www.amazingoffersforyou.com Open in urlscan Pro
45.60.1.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clicklend.app/sc/_Tp4gA
Effective URL:
https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d...
Submission: On February 22 via manual (February 22nd 2021, 8:38:44 pm UTC) from US

Summary HTTP 86 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 17 domains to perform 86 HTTP transactions. The main IP is 45.60.1.61, located in United States and belongs to INCAPSULA, US. The main domain is www.amazingoffersforyou.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 3rd 2020. Valid for: a year.

This is the only time www.amazingoffersforyou.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	45.60.76.211 45.60.76.211	19551 (INCAPSULA) (INCAPSULA)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:e980:25::3d 2a02:e980:25::3d	19551 (INCAPSULA) (INCAPSULA)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
32	45.60.1.61 45.60.1.61	19551 (INCAPSULA) (INCAPSULA)
1	2a02:e980::3d 2a02:e980::3d	19551 (INCAPSULA) (INCAPSULA)
5	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	2620:1ec:46::19 2620:1ec:46::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	40.79.138.41 40.79.138.41	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
86	18

4 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

clicklend.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.76.211 (United States)

ASN19551 (INCAPSULA, US)

api.leadsmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:e980:25::3d (United States)

ASN19551 (INCAPSULA, US)

ocs.consumertransferservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 45.60.1.61 (United States)

ASN19551 (INCAPSULA, US)

cl.requesthandlers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.requesthandlers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.amazingoffersforyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:e980::3d (United States)

ASN19551 (INCAPSULA, US)

consumertransferservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.requesthandlers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.79.138.41 (Paris, France)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	requesthandlers.com cl.requesthandlers.com a.requesthandlers.com cdn.requesthandlers.com	304 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	342 KB
7	google.com www.google.com	24 KB
6	amazingoffersforyou.com www.amazingoffersforyou.com	31 KB
5	cloudflare.com cdnjs.cloudflare.com	73 KB
4	google-analytics.com www.google-analytics.com	37 KB
4	clicklend.app clicklend.app	58 KB
3	clarity.ms www.clarity.ms	20 KB
3	consumertransferservice.com ocs.consumertransferservice.com consumertransferservice.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	visualstudio.com dc.services.visualstudio.com	237 B
2	google.de www.google.de	214 B
2	doubleclick.net stats.g.doubleclick.net	183 B
2	yimg.com s.yimg.com	7 KB
2	googletagmanager.com www.googletagmanager.com	75 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	leadsmarket.com api.leadsmarket.com	826 B
86	17

	Domain	Requested by
18	cl.requesthandlers.com	clicklend.app cl.requesthandlers.com www.amazingoffersforyou.com
8	a.requesthandlers.com	cl.requesthandlers.com
7	www.google.com	clicklend.app www.amazingoffersforyou.com cl.requesthandlers.com www.gstatic.com www.google.com
6	www.amazingoffersforyou.com	cl.requesthandlers.com www.amazingoffersforyou.com
5	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	cdnjs.cloudflare.com	clicklend.app cl.requesthandlers.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	cdn.requesthandlers.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	clicklend.app	clicklend.app
3	www.clarity.ms	clicklend.app www.clarity.ms az416426.vo.msecnd.net
3	fonts.googleapis.com	clicklend.app cl.requesthandlers.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	ocs.consumertransferservice.com	cdnjs.cloudflare.com
2	www.google.de	clicklend.app www.amazingoffersforyou.com
2	stats.g.doubleclick.net	www.google-analytics.com az416426.vo.msecnd.net
2	s.yimg.com	clicklend.app s.yimg.com
2	www.googletagmanager.com	clicklend.app www.amazingoffersforyou.com
1	az416426.vo.msecnd.net	www.amazingoffersforyou.com
1	consumertransferservice.com	cl.requesthandlers.com
1	api.leadsmarket.com	cdnjs.cloudflare.com
86	21

This site contains no links.

Subject Issuer	Validity	Valid
www.clicklend.app Sectigo RSA Domain Validation Secure Server CA	`2020-08-21` - `2021-08-21`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.leadsmarket.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2022-03-27`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-21` - `2021-04-06`	a month	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.consumertransferservice.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2021-10-17`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.requesthandlers.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-08-18`	2 years	crt.sh
*.amazingoffersforyou.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-03` - `2021-11-22`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-02-11` - `2022-02-11`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
snic829gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-07-09` - `2021-06-23`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
Frame ID: 3FA3A6922F8E266794C0BFD89EDA232B
Requests: 50 HTTP requests in this frame

Frame: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
Frame ID: 0D06C63662BDEA5BDFE9988FD281E9EA
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
Frame ID: 7A8C0C9129835DEFE903CCDB5BF7F586
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://clicklend.app/sc/_Tp4gA HTTP 307
https://clicklend.app/sc/_Tp4gA Page URL
https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a Page URL
https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

Kestrel (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Page Statistics

86
Requests

100 %
HTTPS

83 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

997 kB
Transfer

2613 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clicklend.app/sc/_Tp4gA HTTP 307
https://clicklend.app/sc/_Tp4gA Page URL
https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a Page URL
https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://clicklend.app/sc/_Tp4gA HTTP 307
https://clicklend.app/sc/_Tp4gA

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

_Tp4gA Show response
clicklend.app/sc/
Redirect Chain

http://clicklend.app/sc/_Tp4gA
https://clicklend.app/sc/_Tp4gA

11 KB
11 KB

419ms
141ms

Document
text/html

2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

ec2d33ab8bae131685fa623cd720e82d79e209953bf5d71d75a02b392f1197d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: clicklend.app
:scheme: https
:path: /sc/_Tp4gA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 22 Feb 2021 20:38:20 GMT
server: Kestrel
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET

Redirect headers

Location: https://clicklend.app/sc/_Tp4gA
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 5 KB
719 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,800

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c980b0e2688b00ee5a1913a7f5eec8036bb7c480bc1b7dfdbef09e24de4dbadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 20:33:01 GMT
server: ESF
date: Mon, 22 Feb 2021 20:38:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Feb 2021 20:38:20 GMT

GET
H2 200 style.css
clicklend.app/css/ 31 KB
32 KB 92ms
91ms Stylesheet
text/css 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://clicklend.app/css/style.css?v=-TpArcQfp2myPqQ_hIOtBsc9HjgmI1MtvHHgByve5VA

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/78B3) / ASP.NET

Resource Hash

f93a40adc41fa769b23ea43f8483ad06c73d1e382623532dbc71e0072bdee550

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:20 GMT
etag: "1d6eaa4b5d23fb9"
last-modified: Thu, 14 Jan 2021 18:40:20 GMT
server: ECAcc (nya/78B3)
age: 539393
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
x-cache: HIT
content-type: text/css
accept-ranges: bytes
content-length: 32185

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 31ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 664174
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27277
cf-request-id: 086d0ff4cc0000d6f5ed139000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BS%2Ff%2F7j2rQ2YMR%2BDft4MgCQW5cUpBjnjpj4NTmBAjpBxG4FBMRlasKdTQKWRgsTEFjr2cpuoKJ%2FtpZ%2FJedWWR1%2Bgxl7gW25IfZ%2B8BiA9M7LYmJ7EuAP1jBu4AlpaCt4V1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 625b829ae884d6f5-FRA
expires: Sat, 12 Feb 2022 20:38:20 GMT

GET
H2 200 proc.js Show response
clicklend.app/js/ 3 KB
3 KB 178ms
178ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://clicklend.app/js/proc.js?v=n0RwUVDYPtuMbBUsVPGlFvlxzYVTUzOeZtndn5-LlaA

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/1C48) / ASP.NET

Resource Hash

9f44705150d83edb8c6c152c54f1a516f971cd855353339e66d9dd9f9f8b95a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:20 GMT
etag: "1d6eaa4b5d24e80"
last-modified: Thu, 14 Jan 2021 18:40:20 GMT
server: ECAcc (nya/1C48)
age: 539393
x-powered-by: ASP.NET
strict-transport-security: max-age=2592000
x-cache: HIT
content-type: application/javascript
accept-ranges: bytes
content-length: 3200

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
44 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TNP7LR

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c3094cca8ca75978f9c0049831ee429de2053dce793d1eeb3bacb34b58571d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45082
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 18:11:49 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Feb 2021 20:38:20 GMT

GET
H2 200 / Show response
api.leadsmarket.com/hit/ 147 B
826 B 258ms
180ms Script
text/javascript 45.60.76.211
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadsmarket.com/hit/?responsetype=json&c=255184&callback=jQuery32100033287565661550556_1614026300810&_=1614026300811
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.76.211 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: aeca519244aa54b69e0e9b0cdbba341702e8e2c6babfd9323c17400b9df856bd

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:20 GMT
content-encoding: gzip
x-cdn: Imperva
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 10-4445472-4425439 pNNN RT(1614026300803 0) q(0 0 0 0) r(1 1) U5
cache-control: private
content-length: 262

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNP7LR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6698
date: Mon, 22 Feb 2021 18:46:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Feb 2021 20:46:42 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 20ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 22 Feb 2021 19:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3066
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: 0Fk5Bg7tgzM2yNuKqO8d8I57/Q34bo4o6qdyLARoZW8cx59BPAFMOjNLVn4m0SOmgYlRsRduOII=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 64735BA73D47C1FE
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
64 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=623118124&t=pageview&_s=1&dl=https%3A%2F%2Fclicklend.app%2Fsc%2F_Tp4gA&ul=en-us&de=UTF-8&dt=Personal%20Loans%20%7C%20%24500%20-%20%245%2C000%20%7C%20As%20Fast%20as%2024%20hrs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1525223672&gjid=1803670824&cid=1056136370.1614026301&tid=UA-85818623-2&_gid=226856227.1614026301&_r=1&gtm=2wg230TNP7LR&cd2=1614026300862.pi6tqz6&cd3=2021-02-22T21%3A38%3A20.862%2B01%3A00&cd4=Loan%20Websites&cd5=US%20Short%20Term%20Loan%20Websites&cd6=Websites%20Used%20by%20Publishers&cd8=clicklend.app&z=1760781039

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 20:38:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://clicklend.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10063681.json Show response
s.yimg.com/wi/config/ 2 B
494 B 115ms
102ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10063681.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: BD208D9201FBBC46
x-amz-id-2: U+kmbzHVSSnqE38QfgAmIIYGXp0C7cBmOrnjfaHYxltrChKFsOAEaTnKoltI1Hm2hsXRyLLlNhU=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-85818623-2&cid=1056136370.1614026301&jid=1525223672&gjid=1803670824&_gid=226856227.1614026301&_u=YEBAAAAAAAAAAC~&z=34315367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Feb 2021 20:38:20 GMT
content-type: text/plain
access-control-allow-origin: https://clicklend.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 31ms
31ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-85818623-2&cid=1056136370.1614026301&jid=1525223672&_u=YEBAAAAAAAAAAC~&z=471675115

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 20:38:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-85818623-2&cid=1056136370.1614026301&jid=1525223672&_u=YEBAAAAAAAAAAC~&z=471675115

Requested by

Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 20:38:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 Proc
ocs.consumertransferservice.com/api/ Frame 0
0 3165ms
171ms Other 2a02:e980:25::3d
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ocs.consumertransferservice.com/api/Proc

Protocol

Server

2a02:e980:25::3d , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://clicklend.app
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
content-security-policy: block-all-mixed-content
date: Mon, 22 Feb 2021 20:38:23 GMT
feature-policy: sync-xhr 'self'
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: Deny
x-xss-protection: 1
x-cdn: Imperva
x-iinfo: 9-5085678-5079795 pNNN RT(1614026303440 0) q(0 0 0 0) r(2 2) U5

POST
H2 404 Proc Show response
ocs.consumertransferservice.com/api/ 133 B
574 B 168ms
167ms XHR
application/problem+json 2a02:e980:25::3d
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://ocs.consumertransferservice.com/api/Proc

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:25::3d , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89715f0229933ec42b900807a3b806d79e95dc6225c43921e35652cc2c7a1410

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	Deny
X-Xss-Protection	1

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://clicklend.app/sc/_Tp4gA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: block-all-mixed-content
content-encoding: gzip
referrer-policy: no-referrer
x-cdn: Imperva
date: Mon, 22 Feb 2021 20:38:23 GMT
x-frame-options: Deny
content-type: application/problem+json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 9-5085699-5079795 pNYN RT(1614026303609 0) q(0 0 0 -1) r(1 1) U5
feature-policy: sync-xhr 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1

GET
H2 200 background-expired.jpg
clicklend.app/images/ 11 KB
12 KB 160ms
159ms Image
image/jpeg 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clicklend.app/images/background-expired.jpg

Requested by

Host: clicklend.app
URL: https://clicklend.app/css/style.css?v=-TpArcQfp2myPqQ_hIOtBsc9HjgmI1MtvHHgByve5VA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

58db8ca3ffa85da7cbd0e565b86426db16b1778f94e6d50d75cf842c0ba719aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://clicklend.app/css/style.css?v=-TpArcQfp2myPqQ_hIOtBsc9HjgmI1MtvHHgByve5VA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:24 GMT
last-modified: Thu, 14 Jan 2021 18:40:20 GMT
server: Kestrel
x-powered-by: ASP.NET
etag: "1d6eaa4b5d26fdf"
strict-transport-security: max-age=2592000
content-type: image/jpeg
accept-ranges: bytes
content-length: 11743

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://clicklend.app
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:12:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 1560
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Tue, 22 Feb 2022 20:12:24 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://clicklend.app
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 15:30:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 104849
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Mon, 21 Feb 2022 15:30:55 GMT

GET
H/1.1 200
OK Cookie set / Show response
cl.requesthandlers.com/ 2 KB
2 KB 311ms
210ms Document
text/html 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a

Requested by

Host: clicklend.app
URL: https://clicklend.app/js/proc.js?v=n0RwUVDYPtuMbBUsVPGlFvlxzYVTUzOeZtndn5-LlaA

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

a2c1dfdb0c537e948e8717b8166a5f59819b3f7d6123e8988862e408349e5361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cl.requesthandlers.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://clicklend.app/sc/_Tp4gA
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://clicklend.app/sc/_Tp4gA

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 22 Feb 2021 20:38:31 GMT
Etag: "64b250c911f0d61:0"
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Set-Cookie: nlbi_2205646=E/WkbWMuJAqqjpeM0GaKUgAAAAAT9HOOTRRu0MND9OXtxdHe; path=/; Domain=.requesthandlers.com visid_incap_2205646=iCcAt5K8TwCIzO0EsUuBxkcWNGAAAAAAQUIPAAAAAABkXyR+mJkcNB+ZK/O3P1f9; expires=Tue, 22 Feb 2022 14:21:24 GMT; HttpOnly; path=/; Domain=.requesthandlers.com incap_ses_876_2205646=d1+wMjGe/hyWEPiwoS0oDEcWNGAAAAAAlo8zqB7EQPuAYopB+4fGfA==; path=/; Domain=.requesthandlers.com ___utmvmlkuRfwcZ=JZmpQFNnadE; path=/; Max-Age=900 ___utmvalkuRfwcZ=OFqIEph; path=/; Max-Age=900 ___utmvblkuRfwcZ=iZB XrfOUala: ttd; path=/; Max-Age=900
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 7-1761847-1723994 pNNN RT(1614026311060 44) q(0 0 0 12) r(1 1) U5

GET
H/1.1 200
OK rcannot-some-you-not-Some-Minde-and-to-more-Banq Show response
cl.requesthandlers.com/ 122 KB
40 KB 42ms
41ms Script
text/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: 02de7e0ac8cc011b71aa49b097e62bb6a92d36cbb17060fec9545d132019c99f

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:31 GMT
content-encoding: gzip
server: connector
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
X-Iinfo: 7-1761847-1761865 NNNN CT(2 5 0) RT(1614026311060 261) q(0 0 0 -1) r(0 0) U5
cache-control: public, max-age=60
server-timing: bon, total;dur=0.370375
keep-alive: timeout=5
X-CDN: Imperva

GET
H/1.1 200
OK main.08360d0fb3c040342cf8.css
cl.requesthandlers.com/ 43 KB
5 KB 230ms
187ms Stylesheet
text/css 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b0d2cd1e042e0f54b24a6731ca8f7ca0ea35b02b0f0b1072308ef2291d378c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Etag: "8091ebc811f0d61:0"
Vary: Accept-Encoding
Content-Type: text/css
X-Iinfo: 13-4489307-4198052 pNNN RT(1614026311341 22) q(0 0 0 -1) r(2 2) U5
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Content-Length: 3961
X-CDN: Imperva

GET
H2 200 css
fonts.googleapis.com/ 2 KB
658 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e5637ea03cdf817f62591f545db7036cfef91733b0492df8765748e030b6720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 20:22:33 GMT
server: ESF
date: Mon, 22 Feb 2021 20:38:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Feb 2021 20:38:31 GMT

GET
H2 200 fetch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fetch/2.0.4/ 7 KB
3 KB 19ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fetch/2.0.4/fetch.min.js

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78e52891bfd18c3c3b912faf0f06dab4dacb37c048bef12194b339ca881c0c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 563352
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2218
cf-request-id: 086d1020350000d6f584933000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e59-1c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vM4PFtZT19xlUyYoPjnYHiss%2BV3Ew%2FGu%2BErJSZavqzvBDqKJygP4slRGF4Ow3LIugUKGGyPHkOkZNPsY%2BkF7eR5bTTnGpGNpawFr%2B2OCxnf33ffK5vux4lkmGeF%2FBypzOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 625b82e05b96d6f5-FRA
expires: Sat, 12 Feb 2022 20:38:31 GMT

GET
H2 200 bluebird.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bluebird/3.7.2/ 80 KB
21 KB 15ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.7.2/bluebird.min.js

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5da4364c94b11a9e56f0d0388439082ef6d3b29c15255ac17bad40abe0c248

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 369348
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20633
cf-request-id: 086d1020350000d6f5a1858000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-13e7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1y1HguygT1IjrCXeHVqOdBHlZa%2F6kbrmknCdfRbHXKslMHUAAlMNBKr%2BTD1fxoL2lKRwX88%2F9Z%2FdSYy24k9y7CHuT52bWIbK9LRHd%2BfGwE1TBkMjSF9Kml3ljg%2FscLEP4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 625b82e05b98d6f5-FRA
expires: Sat, 12 Feb 2022 20:38:31 GMT

GET
H/1.1 200
OK main.d71e9e5e71e05a7ac252.js Show response
cl.requesthandlers.com/ 42 KB
14 KB 226ms
184ms Script
application/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

157ae8ad100f689694ae324353b6382d13fe31e40d19f80f7dcc7efea8dca5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Etag: "8091ebc811f0d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Iinfo: 12-3828856-3714486 pNNN RT(1614026311341 22) q(0 0 0 -1) r(2 2) U5
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Content-Length: 13520
X-CDN: Imperva

GET
H/1.1 200
OK _Incapsula_Resource Show response
cl.requesthandlers.com/ 132 KB
20 KB 88ms
29ms Script
application/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1900125740
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 6afd9dabd714aef2804562fbe773c4de0daa8e230ad5117e2b1c4b9effc9a97b

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 19319
Content-Type: application/javascript

GET
H/1.1 200
OK 00df1cc16fd538146239e7f27aaa7a80.gif
cl.requesthandlers.com/ 5 KB
5 KB 178ms
178ms Image
image/gif 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cl.requesthandlers.com/00df1cc16fd538146239e7f27aaa7a80.gif

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b0e55d808246271a2eee843a1def491b589e3674c269fc625ae79dded13b3cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:42 GMT
Server: Microsoft-IIS/10.0
Etag: "9331eac811f0d61:0"
Content-Type: image/gif
X-Iinfo: 12-3828856-3714486 sNNN RT(1614026311341 228) q(0 0 0 -1) r(2 2) U5
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Content-Length: 4924
X-CDN: Imperva

OPTIONS
H/1.1 204
No Content trace
a.requesthandlers.com/api/ Frame 0
0 470ms
374ms Other 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/trace
Protocol: HTTP/1.1
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-correlation-id
Origin: https://cl.requesthandlers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-correlation-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Mon, 22 Feb 2021 20:38:31 GMT
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2
Server: Microsoft-IIS/10.0
Vary: Origin
X-Correlation-Id: 92aa16b8-3170-4a26-9d4f-a7a70c5dac12
X-Powered-By: ASP.NET
X-CDN: Imperva
X-Iinfo: 7-1761877-1723994 pNNN RT(1614026311622 47) q(0 0 0 2) r(4 4) U5

POST
H/1.1 200
OK trace
a.requesthandlers.com/api/ 0
0 497ms
491ms Fetch 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://a.requesthandlers.com/api/trace

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

x-correlation-id: c71754cf-c161-4a8d-9b55-c3b15a434d94
Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 22 Feb 2021 20:38:32 GMT
X-Correlation-Id: c71754cf-c161-4a8d-9b55-c3b15a434d94
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Origin
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 2-230269-230271 nNNN RT(1614026312292 60) q(0 1 3 0) r(5 5) U5
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=2592000
Content-Length: 0
X-CDN: Imperva
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2

GET
H2 200 clickbrain.ashx Show response
consumertransferservice.com/misc/ 36 B
651 B 388ms
186ms Script
text/javascript 2a02:e980::3d
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://consumertransferservice.com/misc/clickbrain.ashx?callback=__jp0
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980::3d , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e7d658d195f811eadf472163b3b9f540160879e76385342891eaabd314f81859

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:31 GMT
content-encoding: gzip
x-cdn: Imperva
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-iinfo: 13-90179926-90175320 pNNN RT(1614026312088 0) q(0 0 0 7) r(1 1) U5
cache-control: private
content-length: 157

GET
H/1.1 200
OK _Incapsula_Resource
cl.requesthandlers.com/ 1 B
123 B 21ms
21ms Image
text/plain 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cl.requesthandlers.com/_Incapsula_Resource?SWKMTFSR=1&e=0.644991008910706
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

POST
H/1.1 200
OK rcannot-some-you-not-Some-Minde-and-to-more-Banq Show response
cl.requesthandlers.com/ 612 B
1 KB 40ms
40ms Fetch
application/json 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq?d=cl.requesthandlers.com
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: 5f00da0f85410aa9293df7a3bc8052b485cf7edc53e4a44d76e41e64d744b44d

Request headers

Accept: application/json; charset=utf-8
Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 22 Feb 2021 20:38:31 GMT
Content-Encoding: gzip
server: connector
Transfer-Encoding: chunked
content-type: application/json
access-control-allow-origin: *
X-Iinfo: 12-3828856-3828948 NNYN CT(2 4 0) RT(1614026311341 493) q(0 0 0 -1) r(0 0) U5
cache-control: no-cache, no-store
server-timing: bon, total;dur=3.432841
keep-alive: timeout=5
X-CDN: Imperva

OPTIONS
H/1.1 204
No Content rdr
a.requesthandlers.com/api/ Frame 0
0 260ms
181ms Other 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/rdr
Protocol: HTTP/1.1
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-correlation-id
Origin: https://cl.requesthandlers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-correlation-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Mon, 22 Feb 2021 20:38:32 GMT
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2
Server: Microsoft-IIS/10.0
Vary: Origin
X-Correlation-Id: e57f0f8b-f105-437f-b589-9a2548368e5e
X-Powered-By: ASP.NET
X-CDN: Imperva
X-Iinfo: 7-1761877-1723994 sNNN RT(1614026311622 421) q(0 0 0 -1) r(2 2) U5

POST
H/1.1 200
OK rdr Show response
a.requesthandlers.com/api/ 343 B
1 KB 570ms
520ms Fetch
application/json 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://a.requesthandlers.com/api/rdr

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

717294fb426452ab4d276219dc30a1772c3e896eeeb668cf052857a4602617da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

x-correlation-id: c71754cf-c161-4a8d-9b55-c3b15a434d94
Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 22 Feb 2021 20:38:32 GMT
X-Correlation-Id: c71754cf-c161-4a8d-9b55-c3b15a434d94
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 9-272817-272818 nNYN RT(1614026312552 26) q(0 1 3 0) r(5 5) U5
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Transfer-Encoding: chunked
X-CDN: Imperva
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2

GET
H2 200 Primary Request / Show response
www.amazingoffersforyou.com/ 3 KB
2 KB 672ms
614ms Document
text/html 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4e304d8d11ebef674b45e74a04f7e8de4e2f6a045709543395949e01aff17bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.amazingoffersforyou.com
:scheme: https
:path: /?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cl.requesthandlers.com/?channel=decline&campaignid=90331b21-d5f2-45a6-9846-9d02e3686e2a

Response headers

accept-ranges: bytes
cache-control: no-cache,max-age=864000
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 22 Feb 2021 20:38:33 GMT
etag: "80883a72ada6d61:0"
last-modified: Tue, 20 Oct 2020 06:51:33 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
set-cookie: visid_incap_2205651=b9oSDDmcTJKzdrAoQB3VYEgWNGAAAAAAQUIPAAAAAAAiwmZont11r2YurOJK65In; expires=Tue, 22 Feb 2022 10:59:58 GMT; HttpOnly; path=/; Domain=.amazingoffersforyou.com nlbi_2205651=j06XAkQnlmhtIc7BiN4e4QAAAAAy0NtT42Pd/EfKdLa70m0G; path=/; Domain=.amazingoffersforyou.com incap_ses_449_2205651=PW/pYaCVPkw0SM6Ddys7BkgWNGAAAAAAJqk2VuM2qYbEAkIFLX8w2A==; path=/; Domain=.amazingoffersforyou.com
x-cdn: Imperva
x-iinfo: 4-60170781-60170782 NNNN CT(147 303 0) RT(1614026312399 0) q(0 1 5 0) r(6 6) U5

GET
H/1.1 200
OK loader.js Show response
cl.requesthandlers.com/ 24 KB
10 KB 175ms
174ms Script
application/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.requesthandlers.com/loader.js

Requested by

Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

6521aa5525908f3d5cb8f039bf0167f17a49fb80fb30604be2fa16fd8dc09d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Etag: "8091ebc811f0d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Iinfo: 12-3828856-3714486 pNNN RT(1614026311341 2137) q(0 0 0 0) r(2 2) U5
X-Xss-Protection: 1; mode=block
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 8638
X-CDN: Imperva

GET
H2 200 style.6aabdecbf2f1797ec673.css
www.amazingoffersforyou.com/ 1 KB
935 B 169ms
169ms Stylesheet
text/css 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazingoffersforyou.com/style.6aabdecbf2f1797ec673.css

Requested by

Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

0e715b5fe0b6a1cd9feed24728483d7946a3781cc1f6a7abe3883ffe38984907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 06:51:33 GMT
server: Microsoft-IIS/10.0
etag: "7117cb72ada6d61:0"
x-frame-options: SAMEORIGIN
content-type: text/css
x-iinfo: 4-60170845-60170782 PNNN RT(1614026313021 0) q(0 0 0 -1) r(1 1) U5
x-xss-protection: 1; mode=block
cache-control: max-age=864000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 808
x-cdn: Imperva

GET
H2 200 bundle.6aabdecbf2f1797ec673.js Show response
www.amazingoffersforyou.com/ 1022 B
789 B 618ms
617ms Script
application/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amazingoffersforyou.com/bundle.6aabdecbf2f1797ec673.js

Requested by

Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5a98c56d1e35e66d217274d7e5089ccf48d4f9fa628e8f3e599df5282938d97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 06:51:33 GMT
server: Microsoft-IIS/10.0
etag: "6e6a9b72ada6d61:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-iinfo: 4-60170846-60170847 NNNN CT(150 301 0) RT(1614026313023 0) q(0 0 4 -1) r(6 6) U5
x-xss-protection: 1; mode=block
cache-control: max-age=864000
accept-ranges: bytes
vary: Accept-Encoding
content-length: 669
x-cdn: Imperva

GET
H2 200 _Incapsula_Resource Show response
www.amazingoffersforyou.com/ 126 KB
18 KB 24ms
23ms Script
application/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amazingoffersforyou.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1315929191
Requested by: Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 4651aab74eb2427ef452571fba1d07a3b474b86fea0eb506d42456af02348f2c

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 18290
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
30 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TMQ9DDX

Requested by

Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fc0ef9cd878b61aebca8cb417c7a40b7ae44c0e2ce637808d5176c7c72fedfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31047
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 18:11:49 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Feb 2021 20:38:34 GMT

GET
H2 200 c2fa52c1913afb5e0758a3dc2b153e81.png
www.amazingoffersforyou.com/ 8 KB
8 KB 167ms
167ms Image
image/png 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.amazingoffersforyou.com/c2fa52c1913afb5e0758a3dc2b153e81.png

Requested by

Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/style.6aabdecbf2f1797ec673.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ea8488295d448feb86e380c6dbafcb0eed8af12ef0e81888d657ebcddd161705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.amazingoffersforyou.com/style.6aabdecbf2f1797ec673.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 06:51:33 GMT
server: Microsoft-IIS/10.0
etag: "6bf3a472ada6d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 4-60170868-60170782 PNNN RT(1614026313208 0) q(0 0 0 -1) r(1 1) U5
x-xss-protection: 1; mode=block
cache-control: max-age=864000
accept-ranges: bytes
content-length: 8516
x-cdn: Imperva

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 27ms
7ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Feb 2021 20:38:34 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 496
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Fri, 23 Oct 2020 22:12:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D877A0CD108633
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5ce0bff1-501e-0088-0c59-09726f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Mon, 22 Feb 2021 21:08:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMQ9DDX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 6712
date: Mon, 22 Feb 2021 18:46:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Feb 2021 20:46:42 GMT

GET
H2 200 3x6u6k9qss Show response
www.clarity.ms/tag/ 818 B
1 KB 142ms
124ms Script
application/x-javascript 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3x6u6k9qss
Requested by: Host: clicklend.app
URL: https://clicklend.app/sc/_Tp4gA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c9a539d74cb697db0fba8c7c9eebf19182d238b890e5b5f36c2994d9e6720969

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:33 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0ShY0YAAAAABYOgKebOgOTbZkv7gJiXxURlJBRURHRTEwMTQANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f
expires: -1

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
75 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=170218131&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amazingoffersforyou.com%2F%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&dr=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&ul=en-us&de=UTF-8&dt=You%20Can%20Still%20Get%20Your%20Cash!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1058757814&gjid=320467788&cid=769677157.1614026314&tid=UA-121799710-1&_gid=1854442069.1614026314&_r=1&gtm=2wg230TMQ9DDX&z=1315553010

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 20:38:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.amazingoffersforyou.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
97 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-121799710-1&cid=769677157.1614026314&jid=1058757814&gjid=320467788&_gid=1854442069.1614026314&_u=YEBAAEAAAAAAAC~&z=1531859182

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Feb 2021 20:38:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.amazingoffersforyou.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 32ms
30ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121799710-1&cid=769677157.1614026314&jid=1058757814&_u=YEBAAEAAAAAAAC~&z=88056987

Requested by

Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 20:38:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-121799710-1&cid=769677157.1614026314&jid=1058757814&_u=YEBAAEAAAAAAAC~&z=88056987

Requested by

Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Feb 2021 20:38:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/scus/s/0.6.4/ 44 KB
19 KB 124ms
123ms Script
application/javascript 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/s/0.6.4/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3x6u6k9qss
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:33 GMT
content-encoding: br
etag: "1d6ff48e8a7bd02"
last-modified: Wed, 10 Feb 2021 01:06:06 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0ShY0YAAAAABAYGEhj1BZSIM3Bqa1re8BRlJBRURHRTEwMTQANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

GET
H/1.1 200
OK Cookie set / Show response
cl.requesthandlers.com/ Frame 0D06 2 KB
2 KB 191ms
191ms Document
text/html 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/loader.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

5be2f1c49d3f9ee4ce079212a93765c2210b5d391b61f0aa771f7b355c837f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: cl.requesthandlers.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 22 Feb 2021 20:38:33 GMT
Etag: "64b250c911f0d61:0"
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Set-Cookie: nlbi_2205646=EyTCWahiwn0amRho0GaKUgAAAADiEOT2a2CkDsX7pW7t26Ak; path=/; Domain=.requesthandlers.com visid_incap_2205646=cHt4IGsQShq9z+7gSRz5NUkWNGAAAAAAQUIPAAAAAAD+45+JRTRJOEsCDVyI52kC; expires=Tue, 22 Feb 2022 14:21:25 GMT; HttpOnly; path=/; Domain=.requesthandlers.com incap_ses_876_2205646=FRG8dzGOEAz2EviwoS0oDEoWNGAAAAAAQ7YZiN7MYpnVCx8g4GXVzQ==; path=/; Domain=.requesthandlers.com ___utmvmlkuRfwcZ=ysjaNqwPzPP; path=/; Max-Age=900 ___utmvalkuRfwcZ=veOyeKw; path=/; Max-Age=900 ___utmvblkuRfwcZ=oZK XzyObalg: ytj; path=/; Max-Age=900
X-CDN: Imperva
Transfer-Encoding: chunked
X-Iinfo: 12-3828856-3714486 sNNN RT(1614026311341 2760) q(0 0 0 14) r(1 1) U5

GET
H2 200 _Incapsula_Resource
www.amazingoffersforyou.com/ 1 B
267 B 15ms
15ms Image
text/plain 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.amazingoffersforyou.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9729003782282213
Requested by: Host: www.amazingoffersforyou.com
URL: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H/1.1 200
OK rcannot-some-you-not-Some-Minde-and-to-more-Banq Show response
cl.requesthandlers.com/ Frame 0D06 122 KB
40 KB 32ms
32ms Script
text/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: 02de7e0ac8cc011b71aa49b097e62bb6a92d36cbb17060fec9545d132019c99f

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:34 GMT
content-encoding: gzip
server: connector
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
X-Iinfo: 12-3828856-3828948 PNNN RT(1614026311341 2958) q(0 0 0 0) r(1 1) U5
cache-control: public, max-age=60
server-timing: bon, total;dur=0.318324
keep-alive: timeout=5
X-CDN: Imperva

GET
H/1.1 200
OK main.08360d0fb3c040342cf8.css
cl.requesthandlers.com/ Frame 0D06 43 KB
5 KB 471ms
470ms Stylesheet
text/css 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b0d2cd1e042e0f54b24a6731ca8f7ca0ea35b02b0f0b1072308ef2291d378c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Etag: "8091ebc811f0d61:0"
Vary: Accept-Encoding
Content-Type: text/css
X-Iinfo: 13-4489307-4489849 nNNN RT(1614026311341 2958) q(0 1 3 0) r(5 5) U5
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Content-Length: 3961
X-CDN: Imperva

GET
H2 200 css
fonts.googleapis.com/ Frame 0D06 2 KB
658 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e5637ea03cdf817f62591f545db7036cfef91733b0492df8765748e030b6720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Feb 2021 18:47:26 GMT
server: ESF
date: Mon, 22 Feb 2021 20:38:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Feb 2021 20:38:34 GMT

GET
H2 200 fetch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fetch/2.0.4/ Frame 0D06 7 KB
3 KB 17ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fetch/2.0.4/fetch.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78e52891bfd18c3c3b912faf0f06dab4dacb37c048bef12194b339ca881c0c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 563355
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2218
cf-request-id: 086d102bda0000d6f59c2e1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e59-1c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K8fL0awpuAZe8jvQlmGQeKD9duP0YxbJ%2Fjt8ciOQoPCHPCMa4%2BAdqKWM%2BJPzVMj47Vo8P1WSPSauC52uaTdIj5kl0c6O1GlGYrYU9Hl79vJD1r41eAEdmSCuNPUlF5RVuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 625b82f2f989d6f5-FRA
expires: Sat, 12 Feb 2022 20:38:34 GMT

GET
H2 200 bluebird.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bluebird/3.7.2/ Frame 0D06 80 KB
20 KB 18ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bluebird/3.7.2/bluebird.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5da4364c94b11a9e56f0d0388439082ef6d3b29c15255ac17bad40abe0c248

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 369351
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20633
cf-request-id: 086d102bda0000d6f5d4bd1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-13e7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hxhrl4b5rz%2FRx8X90qL5L7U6LZMUBM3ypQjT%2FvftlUQ8NlCB2cubrKu9mk%2FuuvE60CLpo%2BfU1NYncMk64NyyTpv1t%2FPb%2FmJ3gcmfxxza36DkEzofBrdyZcrc%2Bua%2BeuAb1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 625b82f2f98bd6f5-FRA
expires: Sat, 12 Feb 2022 20:38:34 GMT

GET
H/1.1 200
OK main.d71e9e5e71e05a7ac252.js Show response
cl.requesthandlers.com/ Frame 0D06 42 KB
14 KB 177ms
176ms Script
application/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

157ae8ad100f689694ae324353b6382d13fe31e40d19f80f7dcc7efea8dca5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Etag: "8091ebc811f0d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Iinfo: 7-1761847-1723994 pNNN RT(1614026311060 3240) q(0 0 0 1) r(1 1) U5
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Content-Length: 13520
X-CDN: Imperva

GET
H/1.1 200
OK _Incapsula_Resource Show response
cl.requesthandlers.com/ Frame 0D06 135 KB
20 KB 30ms
30ms Script
application/javascript 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1170682386
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 829bcaea8028505c7339b001aa89c8de06d4e9f2eaca77648bbdb83f195cc210

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 19402
Content-Type: application/javascript

OPTIONS
H/1.1 204
No Content clc
a.requesthandlers.com/api/ Frame 0
0 218ms
217ms Other 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/clc?sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0
Protocol: HTTP/1.1
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-correlation-id
Origin: https://cl.requesthandlers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-correlation-id
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Mon, 22 Feb 2021 20:38:35 GMT
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2
Server: Microsoft-IIS/10.0
Vary: Origin
X-Correlation-Id: 684dd0eb-ba7d-461a-a499-5b5054d26b40
X-Powered-By: ASP.NET
X-CDN: Imperva
X-Iinfo: 2-230269-230271 sNNN RT(1614026312292 2792) q(0 1 1 0) r(2 2) U5

GET
H/1.1 200
OK 00df1cc16fd538146239e7f27aaa7a80.gif
cl.requesthandlers.com/ Frame 0D06 5 KB
6 KB 174ms
174ms Image
image/gif 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cl.requesthandlers.com/00df1cc16fd538146239e7f27aaa7a80.gif

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b0e55d808246271a2eee843a1def491b589e3674c269fc625ae79dded13b3cab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:42 GMT
Server: Microsoft-IIS/10.0
Etag: "9331eac811f0d61:0"
Content-Type: image/gif
X-Iinfo: 13-4489307-4489849 sNNN RT(1614026311341 3438) q(0 0 0 0) r(2 2) U5
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
Content-Length: 4924
X-CDN: Imperva

GET
H/1.1 200
OK clc Show response
a.requesthandlers.com/api/ Frame 0D06 14 KB
2 KB 227ms
227ms Fetch
application/json 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://a.requesthandlers.com/api/clc?sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3bbc18b2897f2956ed3ddd02fd5af6a181014699e8bd3497a8e7ca1ace56487c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

x-correlation-id: c71754cf-c161-4a8d-9b55-c3b15a434d94
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d

Response headers

Date: Mon, 22 Feb 2021 20:38:35 GMT
X-Correlation-Id: c71754cf-c161-4a8d-9b55-c3b15a434d94
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 2-230269-230271 sNYN RT(1614026312292 3011) q(0 0 0 -1) r(2 2) U5
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
Transfer-Encoding: chunked
X-CDN: Imperva
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2

GET
H/1.1 200
OK _Incapsula_Resource
cl.requesthandlers.com/ Frame 0D06 1 B
633 B 21ms
21ms Image
text/plain 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cl.requesthandlers.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7713949099661677
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

POST
H/1.1 200
OK rcannot-some-you-not-Some-Minde-and-to-more-Banq Show response
cl.requesthandlers.com/ Frame 0D06 632 B
2 KB 27ms
27ms Fetch
application/json 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq?d=cl.requesthandlers.com
Requested by: Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/rcannot-some-you-not-Some-Minde-and-to-more-Banq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: connector /
Resource Hash: a3cf3441e44047dd7ebb5255b9c05ef861903a50336f4596befff1120ee3a64f

Request headers

Accept: application/json; charset=utf-8
Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 22 Feb 2021 20:38:34 GMT
Content-Encoding: gzip
server: connector
Transfer-Encoding: chunked
content-type: application/json
access-control-allow-origin: *
X-Iinfo: 7-1761847-1761865 PNYN RT(1614026311060 3851) q(0 0 0 0) r(0 0) U5
cache-control: no-cache, no-store
server-timing: bon, total;dur=3.360488
keep-alive: timeout=5
X-CDN: Imperva

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 90ms
29ms Other 40.79.138.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.amazingoffersforyou.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 22 Feb 2021 20:38:34 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
237 B 677ms
676ms XHR
application/json 40.79.138.41
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.138.41 Paris, France, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8d8b4ad92d54a19f9d090d12cefb559befabc266084ae96d5f80187f8ba063c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 569BA61E-B573-4EF3-88F0-48EAEA458CCE
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Mon, 22 Feb 2021 20:38:35 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H/1.1 200
OK f64ec46b28c6b7d9ae8ab3f3e5595bfe.svg
cl.requesthandlers.com/ Frame 0D06 1 KB
2 KB 180ms
179ms Image
image/svg+xml 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cl.requesthandlers.com/f64ec46b28c6b7d9ae8ab3f3e5595bfe.svg

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ba65196fd5d1dfc9eea37cb2193e8df463103cba64c4de49f32373c628e06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/main.08360d0fb3c040342cf8.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 22 Feb 2021 20:38:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 21 Jan 2021 16:23:43 GMT
Server: Microsoft-IIS/10.0
Etag: "1db531c911f0d61:0"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
X-Iinfo: 13-4489307-4489849 sNYN RT(1614026311341 4042) q(0 0 0 1) r(2 2) U5
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
X-CDN: Imperva

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 0D06 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cl.requesthandlers.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 15214
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 22 Feb 2022 16:25:01 GMT

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ Frame 0D06 959 B
692 B 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onInvisibleReCaptchaLoadCallback&render=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49de34909b0005bbf2770028389f710e1d02c410a5a0cfd64ff528d84a83eb8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 619
x-xss-protection: 1; mode=block
expires: Mon, 22 Feb 2021 20:38:35 GMT

GET
H2 200 logo_2f4ae67a8-6e28-4be1-918b-9affb61fb8d3.png
cdn.requesthandlers.com/adicons/ Frame 0D06 2 KB
3 KB 80ms
15ms Image
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/logo_2f4ae67a8-6e28-4be1-918b-9affb61fb8d3.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F69) /
Resource Hash: 8f7add9c01a8759d23811d9928d8b0876ad48b3e03ce601f12fda473288d3188

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Feb 2021 20:38:35 GMT
content-md5: wuchCRAaWFwbtzKRAOM9jQ==
age: 15629
x-cache: HIT
content-length: 2354
x-ms-lease-status: unlocked
last-modified: Thu, 15 Nov 2018 15:09:58 GMT
server: ECAcc (frc/8F69)
etag: 0x8D64B0C68A3633C
content-type: application/octet-stream
x-ms-request-id: 9bf56bb6-301e-0044-3f36-094063000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 04 Mar 2021 20:38:40 GMT

GET
H2 200 CashApp-Image6735d996-d7b8-42c6-8f5b-b9b47b5334d1.png
cdn.requesthandlers.com/adicons/ Frame 0D06 15 KB
15 KB 80ms
16ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/CashApp-Image6735d996-d7b8-42c6-8f5b-b9b47b5334d1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F20) /
Resource Hash: 77c2cc4ffbf248d675b90d2a577a99653d65a236df09417e537736498c6a25a1

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Feb 2021 20:38:35 GMT
content-md5: Qq7xl7ctpeA+xKcUEzA3iA==
age: 225436
x-cache: HIT
content-length: 15562
x-ms-lease-status: unlocked
last-modified: Fri, 30 Oct 2020 17:07:35 GMT
server: ECAcc (frc/8F20)
etag: 0x8D87CF64C097DB0
content-type: image/png
x-ms-request-id: 3706317c-d01e-00e5-064d-079b1e000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 04 Mar 2021 20:38:40 GMT

GET
H2 200 eca083bc5ff80aa5270a973d6f4c89283b9f1211-b27b-48c0-aa0c-cf8f92aa113b.jpg
cdn.requesthandlers.com/adicons/ Frame 0D06 33 KB
33 KB 85ms
21ms Image
image/jpeg 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/eca083bc5ff80aa5270a973d6f4c89283b9f1211-b27b-48c0-aa0c-cf8f92aa113b.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC0) /
Resource Hash: 637ba8403fd1a7b052f774653aa9dd5177a7b1d1bca04ceb5e692a60ccf23528

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Feb 2021 20:38:35 GMT
content-md5: VQglmQ9bxuof/FqY0CqSXA==
age: 482193
x-cache: HIT
content-length: 33777
x-ms-lease-status: unlocked
last-modified: Fri, 27 Dec 2019 14:51:24 GMT
server: ECAcc (frc/8FC0)
etag: 0x8D78ADC3E80E0D3
content-type: image/jpeg
x-ms-request-id: 7e51bfaa-a01e-0069-24f7-04f310000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Thu, 04 Mar 2021 20:38:40 GMT

GET
H2 200 Principal_Platinum_Card12-8-2020b81bdab8-3123-41ef-a58f-37e4207517c6.png
cdn.requesthandlers.com/adicons/ Frame 0D06 62 KB
63 KB 812ms
747ms Image
image/png 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.requesthandlers.com/adicons/Principal_Platinum_Card12-8-2020b81bdab8-3123-41ef-a58f-37e4207517c6.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c3c3e560d71fcbfc74666130e2eb355a42be115d3b5dcdff1cd5d9b0e15cd6b3

Request headers

Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 22 Feb 2021 20:38:36 GMT
last-modified: Tue, 22 Dec 2020 23:43:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: VTFF/q5a/RPw4fUMd0tqhw==
etag: 0x8D8A6D35A62D50F
x-cache: HIT
content-type: image/png
x-ms-request-id: 54b8430a-f01e-00e2-7f5a-09f77d000000
cache-control: max-age=864005
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 63822
expires: Thu, 04 Mar 2021 20:38:41 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 0D06 331 KB
129 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onInvisibleReCaptchaLoadCallback&render=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://cl.requesthandlers.com
Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1410
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 20:15:05 GMT

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7A8C 19 KB
10 KB 29ms
28ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47fdbd601418581a5481718c409e8b2cb055a455ff85e929ce6d18cae9dba064

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e3FOIxMsHrMc0tWRy1YMeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 Feb 2021 20:38:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-e3FOIxMsHrMc0tWRy1YMeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9988
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 7A8C 50 KB
25 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 17:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
age: 11597
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Tue, 22 Feb 2022 17:25:18 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/ Frame 7A8C 331 KB
129 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1410
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131815
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 05:05:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 22 Feb 2022 20:15:05 GMT

GET
H3-Q050 200 6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js Show response
www.google.com/js/bg/ Frame 7A8C 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/6fadx2M8wrjlNFRt_rC7owEQPGo_VIXOfAHmKW_lxqA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 06:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:00:00 GMT
server: sffe
age: 310215
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6328
x-xss-protection: 0
expires: Sat, 19 Feb 2022 06:28:21 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7A8C 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/styles__ltr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 12:56:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 373326
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Thu, 25 Feb 2021 12:56:30 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7A8C 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:25:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 15205
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10748
x-xss-protection: 0
expires: Tue, 22 Feb 2022 16:25:11 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7A8C 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 16:26:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 15128
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10788
x-xss-protection: 0
expires: Tue, 22 Feb 2022 16:26:28 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7A8C 102 B
180 B 16ms
15ms Other
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 20:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 22 Feb 2021 20:38:36 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/api2/ Frame 7A8C 9 KB
7 KB 72ms
72ms XHR
application/json 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pRiAUlKgZOMcFLsfzZTeGtOA/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eac91717125c42ad12dfb5ab1680652abdb9d7f77b976a2078fc426f8278ed2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbMnwUAAAAAC9vb5lmhjxX3xu6hLgcqKuaVFY0&co=aHR0cHM6Ly9jbC5yZXF1ZXN0aGFuZGxlcnMuY29tOjQ0Mw..&hl=en&v=pRiAUlKgZOMcFLsfzZTeGtOA&size=invisible&cb=rol5srbagw5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 22 Feb 2021 20:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6732
x-xss-protection: 1; mode=block
expires: Mon, 22 Feb 2021 20:38:36 GMT

POST
H/1.1 200
OK gr
a.requesthandlers.com/api/cv/ Frame 0D06 0
0 262ms
262ms Fetch 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://a.requesthandlers.com/api/cv/gr

Requested by

Host: cl.requesthandlers.com
URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.61 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

x-correlation-id: c71754cf-c161-4a8d-9b55-c3b15a434d94
Referer: https://cl.requesthandlers.com/?elementId=click-listing&referrerURL=https%3A%2F%2Fcl.requesthandlers.com%2F%3Fchannel%3Ddecline%26campaignid%3D90331b21-d5f2-45a6-9846-9d02e3686e2a&query=%3Fsessionid%3D3024ad94-923c-4f3c-2c51-08d8cec253a0%26correlationId%3Dc71754cf-c161-4a8d-9b55-c3b15a434d94%26ch%3Dd&visibilityState=visible&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&sessionId=3024ad94-923c-4f3c-2c51-08d8cec253a0&loaderVer=1.51.0&debug=false&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 22 Feb 2021 20:38:36 GMT
X-Correlation-Id: c71754cf-c161-4a8d-9b55-c3b15a434d94
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Origin
Access-Control-Allow-Origin: https://cl.requesthandlers.com
X-Iinfo: 9-272817-272818 sNNN RT(1614026312552 3909) q(0 0 0 -1) r(2 2) U5
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=2592000
Content-Length: 0
X-CDN: Imperva
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2

OPTIONS
H/1.1 204
No Content gr
a.requesthandlers.com/api/cv/ Frame 0
0 211ms
211ms Other 45.60.1.61
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://a.requesthandlers.com/api/cv/gr
Protocol: HTTP/1.1
Server: 45.60.1.61 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-correlation-id
Origin: https://cl.requesthandlers.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-correlation-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://cl.requesthandlers.com
Date: Mon, 22 Feb 2021 20:38:36 GMT
Request-Context: appId=cid-v1:5ac9e52a-0a3a-4077-9226-3a2250ed09a2
Server: Microsoft-IIS/10.0
Vary: Origin
X-Correlation-Id: bbd98701-d289-418d-ace3-5fbf29d6dace
X-Powered-By: ASP.NET
X-CDN: Imperva
X-Iinfo: 2-230269-230271 sNNN RT(1614026312292 3957) q(0 0 0 -1) r(2 2) U5

POST
H2 200 collect Show response
www.clarity.ms/scus/ 7 B
259 B 140ms
126ms XHR
text/plain 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/scus/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://www.amazingoffersforyou.com/?sessionid=3024ad94-923c-4f3c-2c51-08d8cec253a0&correlationId=c71754cf-c161-4a8d-9b55-c3b15a434d94&ch=d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 22 Feb 2021 20:38:37 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0TRY0YAAAAADGF1MBtrdsSL02U+LH/KjBRlJBRURHRTEwMDgANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length: 11
request-context: appId=cid-v1:3188f940-997d-4f90-a84f-97510ad0978f

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amazingoffersforyou.com/	1969-12-31 23:59:59	Name: incap_ses_449_2205651 Value: mf5TVsLlUUTgSc6Ddys7BkkWNGAAAAAAAjWI+wWLkZQ+MX6MZryyRA==
.amazingoffersforyou.com/	1970-01-20 01:05:27	Name: visid_incap_2205651 Value: u1MKVvT8TDqlX+nSun0anUkWNGAAAAAAQUIPAAAAAAC5UiNmdpIg3dy7up8JUm4r
www.amazingoffersforyou.com/	1970-01-19 16:20:28	Name: ai_session Value: 8GvqJ\|1614026314205.865\|1614026314205.865
.amazingoffersforyou.com/	1970-01-19 16:20:26	Name: _gat_UA-121799710-1 Value: 1
www.amazingoffersforyou.com/	1970-01-19 16:20:26	Name: ___utmvc Value: EpWo7OTeaM5UZ1IZoXQLk4vh6yMSl9wBxxWaQUKKOmWo8/PMXM5O0wiwg7E1mzbhX9aS/BT9U0kGq76g/TqBgrGvhK1akm0G8FdoCDeX7N02u2/DQGbQv9MKG6wKsCm3kxMv+9UDa4X29vRQrUoJhfJsVMhujgMk2BejVXGffNlaDjMizRjUSXDTxL1+P2bQvunGyDXtSxMgXX9ykd3DvOQ3wPVKbjBkISLRPQ6YwPtdb9M6Nq4t2YGdSOzWQyzrxl43c7i3N/36BrbUgpUjVyDQ++1+wYzg8nJVSomeKv6ZTtxOFI8IRAhPL9ieG1HpgysXsYldUGHzc3/JivCYdDRhky9jYNvbImJUvG0B0tCmV+VHNMT3OitTEJsjTjP4a1CEOa1QZj0OnSD25lr1zvxL+x4A56SA98zGKNwSv2sUhN8yNC5nFPJ4hSFUf3zRPK2w9uMiw4Ej5+DOqQr5g403rpRLqfZZcRdDR3MBq4MrG5o7ufiKa40Lp5fAoUOcMt54zN0NNycMszuWEywapo4m3ho/q5u+896lPlV1s7ZEiBmx5GDhlaVpkx4xMNeptdD2c0aF06zJZWWCHRuk4oQY3hLY3PS/OmqCrNkhCyT8UbnY6xwZ69i232oRPXYVwzV+FtLkrhT3Nos8C7fLv57yP673bayeI5xeGIJHaOaoZmQxOvFOORX+xizrfKHF5igOZu35GJXMvTUmW77IZ4WDlCutBIwDDQ6GTvPwxFHrJkax+sg8BRRO3nKhxggWsdjZI5KgJNoYmc1G+V3Qxd2EEdN/ADmrBs3LXs4hHX/FSUaWQzdCv072WcwmQ1GZwv6Ygi1PeZ3/xjlRBpjSXxx397gxX5EMVkeTCZ1PBg8YjjNW/B6RA+E/AYrsC/m1QVrr+2CNdyDh4At2NPQFcPawa+vD261CTxmNIRT+hJs4IKuSJGYu0dQ3dkmAEZWH+zHd68c+OLBMKmKl6TTKNokhh3wgE37kd5/v0I/1/ZOPCiP5VPr8AgpUZDxetCtxlnCdZxpwSvD9kWtBKK48Lq4OKNDzAergXZzPNkZ8VbrOiNdN+Tbc9Tgy7M8KLo0b29tzX1h6T37bIZISapXZ+G/jzJQ1QNcm7q9D9Cv0Da+1sgbQ5oDyr9WikwK3omUEZ7cYJoAwO3BFt9awGoFVmi7mviPiVVYPK16u2WZNTQ273dQf+cJNFjFJxN8z/m9UQWtw+nc6HtcfaqK1futmCwtdQKL7TBZ3w7Rh2gCqbw4ygYunv+YoB501dImluD6/aHbQ9qtaFaMJB4NIzypyWs6aPZxQJCQ34WROfqOEYmiNDadtNPtKqDDxGan/CMyXNdriVm6VpP3pd+7PzkdDyifGFiKJ2ebmRQ06mml6qEQgP/tMIX5xFPWHK4WRWsHx3pA7hCRk6a9TLbpTf/tZCRVt+RkC3Zv8hMAHLoleomrFrjN58QlpPFUkTq6gEkND1Yym2dF8+K/rUfziDMZBBzf1BsNuF9hNOvkUCub1ohMZBScyvOkUKKdZ2ZVreeXSB2svBNzp2SDb7ssLjw6cZz7tymeXI92nL10oV2GMVE1VLQ/oRQ3vtthAgV7UK4F0oWJRfrqZKSmlL4Q3i5EQyvNp1y/PqZbuCvHIlRshGqqb6QuQgzArzdgq5n4gUmey/VT5xHlNs8b7vyM3Z048pDzC5UWYqpwa3q8yZYsabPHJSygPZpusrknlcCqOLi5uPtc4z3EEjAd4MmyZFy+jPUR/4AnbtqJ9Gas/735RIpX+Y32XjTHH2MnYaqjaUMkkDNIVxtARPQ24WqQTdMYwiuqIyjUmaQZkW6Q5jghQZcIN5lpjTarBUUbDyvuUNfjUy3w2tD8c2iyo18nVnzMIpfRJYViv/MKi4BZOyDDJM7bwR2ZVSE4dPOiCFS4ORJh+gSOpTwd4nKDWvZt0oKClqwRamWgcHwg9IX1WO+j2Mb4QjUD/BSmANHqc4ZuVu6guVT1zyrEqWEM2u0qGzmHATVr9Pl/nBURZ3rmHE1SaidVlK3qcBqDqOcAIRNHnj3qsLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
www.amazingoffersforyou.com/	1970-01-20 01:06:02	Name: _clck Value: e7xldr
www.amazingoffersforyou.com/	1970-01-20 01:06:02	Name: ai_user Value: YtmAD\|2021-02-22T20:38:34.169Z
.amazingoffersforyou.com/	1970-01-19 16:21:52	Name: _gid Value: GA1.2.1854442069.1614026314
.amazingoffersforyou.com/	1970-01-20 09:51:38	Name: _ga Value: GA1.2.769677157.1614026314

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js(Line 1) Message: ClickBrain: TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cl.requesthandlers.com/main.d71e9e5e71e05a7ac252.js(Line 1) Message: ClickBrain: TypeError: Cannot read property 'setItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.requesthandlers.com
api.leadsmarket.com
az416426.vo.msecnd.net
cdn.requesthandlers.com
cdnjs.cloudflare.com
cl.requesthandlers.com
clicklend.app
consumertransferservice.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
ocs.consumertransferservice.com
s.yimg.com
stats.g.doubleclick.net
www.amazingoffersforyou.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:125e
2620:1ec:46::19
2a00:1288:80:800::7000
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:803::2003
2a00:1450:4001:810::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:400c:c00::9d
2a02:e980:25::3d
2a02:e980::3d
40.79.138.41
45.60.1.61
45.60.76.211
02de7e0ac8cc011b71aa49b097e62bb6a92d36cbb17060fec9545d132019c99f
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e5637ea03cdf817f62591f545db7036cfef91733b0492df8765748e030b6720
0e715b5fe0b6a1cd9feed24728483d7946a3781cc1f6a7abe3883ffe38984907
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
157ae8ad100f689694ae324353b6382d13fe31e40d19f80f7dcc7efea8dca5cc
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2b24df50b72b38943149ec4d19403020d47a0cceba6128f5dac216607042c3bb
3bbc18b2897f2956ed3ddd02fd5af6a181014699e8bd3497a8e7ca1ace56487c
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4651aab74eb2427ef452571fba1d07a3b474b86fea0eb506d42456af02348f2c
47fdbd601418581a5481718c409e8b2cb055a455ff85e929ce6d18cae9dba064
49de34909b0005bbf2770028389f710e1d02c410a5a0cfd64ff528d84a83eb8f
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4e304d8d11ebef674b45e74a04f7e8de4e2f6a045709543395949e01aff17bd1
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58db8ca3ffa85da7cbd0e565b86426db16b1778f94e6d50d75cf842c0ba719aa
5a98c56d1e35e66d217274d7e5089ccf48d4f9fa628e8f3e599df5282938d97f
5be2f1c49d3f9ee4ce079212a93765c2210b5d391b61f0aa771f7b355c837f01
5f00da0f85410aa9293df7a3bc8052b485cf7edc53e4a44d76e41e64d744b44d
637ba8403fd1a7b052f774653aa9dd5177a7b1d1bca04ceb5e692a60ccf23528
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6521aa5525908f3d5cb8f039bf0167f17a49fb80fb30604be2fa16fd8dc09d02
6afd9dabd714aef2804562fbe773c4de0daa8e230ad5117e2b1c4b9effc9a97b
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6c3094cca8ca75978f9c0049831ee429de2053dce793d1eeb3bacb34b58571d1
717294fb426452ab4d276219dc30a1772c3e896eeeb668cf052857a4602617da
77c2cc4ffbf248d675b90d2a577a99653d65a236df09417e537736498c6a25a1
78e52891bfd18c3c3b912faf0f06dab4dacb37c048bef12194b339ca881c0c8a
81fa50822806b58c63d123c956b740c92033836e2477e82237f9c9ca0fa8c3a0
829bcaea8028505c7339b001aa89c8de06d4e9f2eaca77648bbdb83f195cc210
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89715f0229933ec42b900807a3b806d79e95dc6225c43921e35652cc2c7a1410
8d8b4ad92d54a19f9d090d12cefb559befabc266084ae96d5f80187f8ba063c9
8f7add9c01a8759d23811d9928d8b0876ad48b3e03ce601f12fda473288d3188
8fc0ef9cd878b61aebca8cb417c7a40b7ae44c0e2ce637808d5176c7c72fedfd
9f44705150d83edb8c6c152c54f1a516f971cd855353339e66d9dd9f9f8b95a0
a2c1dfdb0c537e948e8717b8166a5f59819b3f7d6123e8988862e408349e5361
a3cf3441e44047dd7ebb5255b9c05ef861903a50336f4596befff1120ee3a64f
aeca519244aa54b69e0e9b0cdbba341702e8e2c6babfd9323c17400b9df856bd
b0d2cd1e042e0f54b24a6731ca8f7ca0ea35b02b0f0b1072308ef2291d378c34
b0e55d808246271a2eee843a1def491b589e3674c269fc625ae79dded13b3cab
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
b89c4addd9525e5ecf970750e2f2477a9354a59467997c8aa2d79adc55594e1f
ba65196fd5d1dfc9eea37cb2193e8df463103cba64c4de49f32373c628e06a60
bd5da4364c94b11a9e56f0d0388439082ef6d3b29c15255ac17bad40abe0c248
c3c3e560d71fcbfc74666130e2eb355a42be115d3b5dcdff1cd5d9b0e15cd6b3
c980b0e2688b00ee5a1913a7f5eec8036bb7c480bc1b7dfdbef09e24de4dbadc
c9a539d74cb697db0fba8c7c9eebf19182d238b890e5b5f36c2994d9e6720969
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d658d195f811eadf472163b3b9f540160879e76385342891eaabd314f81859
e9f69dc7633cc2b8e534546dfeb0bba301103c6a3f5485ce7c01e6296fe5c6a0
ea8488295d448feb86e380c6dbafcb0eed8af12ef0e81888d657ebcddd161705
eac91717125c42ad12dfb5ab1680652abdb9d7f77b976a2078fc426f8278ed2e
ec2d33ab8bae131685fa623cd720e82d79e209953bf5d71d75a02b392f1197d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f93a40adc41fa769b23ea43f8483ad06c73d1e382623532dbc71e0072bdee550

www.amazingoffersforyou.com Open in urlscan Pro 45.60.1.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

83 %IPv6

17 Domains

21 Subdomains

18 IPs

5 Countries

997 kBTransfer

2613 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.amazingoffersforyou.com Open in urlscan Pro
45.60.1.61 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

83 %
IPv6

17
Domains

21
Subdomains

18
IPs

5
Countries

997 kB
Transfer

2613 kB
Size

9
Cookies

86 HTTP transactions
0 data transactions