10:07:13	Name: receive-cookie-deprecation Value: 1
magguts.orangeoffer.com/	1970-01-21 00:47:03	Name: BUILD_ID Value: m32wki6v
.orangeoffer.com/	1970-01-21 09:31:13	Name: FCNEC Value: %5B%5B%22AKsRol91qFG8RenzYLemqBwG9IJeOirKBtAQyv5q5bKGeuujFyDkirBpVeNywm_l60og7uQcf4W4kKnimvq-9VKzr8oCbLMmtwwamzK59JyzYSx2xNwwsRgtaEGKaHO9wpJJS2l9_zRxQ09sae9g7fJW-xpfgDRobg%3D%3D%22%5D%5D
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.media.net/	1970-01-21 09:31:13	Name: visitor-id Value: 3737389970813220000V10
.media.net/	1970-01-21 00:55:42	Name: data-exp Value: setstatuscode~~1
.media.net/	1970-01-21 01:05:46	Name: data-g Value: CAESEESC9kqbgrfFRjbAfjv_cys~~6
.tapad.com/	1970-01-21 02:12:01	Name: TapAd_TS Value: 1730737397404
.tapad.com/	1970-01-21 02:12:01	Name: TapAd_DID Value: 43f676d3-d57b-4144-b34f-52474a653a04
.adsrvr.org/	1970-01-21 09:31:13	Name: TDID Value: 1260f228-e9f8-4bb3-b237-505932f5014a
.adsrvr.org/	1970-01-21 09:31:13	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiK49zc4L2-PRAFGAUgASgCMgsI5rDMife9vj0QBTgB
.tapad.com/	1970-01-21 02:12:01	Name: TapAd_3WAY_SYNCS Value: 1!7432
.orangeoffer.com/	1970-01-21 10:21:37	Name: _ga_YQW93GBH6X Value: GS1.1.1730737395.1.0.1730737397.0.0.0
.www.orangeoffer.com/	1970-01-21 00:45:39	Name: __cf_bm Value: WUQakU9bOCBtm9sdtWsK0kpgvU5ef.XfwVVir2lUZ0U-1730737397-1.0.1.1-wACn24q6RZfNLvoh7AXfWUTNBgXA3RwsBv23SmKYbetC6T0iJyTM7RWOmuNdVTA5CobVJaZfaWmvsSxUeAADUQ
.bing.com/	1970-01-21 10:07:13	Name: MUID Value: 00781D4E51496F3F2E43086350506ECE
.c.bing.com/	1970-01-21 00:55:42	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:07:13	Name: SRM_B Value: 00781D4E51496F3F2E43086350506ECE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:07:13	Name: MUID Value: 00781D4E51496F3F2E43086350506ECE
.c.clarity.ms/	1970-01-21 00:55:42	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 00:45:37	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://magguts.orangeoffer.com/ Message: Access to XMLHttpRequest at 'https://www.orangeoffer.com/api/components' from origin 'https://magguts.orangeoffer.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.orangeoffer.com/api/components Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
cdn-assets.orangeoffer.com
cdn.orangeoffer.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
magguts.orangeoffer.com
pagead2.googlesyndication.com
s.clarity.ms
sentry.impressionfox.xyz
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.orangeoffer.com
ep1.adtrafficquality.google
www.orangeoffer.com
20.110.205.119
23.96.124.68
2606:4700:3035::6815:105e
2606:4700::6812:12da
2607:f8b0:4004:c07::8a
2607:f8b0:4004:c07::9c
2607:f8b0:4004:c09::84
2607:f8b0:4004:c17::64
2607:f8b0:4004:c17::6a
2607:f8b0:4004:c17::93
2607:f8b0:4004:c19::61
2607:f8b0:4004:c1d::9a
2607:f8b0:4004:c1f::9a
2620:1ec:bdf::40
2620:1ec:c11::237
12a25e36fb70406845298d512f588963f343008af5c756ff56648797d3264713
153ad968681542f26d318dd1b2885efbd09fddd54a5fa956d840701cee5cf92f
19ada5fe3febcb986a3269f46bbbb23bc469395dc4277df285493089171c84ba
3b05666618c5864534ed4cf929bfb031ea0732b5906abe19a4a75cd997dd2a70
3d5c3adbc4c857fcd9dc167d3b1c6b5f956b35f361d45445aba03a9ba119ce83
3f21cf13348fb20852c706a01c315b235b62a0c3fc2c8583d533f23afa9f7fdc
43c569bf5a42380717bdb0b34cf71333ac0a0e21cdfee3cb0bc3eea45a9e99a7
454b4af9f5f1725847b4daaea3e454b7269c36f2ac9753810c4a1cd45857122e
4702008be38fbf5be82af7abeaab3ceb9c03c0347a09fd1b3b3981c28669c9eb
4c54e2e5a2e8829536ecabcebdb5c46318306e12389a7d75c7ad911566c8d976
4eae7c63ce735cec03881270269471e56e709d5da4951cb46aea9af1fc615099
52d9a3a64730aaf624b87dc5cb39cef871f65b01c38a48ab6dba5e5a30fd69d8
568efa8ba0c030118578f0f0246d624e9eafaeda7a68fae4a72760ca2329f63e
572d4ad460041c2330034da52f69679ed5ba9091f565650fe1326f12613c00fd
66f4cb56c00bdfb4f7014abd8d94ecff6a63bf50fca90783bfe1148dec8f079e
67b2c40d906b89bc435ed6ee053be0e82c95760013ed1938b35e96aa91ccca0a
68a5df4a40357c26a643745efb611532c94d369de74773c658c52a3c7652379b
692256de85fc569c04b4bbc6d6594b1f2e631b5fa440371b98df62d2b397e2b1
69be142e6309bb9ac9b1794fdcd930a00aa73964b4e790a9fa2a0b6e56c2557e
6bf93bf98f87d3dc6e9a2c13950b33161f9467c04d332825ab5b2f23ca83b292
72f1a1bad745bb3e5aaaf41f0d34f3f6fb1ee5a1041010aa3d3748178b7e2626
75faf9a115076029d04b85b60516bccd5b2666fee5fe5ea25e47f8fdfe045923
768fd4eccbe41e081ea70f68a75f54d364994e6b5c8a945199f4f586a9cb63b3
78347a3c747de3c1e47d3ed37d39b1ade00c33650d48ced4a6e848391d4a4a60
7b92839d9f734b334999a8533c8e279c204a77d4547efc8d6450d8b37d19d426
899517e69681b3ab7e3f8bcdef83033b46ebe23712056998343b6e3f9e5d5257
8d88bae15aaf85b3054c687c87eb032eee49aa6daf00d9636d7bce78736a3195
97cd8dbc3afd3ef3c9ea8485136880153f19cc4772c82ae3d272ba8d22691a92
98f69ec1f570becdda277db2bb06f94f202829b6ad335a117b95de2e1a8ff3cd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9be9d19a32dd0829dfdf1e6c7ed3e69e38601089621afaad88dfc9766b2762db
9d5aece22048654ac8c3bfca412a112f12ad5b11cf2e11a99d63f5cfb427b657
a1f4b1ab42a5ce0c88d79b3de71da3e3e3036ed3faba98e7ddd2447fd01d065f
a331f40b7d989a28f8b567fb4456df6f84016b2f2be9c2efb59deb6b2485781e
a47b60e3fe83108d7d6b7cf5528109c7520032a7efe6709c9e974bf063e5a72f
a4b0e91c0224e32b2a4d101266b5ab619bca8d898fa629cd05dd022738124c70
a719df48c1c69bf7ff680578dca8aeeeabf1b994a333ad1f3209f9b7c9939600
a83bc44c889499e320cefa249438abeed046ce47eac4cd810b324c3c72979d53
b9081a46e5d6e34efd25190223cfd90a18d71aff550b9d1c69a95693a33f5cc5
bbcd5cd5d708a4e3db029180414e479c42e701d84ace7dd50f64a364b07d8794
c091ae3ca8d585c275c123e5b6c93bd753eb7963fce14325bb6b5bb30a25822b
cf7f520d42539478c3989ed72c407ca02592f0b3330ea5e28cc771528e534402
d73b6b68a811ee7de43f44edffc4c28d0cfbc881c583c11300da5a92e41fa437
db660f9b501d752a085a60c61ad93d3652eb10cd824a1b2c342c2f2df450b48c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5ed8d76a9341be08c77c870d81fca3ec75264601934583bcf00f4d6895dac1
e032466e7ff178312c1854350ccbc6b0da09d8be55c2935be781de74e2682dad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e629160597356d9dc86f79966c9d1e83f4b9cfbb91c5e3426538c87500f58842
ea6af9906d18e8807ff6c0393d021a9f4b03727cbe43dd6febf177330bb623cc
ecf36c6dc43022c7818de7f04aa136898adf786ab669730311ece2a084bd13ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d3dce90431d78a98155bf3fee7dd48edb0bbedf5ba3eeece6b9bd4e1ff3ded
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

magguts.orangeoffer.com Open in urlscan Pro 2606:4700::6812:12da Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

96 %HTTPS

87 %IPv6

10 Domains

17 Subdomains

15 IPs

1 Countries

1483 kBTransfer

5668 kBSize

36 Cookies

25 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

magguts.orangeoffer.com Open in urlscan Pro
2606:4700::6812:12da Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

96 %
HTTPS

87 %
IPv6

10
Domains

17
Subdomains

15
IPs

1
Countries

1483 kB
Transfer

5668 kB
Size

36
Cookies

73 HTTP transactions
2 data transactions