www.offermate.us Open in urlscan Pro
2604:a880:2:d0::867:1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.offermate.us/
Effective URL:
https://www.offermate.us/
Submission: On December 16 via api (December 16th 2022, 6:35:33 pm UTC) from SE — Scanned from US

Summary HTTP 162 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 32 IPs in 2 countries across 27 domains to perform 162 HTTP transactions. The main IP is 2604:a880:2:d0::867:1, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.offermate.us. The Cisco Umbrella rank of the primary domain is 618126.
TLS certificate: Issued by R3 on November 21st 2022. Valid for: 3 months.

This is the only time www.offermate.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	2604:a880:2:d... 2604:a880:2:d0::867:1	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
11	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::200d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80b::2008	15169 (GOOGLE) (GOOGLE)
32	2606:4700:20:... 2606:4700:20::681a:364	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
13	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
2 2	2606:ae80:145... 2606:ae80:1450:16::2010	25751 (VALUECLICK) (VALUECLICK)
7	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:953b:8eec:4f4e:8fe	14618 (AMAZON-AES) (AMAZON-AES)
2 2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
2 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1 1	3.234.62.154 3.234.62.154	14618 (AMAZON-AES) (AMAZON-AES)
11	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
2	2a00:1450:401... 2a00:1450:4013:c02::78	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4002:20::b	15169 (GOOGLE) (GOOGLE)
162	32

24 2604:a880:2:d0::867:1 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.offermate.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:817::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200d (Nutley, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:20::681a:364 (United States)

ASN13335 (CLOUDFLARENET, US)

na.leafletscdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:81c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:823::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:ae80:1450:16::2010 (United States) 2 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:953b:8eec:4f4e:8fe (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.171 (United States) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.62.154 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-62-154.compute-1.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4013:c02::78 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:20::b (Atlanta, United States)

ASN15169 (GOOGLE, US)

rr5---sn-5uaezn6d.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	leafletscdns.com na.leafletscdns.com — Cisco Umbrella Rank: 658780	89 KB
24	offermate.us 1 redirects www.offermate.us — Cisco Umbrella Rank: 618126	217 KB
21	google.com accounts.google.com — Cisco Umbrella Rank: 71 adservice.google.com — Cisco Umbrella Rank: 72 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1976 www.google.com — Cisco Umbrella Rank: 2	128 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	336 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 637 pix.us.criteo.net — Cisco Umbrella Rank: 2257 csm.us.criteo.net — Cisco Umbrella Rank: 2215	782 KB
15	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	71 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	101 KB
3	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 4853 ads.us.criteo.com — Cisco Umbrella Rank: 2058 cat.va.us.criteo.com — Cisco Umbrella Rank: 2560	45 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 371	12 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 335	960 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 497	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 716	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2338	885 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	94 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	111 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	googlevideo.com rr5---sn-5uaezn6d.googlevideo.com — Cisco Umbrella Rank: 86567	1 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1726	11 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	5 KB
1	adingo.jp 1 redirects cc.adingo.jp — Cisco Umbrella Rank: 5752	419 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	699 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	716 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	692 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	81 KB
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
162	27

	Domain	Requested by
32	na.leafletscdns.com	www.offermate.us
24	www.offermate.us	1 redirects www.offermate.us
13	fundingchoicesmessages.google.com	www.offermate.us
11	static.criteo.net	ads.us.criteo.com
11	pagead2.googlesyndication.com	www.offermate.us pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
5	pix.us.criteo.net	ads.us.criteo.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	www.offermate.us googleads.g.doubleclick.net tpc.googlesyndication.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.offermate.us
3	adservice.google.com	pagead2.googlesyndication.com
3	fonts.googleapis.com	www.offermate.us googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	csm.us.criteo.net	ads.us.criteo.com
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com	www.offermate.us
2	connect.facebook.net	www.offermate.us connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	rr5---sn-5uaezn6d.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	cc.adingo.jp	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.offermate.us
1	accounts.google.com	www.offermate.us
0	cs.chocolateplatform.com Failed	googleads.g.doubleclick.net
162	39

This site contains links to these domains. Also see Links.

Domain
d34seexzbffcio.cloudfront.net

Subject Issuer	Validity	Valid
offermate.us R3	`2022-11-21` - `2023-02-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-03` - `2023-09-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-25` - `2022-12-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-08` - `2023-01-09`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-12` - `2023-03-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-07` - `2023-02-07`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-12-06` - `2023-02-14`	2 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.offermate.us/
Frame ID: F6116973F60ECA081ADA2663D06CF8AB
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: BF84BE2B220FB254A28F90BBEA0DB9F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1671215725&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.offermate.us%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724550&bpp=5&bdt=528&idt=430&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8010226533420&frm=20&pv=2&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=466
Frame ID: A8357B29C4599D04ED244E914DCB19EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=250&slotname=9548902481&adk=2023022467&adf=2994261189&pi=t.ma~as.9548902481&w=970&lmt=1671215725&rafmt=12&format=970x250&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=2&bdt=534&idt=523&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7v7LOVqc7r&p=https%3A//www.offermate.us&dtd=900
Frame ID: 965A6BAE285AEB73F6E1ED984E43D334
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2253931658&pi=t.ma~as.3636510535&w=300&lmt=1671215725&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=1&bdt=534&idt=530&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0%2C970x250&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1nAXLpW9KM&p=https%3A//www.offermate.us&dtd=908
Frame ID: E7AC020FACE3F7DD2593EFDE125FFCA3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: C985E22696D75613463C602D41D06A5D
Requests: 5 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y5y6bQAIAKkAsxBtAAbfIVwcBWW2JPj9rhdQKw&u=%7C5oDZkT0e13J0x90nL8wD81KQ3QLYRwF8Lmll6FLizJM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dBRN13b4BGNtWmG7CnrSyulZwxF75SlSWqtZhxJkTh9uXiBfeXXuOeaVfOLK-3oFmwj9eLNregFFUOnJn_hGQpkbHL_H2gECCy_DO-QooCwglE7JNqqF5ctoD5zaJ4s6XjECm8cU1xDP9gfFTg2q14iKgTDBM2hfqqi2tfvFSZvzzvEX3RuBFVW26pHsMkdPS_Lxt187hZXfvGCeodga30ed3qdB8ZDZfPkMnAWCayeXQEsn4Tix4AR4_1liOqQZUPkf_Cllu96owt1_fXXq2BfwHlrSYfiW8T5onzgg3P4RtO076tLOzKy7D82_uXHqUfEC-NgASJP-JFOX0RuWi2-hwURnOHafava-ex7JngAwR38P4ykHuqpau8zAe2e3VGzCdwQCtWhoj1yd1tHlVbWZOHl4ZomN7HuOby59evXomTZgpEmpZWKXrvEf6DOwnCASeDORZ-gOdP4EuRWiwm_WUon3XCeNumVVLWqPJnyd0ML9B3THhIeKElxGB-AN4t3H7hX_d6ZZmovnZ8c10stnQx67EVOlFQ8zV0N9pfDsOl115p8vTLcsGmQKYZZYggfxuJHJVcJChRkYv6t0MF3pal-P_T9UzaYzkyy21oAEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIPKNbbqcY6mBIO2gzLUPob6bsAGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMTQ0NzU0MDk1NzIxMzYwMcgBCagDAaoEvgFP0BMZo9AT49PxpyA2Kca_QPUEh-4tiS7UsbfEgow6xNCiyAPOSIAKK7CRFJKQI6nhey5Vln6F4kFwuwkjQysCkYggsjbkUfl6HAc9QOFrQWCavwsoFnqf6cs2zX19a-Va0pk5taBgHvLg61SPQeldyhPrZVSRpZNXELaHgwZ-y7LE5my1CTsz3hAyovt9anlyQ7_uZxltVs1yIjdDsIPBF2CjannXhiM4sXaZCj72cV35UeT09Y1hR8Wyf43DgAbA_NXmtbvqn7kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3u44YBjMMi_KczxcEV7CmQ9K2TbQ%26client%3Dca-pub-1447540957213601%26adurl%3D
Frame ID: 6649A13332575283BF5670F4D36C3F1A
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B1E1BFECFD0A858FC486BEEB6EEBF0E
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019
Frame ID: AFD3285A19699728F2930701DF435763
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js
Frame ID: 47A821F6DC1849278204511D0DE438EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61D6F46D249D2A7844711B4615207326
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F65E1EA6C4FCEAED46623DC052A6806
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Offermate.us | Weekly Ads, Deals and Sales Ad Preview!

Page URL History Show full URLs

http://www.offermate.us/ HTTP 301
https://www.offermate.us/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
accounts\.google\.com/gsi/client

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

/yii\.(?:validation|activeForm)\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Page Statistics

162
Requests

96 %
HTTPS

84 %
IPv6

27
Domains

39
Subdomains

32
IPs

2
Countries

3526 kB
Transfer

5815 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://d34seexzbffcio.cloudfront.net/a94464aff8a69ba3b7b48aee44397d866191662a65485.pdf
Title: the terms of use

Search URL Search Domain Scan URL

URL: https://d34seexzbffcio.cloudfront.net/e6f686054460106d095f70d30bb88552617a4484914ea.pdf
Title: to the processing of personal data

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.offermate.us/ HTTP 301
https://www.offermate.us/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK627G0NPyukNRrjtdmNbbg&google_cver=1&google_push=AavPq0MA4ByDlZN32NJbnm_8_mYJtC3mv2Bd0F6gqCaBt16okhrCWSSLEfoBOks-Jvra6ErCafjlt2k3bAot-YTp8QisuXDrd9njgw HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7b3c6b4e79fd144b&is_secure=true&networkId=14000&version=1&google_gid=CAESEK627G0NPyukNRrjtdmNbbg&google_cver=1&google_push=AavPq0MA4ByDlZN32NJbnm_8_mYJtC3mv2Bd0F6gqCaBt16okhrCWSSLEfoBOks-Jvra6ErCafjlt2k3bAot-YTp8QisuXDrd9njgw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHNai1eZfRRQM9wRkAAAAAAAA&expiration=1671302127&google_cver=1&is_secure=true&google_gid=CAESEK627G0NPyukNRrjtdmNbbg&google_push=AavPq0MA4ByDlZN32NJbnm_8_mYJtC3mv2Bd0F6gqCaBt16okhrCWSSLEfoBOks-Jvra6ErCafjlt2k3bAot-YTp8QisuXDrd9njgw

Request Chain 101

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKnyH2pxtqpHl-tFAo4KlI&google_cver=1&google_push=AavPq0NG_6TtDrOYBJV7JceKIYnpWegHNjBkWPe-kWKrMhaWWBFXOTIdjV3xPw2Xdw6h5l-jtWxf-2ObuLoSCf28_3vmKl9q6ZpsCQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NG_6TtDrOYBJV7JceKIYnpWegHNjBkWPe-kWKrMhaWWBFXOTIdjV3xPw2Xdw6h5l-jtWxf-2ObuLoSCf28_3vmKl9q6ZpsCQ&google_hm=eS1ERDNONzJSRTJwSFJMRlZLaVptakJxTExNTVcxclk4Un5B

Request Chain 102

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELvB-ExxJ7TdKVnP650RVdc&google_cver=1&google_push=AavPq0Pf5eSaR7UAqCQKP10wAsfqgNZYnn2JEX6744zzGrT2AZO9Vn6vy_7jh1oF5ZOgGV6Za1ff-7k2OPBczE4nC4Dv_JyeIP4K-w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELvB-ExxJ7TdKVnP650RVdc&google_cver=1&google_push=AavPq0Pf5eSaR7UAqCQKP10wAsfqgNZYnn2JEX6744zzGrT2AZO9Vn6vy_7jh1oF5ZOgGV6Za1ff-7k2OPBczE4nC4Dv_JyeIP4K-w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PyQZJms_SKWQRBHM2WO_uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Pf5eSaR7UAqCQKP10wAsfqgNZYnn2JEX6744zzGrT2AZO9Vn6vy_7jh1oF5ZOgGV6Za1ff-7k2OPBczE4nC4Dv_JyeIP4K-w

Request Chain 103

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESECFruU_VOIVR7j3lcR_jXao&google_cver=1&google_push=AavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1671215726949 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-cd5d8dbc-80f3-40df-9b4b-cdb3abf76159-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q%26google_hm%3DBc1djbyA80Dfm0vNs6v3YVk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q&google_hm=Bc1djbyA80Dfm0vNs6v3YVk

Request Chain 104

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELX2R-94NaIrdKWxG_Qs5sg&google_cver=1&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMvV-FwkVfwp6s51y3ikjGRgpOhR4XjaxFHiEsKLmjYn6OlUg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMvV-FwkVfwp6s51y3ikjGRgpOhR4XjaxFHiEsKLmjYn6OlUg&google_gid=CAESELX2R-94NaIrdKWxG_Qs5sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NzIzMjQyNjMxNzIyNzkzNTk4Mg%3D%3D&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMvV-FwkVfwp6s51y3ikjGRgpOhR4XjaxFHiEsKLmjYn6OlUg

Request Chain 106

https://cc.adingo.jp/adx/push/?google_gid=CAESEDsykrRjw-z1aNvTXpKx14g&google_cver=1&google_push=AavPq0OZjgJ61ZLIaOpkdqfBqDf1AnXtRAswdaUgTTOFcRNLfFYTVNmutViYoTHJbHNLuvLEz7ys4-qu4Rq5LjCVgu6jkJAzj4aQNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0OZjgJ61ZLIaOpkdqfBqDf1AnXtRAswdaUgTTOFcRNLfFYTVNmutViYoTHJbHNLuvLEz7ys4-qu4Rq5LjCVgu6jkJAzj4aQNg&google_hm=1712a9fbf760a642a60461ac9cbc8aed

162 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.offermate.us/
Redirect Chain

http://www.offermate.us/
https://www.offermate.us/

130 KB
35 KB

319ms
102ms

Document
text/html

2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

eecbc38ae1f5732c0081b9d762dbebca1ad3b3b8e7f34a40669104f920090e09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 18:35:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
report-to: []
server: nginx
strict-transport-security: max-age=10; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Hyperia
x-proxy-cache: HIT
x-proxy-cache-type: nl30m
x-proxy-date: Fri, 16 Dec 2022 18:30:25 GMT
x-proxy-date-now: Friday, 16-Dec-2022 18:35:23 GMT
x-upstream-backend: letakomat-sfo2-w008
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 16 Dec 2022 18:35:23 GMT
Location: https://www.offermate.us/
Server: nginx

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 261ms
105ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f0b1f70226fc301262476fa425ce47d672231a09780fd1e1ba1830d8179daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49490
x-xss-protection: 0
server: cafe
etag: 8569673326812098234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 18:35:24 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 191 KB
76 KB 234ms
94ms Script
application/javascript 2607:f8b0:4006:823::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200d Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5a82c58d5b5a0c21fdcdd96daa06c5d2c10badc26def9a838dde13be7644733

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4OEXD-mFzM3syOvbagrgTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-4OEXD-mFzM3syOvbagrgTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 16 Dec 2022 18:35:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 223ms
85ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 18:35:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 18:35:24 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7368f0ad139592962f015c33a985f9114e12b422d986707d7986c1fc882b0151

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 external.min.js Show response
www.offermate.us/js/joined/ 137 KB
52 KB 104ms
103ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 27ec53402c2d42952e8e82510f6191417cace71630b568afcd2128c21bc8e00c

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 08:16:39 GMT
last-modified: Tue, 13 Dec 2022 15:01:45 GMT
server: nginx
expires: 31556926
etag: "639893d9-ce55"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
content-length: 52821
x-proxy-cache: HIT

GET
H2 200 common_co.min.js Show response
www.offermate.us/js/joined/ 51 KB
18 KB 205ms
204ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/common_co.min.js?t=8ec38d46688510d5a3131ad2b302ef65
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 29e48bbb25dd73c5c9d988dbd04eaddde99afde50956735dc88f072c8d07a2e9

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 08:16:39 GMT
last-modified: Tue, 13 Dec 2022 15:01:45 GMT
server: nginx
expires: 31556926
etag: "639893d9-468d"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
content-length: 18061
x-proxy-cache: HIT

GET
H2 200 homepage.min.js Show response
www.offermate.us/js/joined/ 24 KB
8 KB 206ms
205ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/joined/homepage.min.js?t=81db152c56fd2e8576d3c1b594aca995
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6dbe1fb9a4260a50ae25666e53e5bc28d26603b09257d3078ede6fb85c792250

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 08:37:49 GMT
last-modified: Tue, 13 Dec 2022 15:01:45 GMT
server: nginx
expires: 31556926
etag: "639893d9-2029"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
content-length: 8233
x-proxy-cache: HIT

GET
H2 200 typeahead.bundle.min.js Show response
www.offermate.us/js/ 38 KB
13 KB 207ms
207ms Script
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/js/typeahead.bundle.min.js?t=2ab353cabde499fd06011e207a35a552
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c1bb82aebcf2f4bb70878e30af73a0c22ffb935bceb82f81cb0852e78a674032

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 08:16:39 GMT
last-modified: Tue, 13 Dec 2022 15:01:45 GMT
server: nginx
expires: 31556926
etag: "639893d9-33fd"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
content-length: 13309
x-proxy-cache: HIT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 204ms
64ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:20:43 GMT
x-content-type-options: nosniff
age: 72881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:20:43 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 217ms
77ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:51:11 GMT
x-content-type-options: nosniff
age: 81853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:51:11 GMT

GET
H2 200 top.png
www.offermate.us/img/ 3 KB
3 KB 102ms
101ms Image
image/png 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offermate.us/img/top.png
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 09ab34c57ee1f14bb1d6e37c059dffba89cadf80cbebd49a2971121d005af603

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 14:47:39 GMT
last-modified: Tue, 13 Dec 2022 15:00:26 GMT
server: nginx
expires: 31556926
etag: W/"6398938a-c44"
x-from-origin: true
content-type: image/png
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-proxy-cache: HIT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
81 KB 223ms
81ms Script
application/javascript 2607:f8b0:4006:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/common_co.min.js?t=8ec38d46688510d5a3131ad2b302ef65

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bfd24b6018eabacf24d3b080bc0d1e596ef925f0ace36a75f2e0b366aa07b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82495
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 18:35:24 GMT

GET
H2 200 fontello.css
www.offermate.us/fonts/fontello/css/ 4 KB
2 KB 103ms
101ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 259b67aae500877eceb2ab41928696ff03aa65b25cfd298f668030b87db493cc

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 09:17:45 GMT
last-modified: Tue, 13 Dec 2022 15:00:26 GMT
server: nginx
expires: 31556926
etag: W/"6398938a-10ed"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-proxy-cache: HIT

GET
H2 200 global.css
www.offermate.us/css/ 126 KB
26 KB 104ms
102ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/global.css?t=78c42f39c6e0a2f4e23c7071b5a40b9f
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d511afc02a8e5c791db7620508773fe00bf24125241431009b825561bd4c680

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 12:59:59 GMT
last-modified: Tue, 13 Dec 2022 15:01:44 GMT
server: nginx
expires: 31556926
etag: W/"639893d8-1f925"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-proxy-cache: HIT

GET
H2 200 homepage.css
www.offermate.us/css/ 10 KB
3 KB 105ms
104ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/homepage.css?t=27121f8b02c2c8e174123725e84bfc34
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 13:09:20 GMT
last-modified: Tue, 13 Dec 2022 15:01:42 GMT
server: nginx
expires: 31556926
etag: W/"639893d6-2932"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-proxy-cache: HIT

GET
H2 200 globalDefer.css
www.offermate.us/css/ 21 KB
5 KB 105ms
105ms Stylesheet
text/css 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/css/globalDefer.css?t=959de056ff6fcaff94eceb34da573f3f
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ea88adff36505b44e034dda505e6dfbff22f8b35b1ed2dd413abcad42d522ebd

Request headers

Referer: https://www.offermate.us/
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 11:41:53 GMT
last-modified: Tue, 13 Dec 2022 15:01:42 GMT
server: nginx
expires: 31556926
etag: W/"639893d6-547c"
x-from-origin: true
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-proxy-cache: HIT

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/168/ 2 KB
2 KB 156ms
62ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/168/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 759db94c655042b39e207f0193216b0d593e1dff2bdc804ff43aa82cfb80cf35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 19:05:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3220736
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iilCTB4lYiql5TLvpD4RIP%2FR2I6Y1RdSWVGZ1MextVd98JzwvBdPF7r5jfW3A%2BcXEZ%2FFGNEVcPMd%2F8lZYM9s3HEupXiFc78apdhDZu31RmS80kYXlfQ%2FiXbQB31yZV86SS0tH5URWPeaWmftFFo6oI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984c6ad9e8d94-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/202/ 2 KB
2 KB 147ms
53ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/202/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19d2f3e5f18643487919295ad4c38569a81bcf0991cfec959263028df7464a8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 21:24:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2944357
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRktaRawrLOSpiKPY9Gytc98b8WY1wD05%2FNklYhOeCwhFlskEZ0%2FGQk0RkcQXpjPyWxHEVI8Ik%2BE6yKAZ89IyilF%2BMTTy0R72llpxjzyyL9ztNwZ95XUATAPLvoqjChhErJYTZTVo1hRO4kK4hUGcwM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984c6ada78d94-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/220/ 1 KB
2 KB 138ms
44ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/220/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90788d0ac8dcc6a570be2e3594afae912c6ddf1990f6cd5d80481188b0d69ef2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 19:24:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3221771
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOanFqqaFumF1I12KvGwZ4I6FKdgI7Rz7KhJqlz%2Bz5q9cAZu7xA2Zn7pYsWzRu3IISKTmkkAL%2B7TdMnk8f7Lm7ivzoulATUzXSfqyffOZYYFXgIgju6HbZunJtsF3O1bp18Zkz5iynyZ40yfXOaB5H4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984c6ada88d94-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 logo_ss.webp
na.leafletscdns.com/us/data/228/ 864 B
1 KB 141ms
48ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/228/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1547c5dfb5689e3acad15ec9131b08b6085f0648bcf9e073530751312ab60f1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 15:28:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 73594
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SN0hcvXTSelCMYeC%2B01o2ch4P0jZB5yfTS9DaPJb%2FQqZ3cwBo0CW68R7QvpMCWLfx45jOEqidOqS9EqGPATEk2avQAwnxMdbW945QoksLAZkt53HExeqvzmm4VJxeEwf5RbTpiAYL0cVRmDr1ztfZFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984c6ada98d94-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/168/29169/ 14 KB
14 KB 137ms
45ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/168/29169/0_s.webp?t=1662967860
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc744decbaa1624399c76e9d8cd5025f2b4fa7117b706d56fc9c3d815f6cdff9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
last-modified: Thu, 01 Sep 2022 22:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3220735
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPQ%2FKWOrM75Dz6hBOWJ3qOCVtHCky8FpjtRscHpbisjo1nHjOMw2ARsy0XKykjro7oRNtY%2F6tm5C07EbmQA5b0e54FNXKjumpmqBVToO334KM9wcqkd8ija0Dw6tijE0gBq8wu8LiRIHF8kRMcS3q04%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984c6ada18d94-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/202/35525/ 10 KB
11 KB 158ms
66ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/202/35525/0_s.webp?t=1671187524
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ee9d99b05cd79ec0f6ea663e67e2ec1dad603ecc1097f36e67f409d82c310c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15805
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10746
last-modified: Fri, 16 Dec 2022 10:45:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJMj9qseme9Odo6l%2FVFJzqVCBZmf7f%2BRvyN%2FUQacW8gedQb5aXtIzLy1PLIQBi2fsviARy5BerF4D%2FZA3nJmPkp5gZsk45j3LFnNk%2FhfSWuC225pUHyXKzxjyM0%2FTcnzCuP%2BZ5kqEs%2FxgOHIDhRYND4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 77a984c6ada28d94-MIA
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/220/35500/ 14 KB
15 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/220/35500/0_s.webp?t=1671187185
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8aa4f8289dbe27e4536ce7c9fd76fff9bb877120cdf5fef5d4b43da4d0f118

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23352
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14546
last-modified: Fri, 16 Dec 2022 10:39:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9y%2FeAFiOUibSm81dqIPXap%2B%2FU0qCEfAK7JTcld7bkiv6qH2%2BbExGCkV6N0bxO5C0GkTOf%2FzZAfIkhKeZ1kGEeGjytS3SfPOCT%2FdT1%2B4GQuEwCTseEpkDDcw644lG9ovoauVkytkiirgddfU0IpCffjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
cf-ray: 77a984c6adac8d94-MIA
expires: 31556926

GET
H2 200 0_s.webp
na.leafletscdns.com/us/data/228/31786/ 9 KB
10 KB 81ms
80ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/228/31786/0_s.webp?t=1665566742
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 105cf9ddd93f9878d396ec4de2fc5670b7292e7aca0cbca8ffe7fb132dc4cb29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 16:40:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2000
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVvOkwAwBSW3S2pwymCbHGqCrVSJvqJEDoUxdBX7Pc4I0xxOq7%2B0dTUesAYoBG%2Bqbc6qtdBv36af%2FzHyTEcvy74JVjl%2BoKA8i07pOfjAa3BN5xPO2b8L7BYmrf3MccBBXm3QJhuCfbg71WSr8sy7%2BSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984c6adad8d94-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 / Show response
www.offermate.us/ajax/get-email-signup/ 3 KB
3 KB 104ms
104ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/ajax/get-email-signup/

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

cabcd49efd69dad693f5f56e07da68897370ccaa4bfd08ddb94fe394efda7f86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 16 Dec 2022 18:35:24 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:19:57 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-upstream-backend: letakomat-sfo2-w001
content-length: 1221
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:19:57 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-email-signup/
x-proxy-cache-type: nl30m

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 115ms
114ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7b63eeeefd76cca5d2056b980fc96e69d89415206e6a6c14ff68501a4468080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119947
x-xss-protection: 0
server: cafe
etag: 17841698731964142432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 18:35:24 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame BF84 10 KB
5 KB 211ms
64ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 80321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 20:16:43 GMT
etag: 10353107486223812946
expires: Thu, 29 Dec 2022 20:16:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.offermate.us/ajax/get-menu-items/ 6 KB
4 KB 103ms
102ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/ajax/get-menu-items/

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

45b64cdda0bb21032dfb9ff73d0d66b32d4aa7c161f90acfe761359c3b8fdcce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 16 Dec 2022 18:35:24 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:27:39 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-upstream-backend: letakomat-sfo2-w003
content-length: 2367
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:27:39 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
dynamicurl: ajax/get-menu-items/
x-proxy-cache-type: a30m

GET
H2 200 fontello.woff2
www.offermate.us/fonts/fontello/font/ 9 KB
9 KB 103ms
102ms Font
application/octet-stream 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/fonts/fontello/font/fontello.woff2?49450005
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 20b7ec5c587ce88329c10b1ab2f288ecd11dcd57e5716e90d6a957f8fddd3db6

Request headers

Referer: https://www.offermate.us/fonts/fontello/css/fontello.css?t=a95d4e49d1408aabd42234f8161dd98f
Origin: https://www.offermate.us
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
x-proxy-date: Fri, 16 Dec 2022 09:12:24 GMT
expires: 31556926
last-modified: Tue, 13 Dec 2022 15:00:26 GMT
server: nginx
etag: "6398938a-2274"
x-from-origin: true
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
accept-ranges: bytes
content-length: 8820
x-proxy-cache: HIT

GET
H2 200 yii.validation.js Show response
www.offermate.us/assets/5944586e/ 17 KB
4 KB 102ms
101ms XHR
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/assets/5944586e/yii.validation.js
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 13:01:18 GMT
last-modified: Tue, 13 Dec 2022 15:04:41 GMT
server: nginx
expires: 31556926
etag: W/"63989489-4413"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-proxy-cache: HIT

GET
H2 200 yii.activeForm.js Show response
www.offermate.us/assets/5944586e/ 36 KB
9 KB 102ms
102ms XHR
application/javascript 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offermate.us/assets/5944586e/yii.activeForm.js
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 13:01:18 GMT
last-modified: Tue, 13 Dec 2022 15:04:41 GMT
server: nginx
expires: 31556926
etag: W/"63989489-9046"
x-from-origin: true
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
x-proxy-cache: HIT

GET
H2 200 maskot-main-happy-xs-subscribe.png
www.offermate.us/img/maskot/ 2 KB
3 KB 102ms
102ms Image
image/png 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offermate.us/img/maskot/maskot-main-happy-xs-subscribe.png
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/css/global.css?t=78c42f39c6e0a2f4e23c7071b5a40b9f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/css/global.css?t=78c42f39c6e0a2f4e23c7071b5a40b9f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache-type: s24h
date: Fri, 16 Dec 2022 18:35:24 GMT
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 14:18:41 GMT
last-modified: Tue, 13 Dec 2022 15:00:26 GMT
server: nginx
expires: 31556926
etag: "6398938a-917"
x-from-origin: true
content-type: image/png
cache-control: public, max-age=31556926
x-proxy-date-now: Friday, 16-Dec-2022 18:35:24 GMT
content-length: 2327
x-proxy-cache: HIT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
692 B 216ms
79ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.offermate.us&callback=_gfp_s_&client=ca-pub-1447540957213601&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e96a98b86b593a267c26a4752e791435a78bbeffe0932dde731806462e7d950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 229ms
84ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offermate.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A835 193 KB
48 KB 1161ms
1026ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1447540957213601&output=html&adk=1812271804&adf=3025194257&lmt=1671215725&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.offermate.us%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724550&bpp=5&bdt=528&idt=430&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8010226533420&frm=20&pv=2&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=466

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e29326c1c8252cf2465776bf384fb6fbd3d91fc302149350f8b663fff1ac98f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49107
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:26 GMT
expires: Fri, 16 Dec 2022 18:35:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 206ms
66ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 16:44:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6671
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 18:44:14 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 144ms
62ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 16 Dec 2022 18:35:24 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A692FB0D40DC4949A0BD8C2E93F64CA6 Ref B: MIAEDGE1506 Ref C: 2022-12-16T18:35:25Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 215ms
69ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 18:35:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5GMzWja3ft8z4SPi+IiutSjSADFpufSW3RGP71Q5ZT/4N5Qvoggug6F8b7U5iAMRbDnWJ0HZDZDq1Ln5SKuCEQ==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 AGSKWxVaF1y7_7rFe79_JIAwXq_qROAyp6YNEf07m_ytuX8r6n4WgYx4Y1rIz9tMPbbnxkgAaNs30aJm0oYqbIOf0mw= Show response
fundingchoicesmessages.google.com/f/ 113 KB
40 KB 243ms
104ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVaF1y7_7rFe79_JIAwXq_qROAyp6YNEf07m_ytuX8r6n4WgYx4Y1rIz9tMPbbnxkgAaNs30aJm0oYqbIOf0mw=

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c81869b88f6f49de16cea03c5c0c4f5af5116baebdff2d2afc3e68ad7505de0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mXRcuQepTeb0X9U_lGTnCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-mXRcuQepTeb0X9U_lGTnCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/ 1 KB
910 B 169ms
92ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/868040956/?random=1671215725075&cv=11&fst=1671215725075&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.offermate.us%2F&tiba=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&auid=455209523.1671215725&uaw=0&data=AdBlock%3D0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDZSNKH

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61d1834dc3b795cb4fc20b91d9a8f9de59f7f7fdcec215eed927e4f13bddfcec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 27016625.js Show response
bat.bing.com/p/action/ 0
118 B 143ms
141ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27016625.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 16 Dec 2022 18:35:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A8C375151DF3438F94F2B7815FCE1123 Ref B: MIAEDGE1506 Ref C: 2022-12-16T18:35:25Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 61ms
60ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27016625&tm=gtm002&Ver=2&mid=eac064cf-5678-45fd-8fad-b927e9bf49c5&sid=67f261407d7011ed87eaafab63399896&vid=67f283307d7011ed9372d340219ec751&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Offermate.us%20%7C%20Weekly%20Ads,%20Deals%20and%20Sales%20Ad%20Preview!&kw=Latest%20special%20offers,%20offermate.co.uk,%20special%20buys,%20special%20offers,%20catalogues,%20weekly%20ads,%20weekly%20offers&p=https%3A%2F%2Fwww.offermate.us%2F&r=&lt=1306&evt=pageLoad&sv=1&rn=439609

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Dec 2022 18:35:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ABB37C7A0EDC41DFB94646E628757903 Ref B: MIAEDGE1506 Ref C: 2022-12-16T18:35:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/868040956/ 42 B
548 B 232ms
85ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/868040956/?random=1671215725075&cv=11&fst=1671213600000&bg=ffffff&guid=ON&async=1&gtm=2wgbu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.offermate.us%2F&tiba=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&data=AdBlock%3D0&fmt=3&is_vtc=1&random=617045745&rmt_tld=0&ipr=y

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 213ms
79ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=722654441&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offermate.us%2F&ul=en-us&de=UTF-8&dt=Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=483674119&gjid=646484026&cid=637920405.1671215725&tid=UA-24834420-23&_gid=668962019.1671215725&_r=1&gtm=2wgbu0TDZSNKH&cg5=site%2Findex&cd2=0&z=316032152

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 478813288996064 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 181ms
108ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/478813288996064?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdf658d42009a4ba188c24d84eb9b76fb7bdb90057c7fda60c0c66960da7a2f2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 16 Dec 2022 18:35:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ftgYVxDuGzXC3DjUYlJYIQFVuSYpRh3fWJQp9F6e/hmvP2ruvs7FYmMBK4lCGZa9295AIg+x79W++uD4lvhYHg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 217ms
80ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offermate.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 965A 436 B
236 B 1101ms
1098ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=250&slotname=9548902481&adk=2023022467&adf=2994261189&pi=t.ma~as.9548902481&w=970&lmt=1671215725&rafmt=12&format=970x250&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=2&bdt=534&idt=523&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=2&uci=a!2&fsb=1&xpc=7v7LOVqc7r&p=https%3A//www.offermate.us&dtd=900

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c4badc56d92e303fffbd2de827f8af35bd81277eed7769e2ff1cd3ddd905e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:26 GMT
expires: Fri, 16 Dec 2022 18:35:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7AC 26 KB
12 KB 1081ms
1080ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2253931658&pi=t.ma~as.3636510535&w=300&lmt=1671215725&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=1&bdt=534&idt=530&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0%2C970x250&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1nAXLpW9KM&p=https%3A//www.offermate.us&dtd=908

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4b15d2ffde35fb7664d124a18cacc52283c7aceb3ac8594ac540ced31bbcb22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11830
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:26 GMT
expires: Fri, 16 Dec 2022 18:35:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxXoKwm2aCMEjlUqsMzi2SSioLkOc_OYQeAWcOsnIWv6Q7roDutOk8_6YT8HT-FY_WIVHm6UgRQh8MGNPlZjCao= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 259ms
125ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXoKwm2aCMEjlUqsMzi2SSioLkOc_OYQeAWcOsnIWv6Q7roDutOk8_6YT8HT-FY_WIVHm6UgRQh8MGNPlZjCao=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMjE1NzI1LDQ3MjAwMDAwMF0sIjZFRUE2MjIxLTY3RDEtNDZGNS1BQjE3LThGOERCRUVFODA4MCIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly93d3cub2ZmZXJtYXRlLnVzLyIsbnVsbCxbWzgsImE1eU5DVEhRRjkwIl0sWzksImVuLVVTIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9098b0333640086d3ec12a46046ca91e7521119555d591ab5fbd6372e714264

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-smaPqJvBdox1B8s4NmOC-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-smaPqJvBdox1B8s4NmOC-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
441 B 189ms
67ms XHR
text/plain 2607:f8b0:4004:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24834420-23&cid=637920405.1671215725&jid=483674119&gjid=646484026&_gid=668962019.1671215725&_u=YAhAAEAAAAAAACAAI~&z=648767546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 18:35:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offermate.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 216ms
68ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=PageView&dl=https%3A%2F%2Fwww.offermate.us%2F&rl=&if=false&ts=1671215725662&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671215725661.820422478&it=1671215725331&coo=false&rqm=GET

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Dec 2022 18:35:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 218ms
83ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-24834420-23&cid=637920405.1671215725&jid=483674119&_u=YAhAAEAAAAAAACAAI~&z=590752582

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVjesFW9V8MweynjTQbCzEUKxEY9Wa_ZwaYdrJOSvfglrZ4j_NYrFjI_cDJKAEgDA74e3ODfeEZcFxQGvWHeruUcsabtPVVQLKSHjRl4-VI6jXzROs5Cso8QLHQEb6nNLrNiO1Naw== Show response
fundingchoicesmessages.google.com/f/ 14 KB
6 KB 118ms
118ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVjesFW9V8MweynjTQbCzEUKxEY9Wa_ZwaYdrJOSvfglrZ4j_NYrFjI_cDJKAEgDA74e3ODfeEZcFxQGvWHeruUcsabtPVVQLKSHjRl4-VI6jXzROs5Cso8QLHQEb6nNLrNiO1Naw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMjE1NzI1LDczOTAwMDAwMF0sIjZFRUE2MjIxLTY3RDEtNDZGNS1BQjE3LThGOERCRUVFODA4MCIsbnVsbCxudWxsLFtudWxsLFs3LDEwXSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxXSwiaHR0cHM6Ly93d3cub2ZmZXJtYXRlLnVzLyIsbnVsbCxbWzgsImE1eU5DVEhRRjkwIl0sWzksImVuLVVTIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f37da54d326b99171b82af3e0f90a8022b3cafa3caa5db1064a841340b4485a7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SWd4vdpcT756EVzY5Bualw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-SWd4vdpcT756EVzY5Bualw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 139ms
67ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=478813288996064&ev=Microdata&dl=https%3A%2F%2Fwww.offermate.us%2F&rl=&if=false&ts=1671215726167&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Offermate.us%20%7C%20Weekly%20Ads%2C%20Deals%20and%20Sales%20Ad%20Preview!%22%2C%22meta%3Adescription%22%3A%22Here%20you%20have%20all%20the%20PREVIEWS%20weekly%20Ads%20and%20deals%20of%20stores%20at%20your%20disposal.%20Offermate.us%20provides%20Ads%20for%20Publix%2C%20Aldi%2C%20Kroger%20and%20many%20others.%22%2C%22meta%3Akeywords%22%3A%22Latest%20special%20offers%2C%20offermate.co.uk%2C%20special%20buys%2C%20special%20offers%2C%20catalogues%2C%20weekly%20ads%2C%20weekly%20offers%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.offermate.us%2Fimg%2Fmaskot%2Fmaskot-main-happy.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671215725661.820422478&it=1671215725331&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 16 Dec 2022 18:35:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 150 KB
51 KB 93ms
93ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js?bust=31071167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65ea40ab44d4fa019c0a48580c04386e6c42b969ea8f831672cc6347717edbc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52335
x-xss-protection: 0
server: cafe
etag: 2370602636576522655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 18:35:26 GMT

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 2 KB
3 KB 105ms
100ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist11&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-11-shop-tiles-prepend&d%5Bcategory_id%5D=11&d%5Btype%5D=visible&d%5Bshops_in_line%5D=12&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

fe4dc37903f228e23bdf7d8a80e4b95b74639233b52e316f16005e125ad09d15

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:05:20 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:26 GMT
x-upstream-backend: letakomat-sfo2-w002
content-length: 570
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:05:21 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 105ms
102ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist14&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-14-shop-tiles-prepend&d%5Bcategory_id%5D=14&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

a207fc4201f0d924d9f4e7e3a802f0a153d63618496385cbb3e58aa6f2a4bdb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:05:20 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:26 GMT
x-upstream-backend: letakomat-sfo2-w008
content-length: 439
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:05:21 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 106ms
103ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist12&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-12-shop-tiles-prepend&d%5Bcategory_id%5D=12&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

96ec0f57e578dfde10226d62a8cf0b2248ae8231a68749db24b83ca02f0688a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:05:20 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:26 GMT
x-upstream-backend: letakomat-sfo2-w010
content-length: 437
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:05:21 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 106ms
104ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist15&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-15-shop-tiles-prepend&d%5Bcategory_id%5D=15&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

a4ff54b33055883529652c5ee3251116bc2cb70e81bc38ad3bb4a22c11b2c233

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:05:20 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:26 GMT
x-upstream-backend: letakomat-sfo2-w005
content-length: 456
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:05:22 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 914 B
2 KB 200ms
199ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist16&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-16-shop-tiles-prepend&d%5Bcategory_id%5D=16&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

8b561dfb613b3ce2817a2a104a5c926fb98ae34b96c0e6cecd70247199bfba2e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:05:20 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:26 GMT
x-upstream-backend: letakomat-sfo2-w006
content-length: 386
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:05:21 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 200ms
200ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist17&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-17-shop-tiles-prepend&d%5Bcategory_id%5D=17&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

6bfd9594e0deab6eb276ac768a5f78cbff9b2e5268e6d5f93c51049bd1c731b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:05:20 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:26 GMT
x-upstream-backend: letakomat-sfo2-w004
content-length: 429
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:05:21 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H2 200 / Show response
www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/ 1 KB
2 KB 200ms
199ms XHR
text/html 2604:a880:2:d0::867:1
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offermate.us/js-content/prepare-data/hp-category-shop-tiles/?v=visibleShoplist26&u=%2Fjs-content%2Fprepare-data%2Fhp-category-shop-tiles%2F&p=1800&c=category-26-shop-tiles-prepend&d%5Bcategory_id%5D=26&d%5Btype%5D=visible&d%5Bshops_in_line%5D=6&m=before

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/js/joined/external.min.js?t=23853d8003bce61597b9d04f9b2cceb9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2604:a880:2:d0::867:1 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx / Hyperia

Resource Hash

3fd12deefa64862014e7ca38f43f830c3aa80a1b51b0e61cd1836412fffc369b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Request headers

Accept: */*
Referer: https://www.offermate.us/
X-CSRF-Token: kLDgwR2tVMxWIwyWSbnp1jbE3653Ri3fauyuP1-oK32g_9SURfdjmW9OT6EAibqeDrDv9hA0bLcv2Ol3HsYaLg==
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-proxy-cache: STALE
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=10; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' *; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip
x-proxy-date: Fri, 16 Dec 2022 18:05:20 GMT
x-powered-by: Hyperia
x-proxy-date-now: Friday, 16-Dec-2022 18:35:26 GMT
x-upstream-backend: letakomat-sfo2-w003
content-length: 413
x-xss-protection: 1; mode=block; report=https://hyperia.report-uri.com
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 16 Dec 2022 18:05:21 GMT
server: nginx
x-frame-options: DENY
report-to: []
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=7200
feature-policy: accelerometer 'self'; ambient-light-sensor 'self'; autoplay 'self'; battery 'self'; camera 'self'; display-capture 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; gyroscope 'self'; layout-animations 'self'; magnetometer 'self'; microphone 'self'; midi 'self'; oversized-images 'self'; payment 'self'; picture-in-picture *; publickey-credentials-get 'self'; sync-xhr 'self'; usb 'self'; wake-lock 'self'; xr-spatial-tracking 'self'
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), layout-animations=(self), magnetometer=(self), microphone=(self), midi=(self), oversized-images=(self), payment=(self), picture-in-picture=(*), publickey-credentials-get=(self), sync-xhr=(self), usb=(self), wake-lock=(self), xr-spatial-tracking=(self)
x-proxy-cache-type: a30m

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 80ms
80ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offermate.us

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame C985 10 KB
4 KB 71ms
70ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:30:36 GMT
etag: 10353107486223812946
expires: Fri, 30 Dec 2022 18:30:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/165/ 762 B
1 KB 87ms
45ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/165/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e812266ac27e3f1720ebc553de65acec90cfc1782bcd36bb1a8305478574018

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 13:15:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3219282
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER%2Be9YyblqQDu4SecV71Mt0Bs9nHo2dg6yx8xEu4619Ra40xKUB34ZWxYMOHe8Dl9BOPS7vAlaK%2B6XExIHXLbYTwUQ7Ibnu4TbcgPpEDRQNrSWRCPNcdcDZLNDR%2FRMAA3T5clnzTgoWUwqBi8BO%2FTkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7367ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/123/ 1 KB
2 KB 120ms
80ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/123/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8977d2ea89b22a6ac43969fb601b0e9075cfc56eaea69126063f5d36604dbd08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 19:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3219282
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLi83CdK8DIiauDMR%2Fzro%2Fm%2BrO5zM2jAagUsHX7hMaJEZSdtzBJspCUEQU4BSaTO%2F8D1hzHN3OYSpdeoeGj5ZipejQx%2BzNU0hsAJ%2F%2Flb2iF8QEtXMYc6%2Fz8300ri7NWWNNWr%2F5DNlLOTSXidK3vvfko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7267ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/94/ 1 KB
2 KB 82ms
44ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/94/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7828a5bc85904d079437337a002bbea4d4c87041a6ee7f6a99b063fd923fce29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 18:47:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3219282
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JYWE96ZqtuMPMJeZfLm1%2BEz9vJN2jjGYj0d2d2Zt8Dd1KVAubc7qY8qfw3N98x3VKcO8vQNh5FFBnh%2BzEuRz3NsfQmK6CH4CJd6eJhJTh1QYtHqq%2FF0X90kr6GA75Tw9F6h4MMneGUPoFigVSk0Gfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7167ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/97/ 494 B
995 B 112ms
77ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/97/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 197baf71752364617bd9929b66a95800e32d52a9d772462321b315d392f53a7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 12:11:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3219282
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMACRBFoUwvIbcmwrFRhlwH71OS8aZ6OSi8IgNmTR6QKhtOTP8udO%2FylhiPsio3Xf70fYrKmTfnbucD9N6jJO7COKqGDfyoVK6CBKkXU3itQC9KbMC7CvSodWTKL4YCGbXtnbL3qQfGksyJzMNFViKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7067ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/204/ 1004 B
1 KB 82ms
47ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/204/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2aef827372813cba5b8b8ae139932da6592afdc6b504922aa6cb0d3f49d30d7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 21:09:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 155881
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5W45rmZtnR1o7Ut0yftz7n28U2bfPfnoAV01eJppzqTuONi6k2RvZXnQZiMqfnPb8%2FyFSBQtqrfbO03RY%2F2PQGRsU1JGX0br2hV0U1uptVkywtDV8mWXaeh1gP%2B7KrsB1ZzJiVAovyu1F9nG%2BdKd%2BDk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7867ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/21/ 870 B
1 KB 80ms
46ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/21/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d854887c44f508723c55232b873e3341b9318ddaf6b1a20fee6433b8fb168b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 21:23:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 765810
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsfaGvOR1HXPtRN72NwK9dtX810TWp%2FO2YWQbcLtSzLv0Uk5KjfI9EHAd0C5bDbrDRJBw2e9DoALcU3O2tEOpv3RtjbVqtwcT7O2kP6rHlPaJ5fxQy90SHT9CPMAYiE3rk9QMc%2FGrmJDeABYkMVvKwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7467ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/19/ 622 B
1 KB 114ms
80ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/19/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4dd6f056f8b25904142307e2fc6eb8b6b9ba8e7eeb8d3fea15add77aef98e39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 15:37:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229915
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTFPJrp8b7ZsgReqzkpcSzRMygqjzt1EJuxAj9JqK0huUIfh%2FE8Qv8Vxp5DyqzApP00BX9XaDZ0ZvVva%2F4u8zw%2Bh7DTxdxSUN3lPVnr8jRM30N2WvUm3%2FwjkvYOMbt7IRj1%2FSCLDaivaJHoyZ9uoUls%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7767ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/103/ 602 B
1 KB 80ms
46ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/103/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b4ad8d9670043a8bddfd23a873267f8a0b69d20c6d4462b99cd93bd2ec4fe5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 19:49:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1451121
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jROxZW3nslThgaf2bXAz3gOkrKhN5rmctFB6DytwJvsv01IQFefybtKBjkda%2BEweyq6FwN%2BHEzo8D5HaS6jSZdPMEW%2BhjzgCQel2Ms3inbxImMJsIP5kj%2FCaYj1h%2BWGL8fLVPOzISI6qYzhmAOkp41Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7a67ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/213/ 840 B
1 KB 81ms
48ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/213/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da80416501065eabe7ea25359a8b8811926d8a212f3ea94b8cd4c55efb7df3c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 22:05:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3230855
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0d57iBtngsl1%2BrJ3rxmMVltaTUPayQgF%2Fpgh2%2F3KfLjzOg5bHuV5ztSURER9n1EDOm6yDarXx5aXBKGSMNbd2ZN85rjy655P6oWN3%2BiaQ%2BObNp%2FlM79tskkypp5Mw2vSvTzOMI1Buz7wTvzk0LbeBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7b67ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/69/ 858 B
1 KB 78ms
45ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/69/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff97bcaf602dfe77d822148616137565b2006068bf13cfdba06381b36acb7b09

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sun, 03 Jul 2022 03:28:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3230588
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjcW9X8DhzClB39ZnsSJW0zciqZ0lbTBODE0xX7GR3YFIrfsWSCBr3RZaBX2rsZZ3QRYZ43NSbx6Pdny7%2F%2B6o6mefty6FUyZPJ5e5Su%2FYilpb%2FGbM9Hzu3f6YmK0n1ue0DqK0OAKk1FghBmHwl41cRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7c67ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/42/ 1 KB
2 KB 79ms
48ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/42/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69fa52163f2919f8779601fb55952724fd3bcc7d023a8aa46a745411549a1f07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 17:44:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3230587
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1re4Bci%2FIBQQvv5WEPU5nQGOEXk%2F%2Fno0VUtPSx%2F0G8%2FRqi9Y%2FU2NvQgEyS9K530KlElvA7coWHmTvKEu9oi2Nj%2B1rXrNcKmHXL8ZwNRuSzhU%2F94rQR31DCz3vM%2Bd0IF%2F%2BRgd1qQyp3Zf1t59WjPrcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc7e67ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/108/ 1 KB
2 KB 111ms
80ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/108/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9f6174ede3693c2d9532979043825dc703abfa9b5f3364c49abdecc96af24ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 22:08:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229752
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eX8LJ6b4F6DKFMsFSP4dJoJ6a8sB3gdpLvUX9JqfZJ50%2FUg35EzdIF9OIi%2B3s%2FidnbJ1mcOZoW0oWr2Eixj4VzhHDpoS81awbLLiTZwFQ%2BPx9Mv3%2FbTJhJ67ukmneOv6Cm8nTFaKiAy0ZY1AJ4w%2F8Q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8167ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/73/ 1 KB
2 KB 114ms
82ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/73/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97806b1ab991026f8028e149e626c2429e7675a7abb51291a97bf0798ca73d39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 19:01:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229752
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9479UPhz9kvaCmNQxbmgiQRv6HAGMag8JxTFtaHcoPmWcEBQCLqqX%2FH4szvDYMZk%2BbZoVXaAgPOOjWiX3CxFJb3VGFORsH%2B8Yey5KMJ2I3QYegEWwPfIuEluHHk4c6pXeqI4i7wuYJ2yWXfV3n8HVvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8867ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/58/ 1 KB
2 KB 114ms
83ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/58/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99991f39bb189ca2d44f080b2edeea85b4c271b947ac9e713dd090cd6bed3117

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 19:45:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229750
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKZVwqLtuYX3Y2bTR7RprK8l%2F1cuTUlybnS%2FFHcjaJqEvIKmtuJXHCxNgQMgppB5bAsKDZamULwsY6WNiw6jBayG9r0IVIQAIbUL8wMIcFcvMv8Rc9IIxJjhEYGmxgImDs2ltgOGv2QjScztfSEJmVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8967ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/81/ 998 B
1 KB 114ms
83ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/81/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d01b4cf70e0ed0b165975a9593af188e15a6a852639d17505e1caa8f947a5a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 21:28:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229750
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIfEI5noDjaTm0r9cQYvgDOeQ57OQhwhQRZ3UBqtCQm5iAAoRphgBvlMSofXbGmf3WZBU8%2F6c0txRdJVoigz5m01BSES5CluSlCqlAQ5GdVwc3Sx6bo0sT7gIrJ13L1QlGTBqNdHSU8%2B7BAtksqS7zw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8b67ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/3/ 736 B
1 KB 114ms
83ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/3/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3765812085e78cf5c8ef508d37dbb388e759a41b38a750074c9f89c3ce009d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 14:11:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3225103
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5INEPxSBdHvBCSHvy7c291waGt7hFRk5SZXUbg4iaSUu8z1WSyxio8A5Fj%2BRKtWAO%2BCbQvnuyfxEY3TH%2FzrwpzB6YXD55xoqLeuSPzDc6pQYN3wU6zmNSpzwToPEKijzUc1dgfcBOtV%2BHTF4ynxjrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8f67ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/2/ 474 B
976 B 118ms
87ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/2/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618119c8b74b2688669bffa930cf626b72bf6cb5cb7c9e63d7f58ae6069f69ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 19:11:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229749
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkSul6liHeXeC8NExTUMzbjvm2YQ%2Fw2zZe4QBRAqK0fdy7xyGB5MtiRpV0HRp0%2FkV2N%2B4a9Sl0qxkre9BfGsCCtzIF9y%2BK6rxMDsTA2IyVfdTd6qbuiq8HmH7e5eR18CtEdYq9Ss0W24qi%2BoTuS0Doo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc9267ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/78/ 1 KB
2 KB 117ms
87ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/78/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd865c4cfa19eae7a2ab528225e0cef75faaf0191f506835cdf7d8df1a09e919

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sun, 03 Jul 2022 00:43:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229749
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMNrYGTBROieUPb6noHUoqE8JboAu%2BhsjCeB2T5akyYgmbDrL%2Bz0ljTrf%2Bnwo66ctVHMbuEVJZXSgCJh1wtOL5dBNhxU%2Fdx5viITyndHEeNlGbGltKOo4DvySMB9WEfBQTWEvvhxKQqYsK%2FA4Ue5vaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc9467ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/110/ 1 KB
2 KB 117ms
88ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/110/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6ea7197c129da3836559a176c818194155e9c55e1488a53737b4f5b5cdb55e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 16:04:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229845
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9NkQ8%2Fbpq1U5ahrN9TstNoM1Cf04Q4YPXhDZZpkN%2FICBfKXNZOEdGEsP5x%2Bb8EVtSYzo23odfVnNRwRZ8vDP8XA7JQvsE90JupoN4i1hSfNy2HbhpDSx4NKTMZd8cBT29MVVsLpnkuVXRMbJrGCzVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc9567ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/93/ 878 B
1 KB 117ms
88ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/93/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7947f7ef98f28e9f013b67c652054290168a9f1cea35d6adaf1d9cf94b189fda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 17:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229917
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bljw02LBwoS4q%2F2KjIOciMguzToV1Ix61g3jpl0F6cQixbfK4h3umLoiB8%2BOyOgHE2KEtaIsi%2B4ulAqCZtHC0UTIRNlReklgjkgmsh67etffDiHi6ajK%2BJCO1BsGtNFU0UbNDQ7G67s8XfgrhH5GDHg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc9667ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/212/ 462 B
967 B 106ms
80ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/212/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e732bc8162534e2b55058624bb0d918c31c4f2281a06fdd11c9316c245c201

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 18:00:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229845
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbwmAxeDWyIZ%2FwOKgTZM9YRqxubGre1wwSCTriEhq5K%2FWHb7D0k%2BE0itX8FXMsqYFeUN%2BY7g5QpzHpsOuzZuStk82JtZV7DWw4Wi7EfnajShTOhO2VrK3ol%2Bd7g%2B0a7SZconVSzo3TmhhXAhbTSCwvw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8267ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/211/ 820 B
1 KB 107ms
81ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/211/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241a46fd048af19c00cd5f4dcaea50a1f55f3670eb08391958d4dac79de8431f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 20:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229858
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVHGzH7XqNlluKvpaHfPlJ3uI3cnD00YWWQGUKKRCuh7QRWH75lhwA1bbicnohtXP9j7uIkjR0gf5kOs5yPZaw5IDwoLj8ma7WDP19V9xZvPEXL1J9fZvT9bIcqtn1Fq7U40vtp3OgOrdUzkQ4EQvgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8367ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/210/ 656 B
1 KB 106ms
81ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/210/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91034096a2642e55a433bb4abeaf3190199d4995a8eb28774afd625b9064dd8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 22:13:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229858
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvIKztAmNTBgPsnBoxGvJnk99AKnluq2fTwTaGd1ZcvH41%2Bjtgs%2BIXlJUU7DC%2BdToeEZvrJjza%2BaYnfTxBa1Nat70ZaEEWtGvR1VPo0Q4HhXWJIfjxPEmiBrh%2F9kxCPLTgSKT07bb9SOP7Vf0IDQYos%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8467ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H3 200 logo_ss.webp
na.leafletscdns.com/us/data/203/ 976 B
1 KB 107ms
82ms Image
image/webp 2606:4700:20::681a:364
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://na.leafletscdns.com/us/data/203/logo_ss.webp
Requested by: Host: www.offermate.us
URL: https://www.offermate.us/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:364 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9ddde51ab92d004a75b2175f19078fbdf355497b8b9bd68de4737badc9493be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Jul 2022 20:20:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3229845
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQIr%2FNcj9DnAjrHmRXKoE1iXD3j3iWF4SSopOEOZqWoRlUymYp%2BXUEmTSUSh2NH4mEG7Eo%2BdyCKOCnXAnU%2Fw49FZQrk2wyyoMgK5n%2Ba%2B5vRrSFmCJ%2FkXsAcEaxuCs1pscRnAHfngKLyD2kn0ajPRDr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
cf-ray: 77a984d2cc8667ea-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 31556926

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E7AC 3 KB
1 KB 234ms
80ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2253931658&pi=t.ma~as.3636510535&w=300&lmt=1671215725&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=1&bdt=534&idt=530&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0%2C970x250&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1nAXLpW9KM&p=https%3A//www.offermate.us&dtd=908

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 20:09:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame E7AC 18 KB
8 KB 217ms
64ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 21:12:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E7AC 0
0 82ms
81ms Image
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSwbyV_ru6-U4s1kwrmfZVrkSBFApbEB4fZUz0gvehlgjUT-16L5tYonKhFKFKC4n-gLNB7ghPgnXassypuf9n0imBSBw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2253931658&pi=t.ma~as.3636510535&w=300&lmt=1671215725&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=1&bdt=534&idt=530&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0%2C970x250&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1nAXLpW9KM&p=https%3A//www.offermate.us&dtd=908
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E7AC 153 KB
47 KB 255ms
97ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:35:26 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C985 4 KB
636 B 214ms
81ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 18:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 18:24:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 18:35:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C985 205 B
296 B 209ms
68ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 04:15:12 GMT
x-content-type-options: nosniff
age: 224414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Dec 2023 04:15:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C985 604 B
1 KB 207ms
68ms Image
image/png 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 03:35:28 GMT
x-content-type-options: nosniff
age: 140398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 15 Dec 2023 03:35:28 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame C985 19 KB
8 KB 204ms
70ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 22:15:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 22:15:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E7AC 0
0 101ms
100ms Fetch
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkfrDbbqcY6mBIO2gzLUPob6bsAGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMTQ0NzU0MDk1NzIxMzYwMcgBCagDAaoEuwFP0BMZo9AT49PxpyA2Kca_QPUEh-4tiS7UsbfEgow6xNCiyAPOSIAKK7CRFJKQI6nhey5Vln6F4kFwuwkjQysCkYggsjbkUfl6HAc9QOFrQWCavwsoFnqf6cs2zX19a-Va0pk5taBgHvLg61SPQeldyhPrZVSRpZNXELaHgwZ-y7LE5my1CTsz3hAyovt9anlyQ7_uZxkvVO3gicXKsEBIeuxIEPAUMR8QuFiBzqUFC9Qw7_rY7SS31sVxgAbA_NXmtbvqn7kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTQ0NzU0MDk1NzIxMzYwMRgA&sigh=eHPEvO07c5A&uach_m=[UACH]&cid=CAQSPADq26N9n_3ma7qCbAypCPuAO2_abCs-A-ADW67mobfSUFViA6iRd_-T24M0XjBugYLHU22ewq7-YCW6OBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2253931658&pi=t.ma~as.3636510535&w=300&lmt=1671215725&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=1&bdt=534&idt=530&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0%2C970x250&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1nAXLpW9KM&p=https%3A//www.offermate.us&dtd=908
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Dec 2022 18:35:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame E7AC 0
0 195ms
58ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kLGWFNaCMKwC2ATiIp0XAgAAAJYBOIEtMWbAEGy6nGNzCZuogpP0RsXe8wASAAA&wp=Y5y6bQAIAKkAsxBtAAbfIVwcBWW2JPj9rhdQKw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 183244
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 6649 136 KB
45 KB 276ms
143ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y5y6bQAIAKkAsxBtAAbfIVwcBWW2JPj9rhdQKw&u=%7C5oDZkT0e13J0x90nL8wD81KQ3QLYRwF8Lmll6FLizJM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dBRN13b4BGNtWmG7CnrSyulZwxF75SlSWqtZhxJkTh9uXiBfeXXuOeaVfOLK-3oFmwj9eLNregFFUOnJn_hGQpkbHL_H2gECCy_DO-QooCwglE7JNqqF5ctoD5zaJ4s6XjECm8cU1xDP9gfFTg2q14iKgTDBM2hfqqi2tfvFSZvzzvEX3RuBFVW26pHsMkdPS_Lxt187hZXfvGCeodga30ed3qdB8ZDZfPkMnAWCayeXQEsn4Tix4AR4_1liOqQZUPkf_Cllu96owt1_fXXq2BfwHlrSYfiW8T5onzgg3P4RtO076tLOzKy7D82_uXHqUfEC-NgASJP-JFOX0RuWi2-hwURnOHafava-ex7JngAwR38P4ykHuqpau8zAe2e3VGzCdwQCtWhoj1yd1tHlVbWZOHl4ZomN7HuOby59evXomTZgpEmpZWKXrvEf6DOwnCASeDORZ-gOdP4EuRWiwm_WUon3XCeNumVVLWqPJnyd0ML9B3THhIeKElxGB-AN4t3H7hX_d6ZZmovnZ8c10stnQx67EVOlFQ8zV0N9pfDsOl115p8vTLcsGmQKYZZYggfxuJHJVcJChRkYv6t0MF3pal-P_T9UzaYzkyy21oAEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIPKNbbqcY6mBIO2gzLUPob6bsAGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMTQ0NzU0MDk1NzIxMzYwMcgBCagDAaoEvgFP0BMZo9AT49PxpyA2Kca_QPUEh-4tiS7UsbfEgow6xNCiyAPOSIAKK7CRFJKQI6nhey5Vln6F4kFwuwkjQysCkYggsjbkUfl6HAc9QOFrQWCavwsoFnqf6cs2zX19a-Va0pk5taBgHvLg61SPQeldyhPrZVSRpZNXELaHgwZ-y7LE5my1CTsz3hAyovt9anlyQ7_uZxltVs1yIjdDsIPBF2CjannXhiM4sXaZCj72cV35UeT09Y1hR8Wyf43DgAbA_NXmtbvqn7kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3u44YBjMMi_KczxcEV7CmQ9K2TbQ%26client%3Dca-pub-1447540957213601%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

bff96d7350eb95914a87918f6c051d09cba779a2d67e01ef2beb09e3b80efc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:26 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Tu7j5g_b8u-hIxCGWPMHR6YsofaKvstPHKaGOOwrOK_ULkoI5I4oXuZYsDqOz8tg4ZDM3u00wfGZkTVv8Ql8ebrkqAYs6AoFLOBUwBUpXOKjNiPBwP02bYydeuvnsUixuQx7pZAg0LGopatJxH5EMLkZ-69yTFGDFXwiDl3hHRZhX1xFHE5wi1UUX5lc7TJ83hClcc2Od-BiA3fpj64LQn-gSgZwkHIFOTi0LHKJeloyRq9OF4oDsRYXvpkPqFwJb3yhHw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 84617043
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0B1E 1 KB
643 B 65ms
65ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 51145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 04:23:01 GMT
etag: 48472445140208031
expires: Sat, 17 Dec 2022 04:23:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B1E
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK627G0NPyukNRrjtdmNbbg&google_cver=1&google_push=AavPq0MA4ByDlZN32NJbnm_8_mYJtC3mv2Bd0F6gqCaBt16okhrCWSS...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7b3c6b4e79fd144b&is_secure=true&networkId=14000&version=1&google_gid=CAESEK627G0NPyukNRrjtdmNbbg&google_cver=1&google_push=AavPq0MA4ByD...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHNai1eZfRRQM9wRkAAAAAAAA&expiration=1671302127&google_cver=1&is_secure=true&google_gid=CAESEK627G0NPyukNRrjtdmNb...

170 B
188 B

80ms
80ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHNai1eZfRRQM9wRkAAAAAAAA&expiration=1671302127&google_cver=1&is_secure=true&google_gid=CAESEK627G0NPyukNRrjtdmNbbg&google_push=AavPq0MA4ByDlZN32NJbnm_8_mYJtC3mv2Bd0F6gqCaBt16okhrCWSSLEfoBOks-Jvra6ErCafjlt2k3bAot-YTp8QisuXDrd9njgw

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHNai1eZfRRQM9wRkAAAAAAAA&expiration=1671302127&google_cver=1&is_secure=true&google_gid=CAESEK627G0NPyukNRrjtdmNbbg&google_push=AavPq0MA4ByDlZN32NJbnm_8_mYJtC3mv2Bd0F6gqCaBt16okhrCWSSLEfoBOks-Jvra6ErCafjlt2k3bAot-YTp8QisuXDrd9njgw
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0B1E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGKnyH2pxtqpHl-tFAo4KlI&google_cver=1&google_push=AavPq0NG_6TtDrOYBJV7JceKIYnpWegHNjBkWPe-kWKrMhaWWBFXOTIdjV3xPw2Xdw6h5l-jtWxf-2ObuLoSCf28_3vmKl9...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NG_6TtDrOYBJV7JceKIYnpWegHNjBkWPe-kWKrMhaWWBFXOTIdjV3xPw2Xdw6h5l-jtWxf-2ObuLoSCf28_3vmKl9q6ZpsCQ&google_hm=eS1ERDNONzJSRTJwSFJM...

170 B
232 B

93ms
86ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NG_6TtDrOYBJV7JceKIYnpWegHNjBkWPe-kWKrMhaWWBFXOTIdjV3xPw2Xdw6h5l-jtWxf-2ObuLoSCf28_3vmKl9q6ZpsCQ&google_hm=eS1ERDNONzJSRTJwSFJMRlZLaVptakJxTExNTVcxclk4Un5B

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0NG_6TtDrOYBJV7JceKIYnpWegHNjBkWPe-kWKrMhaWWBFXOTIdjV3xPw2Xdw6h5l-jtWxf-2ObuLoSCf28_3vmKl9q6ZpsCQ&google_hm=eS1ERDNONzJSRTJwSFJMRlZLaVptakJxTExNTVcxclk4Un5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B1E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PyQZJms_SKWQRBHM2WO_uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

125ms
80ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PyQZJms_SKWQRBHM2WO_uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Pf5eSaR7UAqCQKP10wAsfqgNZYnn2JEX6744zzGrT2AZO9Vn6vy_7jh1oF5ZOgGV6Za1ff-7k2OPBczE4nC4Dv_JyeIP4K-w

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PyQZJms_SKWQRBHM2WO_uQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Pf5eSaR7UAqCQKP10wAsfqgNZYnn2JEX6744zzGrT2AZO9Vn6vy_7jh1oF5ZOgGV6Za1ff-7k2OPBczE4nC4Dv_JyeIP4K-w
date: Fri, 16 Dec 2022 18:35:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B1E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-cd5d8dbc-80f3-40df-9b4b-cdb3abf76159-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAavPq0PqRgxNDrcxKJnmPj3VN...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q&google_hm=Bc1djbyA80Dfm0vNs6v3YVk

170 B
188 B

79ms
79ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q&google_hm=Bc1djbyA80Dfm0vNs6v3YVk

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 16 Dec 2022 18:35:27 GMT
Server: Tengine
ETag: RXcd5d8dbc80f340df9b4bcdb3abf76159005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AavPq0PqRgxNDrcxKJnmPj3VNlQ1tjp1Wc9i61HneJVp_V4RxqxwYBvR66ryR6lF1jZ8QHxLd1c1QDJc0qZE5zgVifLUmznydjjx9Q&google_hm=Bc1djbyA80Dfm0vNs6v3YVk
Content-Type: text/html
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B1E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELX2R-94NaIrdKWxG_Qs5sg&google_cver=1&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMvV-FwkVfwp6s51y3ikjGRgpOhR4XjaxFHiEsKLmjYn6...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMvV-FwkVfwp6s51y3ikjGRgpOhR4XjaxFHiEsKLmjYn6O...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NzIzMjQyNjMxNzIyNzkzNTk4Mg%3D%3D&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMv...

170 B
188 B

208ms
81ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NzIzMjQyNjMxNzIyNzkzNTk4Mg%3D%3D&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMvV-FwkVfwp6s51y3ikjGRgpOhR4XjaxFHiEsKLmjYn6OlUg

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTc0NzIzMjQyNjMxNzIyNzkzNTk4Mg%3D%3D&google_push=AavPq0PyVshETbABShGnbK54RMEKcL5HjEfiHyugtK4jh5FvHF8ZRBMvV-FwkVfwp6s51y3ikjGRgpOhR4XjaxFHiEsKLmjYn6OlUg
date: Fri, 16 Dec 2022 18:35:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET pub
cs.chocolateplatform.com/ Frame 0B1E 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0B1E
Redirect Chain

https://cc.adingo.jp/adx/push/?google_gid=CAESEDsykrRjw-z1aNvTXpKx14g&google_cver=1&google_push=AavPq0OZjgJ61ZLIaOpkdqfBqDf1AnXtRAswdaUgTTOFcRNLfFYTVNmutViYoTHJbHNLuvLEz7ys4-qu4Rq5LjCVgu6jkJAzj4aQNg
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0OZjgJ61ZLIaOpkdqfBqDf1AnXtRAswdaUgTTOFcRNLfFYTVNmutViYoTHJbHNLuvLEz7ys4-qu4Rq5LjCVgu6jkJAzj4aQNg&google_hm=1712a9fbf760a642a...

170 B
329 B

83ms
78ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0OZjgJ61ZLIaOpkdqfBqDf1AnXtRAswdaUgTTOFcRNLfFYTVNmutViYoTHJbHNLuvLEz7ys4-qu4Rq5LjCVgu6jkJAzj4aQNg&google_hm=1712a9fbf760a642a60461ac9cbc8aed

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AavPq0OZjgJ61ZLIaOpkdqfBqDf1AnXtRAswdaUgTTOFcRNLfFYTVNmutViYoTHJbHNLuvLEz7ys4-qu4Rq5LjCVgu6jkJAzj4aQNg&google_hm=1712a9fbf760a642a60461ac9cbc8aed
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: text/html; charset=UTF-8
server: nginx
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0B1E 0
232 B 224ms
78ms Image
text/html 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgFZzKiNEiAW1tp0wwatbniqbwXblO7bTCXtHYRKA_Jgi08E8rNrNsPqduYmQ0ZGUQ4hl1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 112ms
111ms Image
image/gif 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.855054656434277

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-JaOxRypPI8GgWlN1UrfkyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-JaOxRypPI8GgWlN1UrfkyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 96ms
92ms Image
image/gif 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.03818551976424667

Requested by

Host: www.offermate.us
URL: https://www.offermate.us/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-mokzTI0Hp3ncVxfU02mc7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-mokzTI0Hp3ncVxfU02mc7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E7AC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d04d5136b9647b83466d700587b21b875075a5abb5da08aabfce9b7ef5dc34a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame AFD3 9 KB
4 KB 202ms
70ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 15:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 15:31:48 GMT

GET
H3 200 2ee775d045286d05af7fe4da762740e3.js Show response
www.gstatic.com/mysidia/ Frame AFD3 149 KB
55 KB 204ms
72ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2ee775d045286d05af7fe4da762740e3.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8879a080003508dbe7793725d0d8aea45f79575197bbf327aa7184f53453b2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56757
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 19:35:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AFD3 4 KB
816 B 86ms
82ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 18:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 17:17:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Dec 2022 18:35:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AFD3 2 KB
765 B 235ms
83ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 21:12:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame AFD3 23 KB
9 KB 218ms
67ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 20:09:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AFD3 3 KB
1 KB 233ms
82ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 20:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 20:09:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame AFD3 18 KB
7 KB 213ms
63ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:12:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 21:12:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFD3 153 KB
47 KB 117ms
115ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:35:26 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame AFD3 34 KB
14 KB 194ms
70ms Script
text/javascript 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 21:12:57 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6649 2 KB
1 KB 189ms
56ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y5y6bQAIAKkAsxBtAAbfIVwcBWW2JPj9rhdQKw&u=%7C5oDZkT0e13J0x90nL8wD81KQ3QLYRwF8Lmll6FLizJM%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dBRN13b4BGNtWmG7CnrSyulZwxF75SlSWqtZhxJkTh9uXiBfeXXuOeaVfOLK-3oFmwj9eLNregFFUOnJn_hGQpkbHL_H2gECCy_DO-QooCwglE7JNqqF5ctoD5zaJ4s6XjECm8cU1xDP9gfFTg2q14iKgTDBM2hfqqi2tfvFSZvzzvEX3RuBFVW26pHsMkdPS_Lxt187hZXfvGCeodga30ed3qdB8ZDZfPkMnAWCayeXQEsn4Tix4AR4_1liOqQZUPkf_Cllu96owt1_fXXq2BfwHlrSYfiW8T5onzgg3P4RtO076tLOzKy7D82_uXHqUfEC-NgASJP-JFOX0RuWi2-hwURnOHafava-ex7JngAwR38P4ykHuqpau8zAe2e3VGzCdwQCtWhoj1yd1tHlVbWZOHl4ZomN7HuOby59evXomTZgpEmpZWKXrvEf6DOwnCASeDORZ-gOdP4EuRWiwm_WUon3XCeNumVVLWqPJnyd0ML9B3THhIeKElxGB-AN4t3H7hX_d6ZZmovnZ8c10stnQx67EVOlFQ8zV0N9pfDsOl115p8vTLcsGmQKYZZYggfxuJHJVcJChRkYv6t0MF3pal-P_T9UzaYzkyy21oAEg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIPKNbbqcY6mBIO2gzLUPob6bsAGcge-wXKLKp6p0wI23ARABIABgyYaAgNyjxBCCARdjYS1wdWItMTQ0NzU0MDk1NzIxMzYwMcgBCagDAaoEvgFP0BMZo9AT49PxpyA2Kca_QPUEh-4tiS7UsbfEgow6xNCiyAPOSIAKK7CRFJKQI6nhey5Vln6F4kFwuwkjQysCkYggsjbkUfl6HAc9QOFrQWCavwsoFnqf6cs2zX19a-Va0pk5taBgHvLg61SPQeldyhPrZVSRpZNXELaHgwZ-y7LE5my1CTsz3hAyovt9anlyQ7_uZxltVs1yIjdDsIPBF2CjannXhiM4sXaZCj72cV35UeT09Y1hR8Wyf43DgAbA_NXmtbvqn7kBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3u44YBjMMi_KczxcEV7CmQ9K2TbQ%26client%3Dca-pub-1447540957213601%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 6649 2 KB
1 KB 185ms
55ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6649 308 B
636 B 186ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 6649 293 B
621 B 185ms
61ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 6649 43 B
348 B 186ms
57ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=8T1E5rmr1SZz8sdD9x7fu-flMNmVRGf5LpYF2kkTQGU5beIR5TZlVjiOZUXMHGbr1dK6eZaUB-t_A3VdpNsjhTxeJcRiipk3R9Q0lsFXjIkkrAWF0erWWoA1z-B9GFhybygSU_Q30RZVtFF7dqAsA5WXQagi3RTL0GuHt5EEGFlDwGnYDzkJfa7P1975WrIra6XJ4aNGAscB9K_SJNc-gcw2z886zhf5lYew4JJFYm059FhaH9CqqayVeyp3esHkCehy1boB2NtBZGC6y7vTtPcLN4LIypYlGrfuf3ys7ICANbxo3Kz1mdBbxz2YcFF9mbCRTGbubu__vxupr9RUa7dNx5pnvzpeDUlt_pSGPSlrjr8SyeFrg1qSPc0FB5GT-UlJU8h3hdkPHHAIvdzkE5Jdpa48NNJGoX4XkxJthAkCion_cQB1754_zpTdsREZpHFJVg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2343204
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6649 12 KB
5 KB 116ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 84886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3%2Fo0H7NgyJvhD4L51INAT46PM72PO%2BSI9ON0CzSB2%2Bkybo8%2FdeQODJwRYI0C8r6If8LDV09EJg1leU9lUFBUJ0dW1n1GqW3mk5qgMgrCy61zt4Yceq3lwJcUN6%2BYN18S29Kwy8XhqLM4yecUqFaDC2V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77a984d63fa18dc1-MIA
expires: Wed, 06 Dec 2023 18:35:27 GMT

GET
H2 200 22777906de374d139b6b1e77da6e6a93_circularstd-book.woff
static.criteo.net/design/dt/ Frame 6649 37 KB
37 KB 183ms
67ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/22777906de374d139b6b1e77da6e6a93_circularstd-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

92f0fd1c23f26017bff521ec841b537e41749fba72ca5089b97dc68edddd4732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 12 Mar 2021 14:48:10 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"604b7f2a-92f0"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Dec 2023 18:35:27 GMT

POST
H3 204 AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 224ms
89ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KS993wlyNJAyxnOHMdmbvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KS993wlyNJAyxnOHMdmbvw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.offermate.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6649 12 KB
6 KB 181ms
103ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 787e96154a904415a58ab79bfe89a811_bg_n_300x600_1.jpg
static.criteo.net/design/dt/13073/221128/ Frame 6649 92 KB
92 KB 240ms
227ms Image
image/jpeg 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/13073/221128/787e96154a904415a58ab79bfe89a811_bg_n_300x600_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

781d20f6ab63e5c8efe76157ffcb7806dcf8b34127ae96a64156183344fa3fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 28 Nov 2022 20:36:45 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63851bdd-17026"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 94246
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 e00ea78724e74e888885f93271ae0996_cpn_300x600_1.png
static.criteo.net/design/dt/13073/221212/ Frame 6649 258 KB
258 KB 137ms
124ms Image
image/png 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/13073/221212/e00ea78724e74e888885f93271ae0996_cpn_300x600_1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

54ff0cc1da68ac3c4a0ffefd678a80df3ee64360dda5a9729c26a52e381f44ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 12 Dec 2022 23:10:08 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6397b4d0-4066d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 263789
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 6649 9 KB
10 KB 206ms
58ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13073&q=80&r=0&u=http%3A%2F%2Fcompanystore-res.cloudinary.com%2Fimage%2Fupload%2Ff_auto%252Cq_auto%252Cdpr_auto%2Fw_auto%252Cc_scale%2Fwebimages%2F50680d_wfdobby_c21_infinityblue_duvet_main.jpg&v=3&w=400&s=TCvRI2z6z1NGmPlIRqdOCTGv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

233f8b68d5b4b1c127d9158d9f95264db585de59615870c0f35f7206fd2b1f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31214723
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9504
expires: Wed, 13 Dec 2023 01:20:50 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 6649 7 KB
7 KB 332ms
184ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13073&q=80&r=0&u=http%3A%2F%2Fcompanystore-res.cloudinary.com%2Fimage%2Fupload%2Ff_auto%252Cq_auto%252Cdpr_auto%2Fw_auto%252Cc_scale%2Fwebimages%2F90247c_metaltree_tiered_small_silver_main.jpg&v=3&w=400&s=3ZOvfjk6CdjcoJ32gWNuRdfP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

993bf0be3660792988453fb0fcf226678fe0b7c7151dbd8dcb1ab2e14617ef4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30280604
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7154
expires: Sat, 02 Dec 2023 05:52:11 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 6649 22 KB
22 KB 391ms
244ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13073&q=80&r=0&u=http%3A%2F%2Fcompanystore-res.cloudinary.com%2Fimage%2Fupload%2Ff_auto%252Cq_auto%252Cdpr_auto%2Fw_auto%252Cc_scale%2Fwebimages%2F50990l_autumnpark_sheetset.jpg&v=3&w=400&s=WqQiAUNxCs_CCoVuNzQEcRGL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

8ee58d7a465790bceb3d5565174bd85909ff338ccd8ae434cf5a262e5e04f6b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29258314
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22714
expires: Mon, 20 Nov 2023 09:54:01 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 6649 41 KB
42 KB 335ms
187ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13073&q=80&r=0&u=http%3A%2F%2Fcompanystore-res.cloudinary.com%2Fimage%2Fupload%2Ff_auto%252Cq_auto%252Cdpr_auto%2Fw_auto%252Cc_scale%2Fwebimages%2F50936e_wintergarden_cream_comforter_main.jpg&v=3&w=400&s=nKs0mRAjIPObG8WKocZkMRW7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2a3fb34ae025677212e700cb7d111a98de45647c886e935b922780fd462a89a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29350944
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42204
expires: Tue, 21 Nov 2023 11:37:52 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 6649 43 KB
43 KB 206ms
58ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=13073&q=80&r=0&u=http%3A%2F%2Fcompanystore-res.cloudinary.com%2Fimage%2Fupload%2Ff_auto%252Cq_auto%252Cdpr_auto%2Fw_auto%252Cc_scale%2Fwebimages%2F57128_floral_interlock_rusetttaupe_main.jpg&v=3&w=400&s=LnxsDHEdO_vZ_flMEoklXA_S&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

99dbbb83845a12f36b66597ed4a0bdb54bb2b7cc3423befa2fa6cc1f5e587326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28908853
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43874
expires: Thu, 16 Nov 2023 08:49:41 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 6649 0
128 B 183ms
57ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=Tu7j5g_b8u-hIxCGWPMHR6YsofaKvstPHKaGOOwrOK_ULkoI5I4oXuZYsDqOz8tg4ZDM3u00wfGZkTVv8Ql8ebrkqAYs6AoFLOBUwBUpXOKjNiPBwP02bYydeuvnsUixuQx7pZAg0LGopatJxH5EMLkZ-69yTFGDFXwiDl3hHRZhX1xFHE5wi1UUX5lc7TJ83hClcc2Od-BiA3fpj64LQn-gSgZwkHIFOTi0LHKJeloyRq9OF4oDsRYXvpkPqFwJb3yhHw&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 16 Dec 2022 18:35:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6649 2 KB
1 KB 67ms
60ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Dec 2023 18:35:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6649 2 KB
1 KB 277ms
270ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 11 Dec 2023 18:35:27 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame AFD3 0
327 B 473ms
165ms Ping
image/gif 2a00:1450:4013:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lbqup00i&c=1341960034592&slotId=670980017296&qqid=CJzMk93j_vsCFU8qswAdiooKcQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2ee775d045286d05af7fe4da762740e3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c02::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mqdefault.jpg
i1.ytimg.com/vi/wk_FVN1E_mo/ Frame AFD3 11 KB
11 KB 205ms
65ms Image
image/jpeg 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/wk_FVN1E_mo/mqdefault.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ba49e607ddf4b4f25ec7a01b592fe3edcfbe553cdcacd653e19029487cc93e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 17:36:43 GMT
x-content-type-options: nosniff
age: 3524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10774
x-xss-protection: 0
server: sffe
etag: "1669994660"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 16 Dec 2022 19:36:43 GMT

GET
H/1.1 206
Partial Content videoplayback
rr5---sn-5uaezn6d.googlevideo.com/ Frame AFD3 1 MB
1 MB 152ms
50ms Media
video/mp4 2607:f8b0:4002:20::b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5uaezn6d.googlevideo.com/videoplayback?expire=1671244526&ei=brqcY4XOA6G50_wPnq69eA&ip=2001:550:1d05:1::5&id=c24fc554dd44fe6a&itag=18&source=youtube&requiressl=yes&mh=CO&mm=31&mn=sn-5uaezn6d&ms=au&mv=m&mvi=5&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=19.776&lmt=1669994819940167&mt=1671215395&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIhAMpBUvmydDuGkCmshCejTNJa0zT7grVzwyY4WiNBvf9OAiA_xBS2yPD9CCZ-aFhw08cQQk5ZUNFWfvdy2xKorabXzA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAPCqwSzZVeq4wr_DpgRY1gGXg570OqsF4IcuvBYD8xzwAiAyp-bMsp8XJBSmPjEWns4I7QoQ6z3hl4dI1eZ8uCtW3g==&cpn=d2AasWq9GfFyghWB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4002:20::b Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f1b8459126998109517499ccd0fd2000f8d9f3c7c66cd0d2a26a222f32b9fe36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range: bytes=0-

Response headers

Date: Fri, 16 Dec 2022 18:35:27 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02 Dec 2022 15:26:59 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1452931/1452932
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1452932
Expires: Fri, 16 Dec 2022 18:35:27 GMT

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 47A8 36 KB
16 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 09:38:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 219ms
88ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae493e14304c86985e882d37986036cdfe8ad5a68e76d9564dfe317a8324aff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11109
x-xss-protection: 0

GET
H3 200 adbox1. Show response
fundingchoicesmessages.google.com/f/AGSKWxWhvk3WJimlNDwZU8k8JfsOSn0edSG3NI8B6Josju18lyF1MTrWEyn7Y0c5SDlrFKqBiXMcbDODwqn2THItozcFb07yJ16EiPVY4ag-xd4Z7c6ZuWyQNV53AeBOddziG9BEHh0uPO3voRSEDiOAf8ubRIv6v... 54 B
109 B 92ms
91ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWhvk3WJimlNDwZU8k8JfsOSn0edSG3NI8B6Josju18lyF1MTrWEyn7Y0c5SDlrFKqBiXMcbDODwqn2THItozcFb07yJ16EiPVY4ag-xd4Z7c6ZuWyQNV53AeBOddziG9BEHh0uPO3voRSEDiOAf8ubRIv6vcpWrjNVIcE5AXyjdQ-Ob6DdWe5N57JV/_/adphoto./js.ng/cat=/local-ad._936x60./adbox1.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e08360eef30cc5b85f5f1a78296e1344aee87642c5f2850bb275c2f3858e8225

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6rjjPATozlr9lzvBZyppcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-6rjjPATozlr9lzvBZyppcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 81 KB
29 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.a5yNCTHQF90.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxYnJ_pzJb_971vQCP6zWrpPIk90Q/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a580791947e51ec9b7817f9308d53077b18dbcc2912171ed81f9ab1ea7513a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 850
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29541
x-xss-protection: 0
server: cafe
etag: 7686576320526828506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 16 Dec 2022 19:21:17 GMT

POST
H3 204 AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 89ms
89ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gGUmEYUkmVE_UWqy62Ih0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-gGUmEYUkmVE_UWqy62Ih0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.offermate.us
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 93ms
92ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_iG7ig3RqjPKzR8WeBmnTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_iG7ig3RqjPKzR8WeBmnTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.offermate.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 96ms
95ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z6sjGkMQ7TXobqavqK5gYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-z6sjGkMQ7TXobqavqK5gYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offermate.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 90ms
89ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU4Q1Gw0tnreZiwi-PEiCAimLrSvoaWSyzcEIisqTO_VYTuxDEVgv7gwZX0CRl-sDsk1U6cC191zBoIBH0cuo3R1ys-0fzPoEUixTBFcmwH0xedVIiQ-YRqwRKnsDVrVT_L-QKxtQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9m6154Ds02nMYmmmV2o2Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-9m6154Ds02nMYmmmV2o2Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offermate.us
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUhiFxv7nT8T5Uym-YZbBqCjmIUI2xbrGuI0qOpEFdVzHSMtWtdV82o1IK-fHGNLLCZAxCsx4SwqKBzQudMyGX7uF8FqHbmIaUJS0w5-lrDAEEbPpgaUNEb1kgYzba0nHXwMcGhBg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 104ms
104ms Script
application/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUhiFxv7nT8T5Uym-YZbBqCjmIUI2xbrGuI0qOpEFdVzHSMtWtdV82o1IK-fHGNLLCZAxCsx4SwqKBzQudMyGX7uF8FqHbmIaUJS0w5-lrDAEEbPpgaUNEb1kgYzba0nHXwMcGhBg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxMjE1NzI3LDc0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3Lm9mZmVybWF0ZS51cy8iLG51bGwsW1s4LCJhNXlOQ1RIUUY5MCJdLFs5LCJlbi1VUyJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29a752d15d7bd07fd03047e05da40ee76a449fddff6b07d11b0590ec14a42a86

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DKGf5GV6Mzc9HWV4naYGNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-DKGf5GV6Mzc9HWV4naYGNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 101ms
101ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 18:35:27 GMT

POST
H3 204 AGSKWxUwTApmsxdhxUsSSA-2cDuBggLZL9c1vZJlAPx3czNwJwHTn7PWiuaZ6I6XZUoGNFXA6bsIt1DbeTcsasyDLuPrNnem5FP9K22BZliCeD_kfhnWLG-UNT_UWWUZsHiq4WPMaydOPw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 92ms
91ms XHR
text/html 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUwTApmsxdhxUsSSA-2cDuBggLZL9c1vZJlAPx3czNwJwHTn7PWiuaZ6I6XZUoGNFXA6bsIt1DbeTcsasyDLuPrNnem5FP9K22BZliCeD_kfhnWLG-UNT_UWWUZsHiq4WPMaydOPw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ebniw4yvZgt-Sr_UXuUJMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 16 Dec 2022 18:35:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ebniw4yvZgt-Sr_UXuUJMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.offermate.us
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 61D6 13 KB
5 KB 66ms
64ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 23436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 12:04:51 GMT
expires: Sat, 16 Dec 2023 12:04:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F65 783 B
535 B 85ms
84ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db3989e843bb3c67c9fd9198755ce180ed96ba58c44f7cd3c25bf8021c0f1baa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-woVGuvqqCszwnM5NjmyBJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.offermate.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-woVGuvqqCszwnM5NjmyBJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:27 GMT
expires: Fri, 16 Dec 2022 18:35:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame 61D6 36 KB
16 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118607
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 09:38:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F65 0
0 87ms
87ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2535021534236116&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E7AC 42 B
64 B 87ms
87ms Fetch
image/gif 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4EwsuN9CPhaVH67jbpb_4QcfB8byAm-YixqW-fgjXQg-7BkPLlCrgNhdN3T3eVcd4q9XcMz2h9QpcvkgGtDUM62c&sig=Cg0ArKJSzOkv2iUMvjtnEAE&cid=CAASFeRoWADaOwqaWaAhIR3o9DPgcdjpfg&id=lidar2&mcvt=1007&p=0,0,600,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2725862456&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671215725467&rpt=1596&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 6649 0
127 B 58ms
58ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 16 Dec 2022 18:35:27 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 61D6 0
10 B 76ms
64ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?g2KGrg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame AFD3 0
17 B 469ms
168ms Ping
image/gif 2a00:1450:4013:c02::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lbqup00s&c=1341960034592&slotId=670980017296&qqid=CJzMk93j_vsCFU8qswAdiooKcQ&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/2ee775d045286d05af7fe4da762740e3.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c02::78 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 18:35:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2535021534236116&bg=!u7iluPzNAAYgquz3AKo7ACkAdvg8WqyHIh4qg1BeNf1norC0bFRN6zOzm8Kp7Epwjq_ghaHYcJH8jgIAAACEUgAAAARoAQcKAKmKKbMqRdkWOidq9vChjigkB23GIWrwvUwjrhm-OxVSrikfVn8mVvyOy134cWDkKrRa6wzkF9kOeEoucErn1DFZY4ycHjTgNPO5d2XXBdztVgIiu1v0OnatkVcVSyZxgrTpW3yy6uBk_qiEb9-XVA7TbItcq5GHs1vwERVdxbMhLE9diNLIQCo8o_AmpgzwqDtwZnZYoTlEb_6Yj7J-b7bNTZtqC1YfwBKhmQLh3pXx5SG424wqo48Jn2eTyJmIOtOCvus7ktb_U-uzCHFYBNet8h8MFcceZu4DscXk1MMZ1avdVkjXah7czm66SOqfYJfaE7jUwVaJ37DFLoRsRNh2QhyyQ3BFxLjeZUwv5fqPYqwjAZv8Ru1C1poArbqt3PNY3PawOQbrUS1CIHkKQA-hpnf0IhJQI_x6Xr7964BWLs_81FNR_j0ff13xctipMhROfJONs7uO1_3Gr3yMHXyA_g3KncXj4Vfqb-XAYPkt4a-8s1D1Fn5etvV0n1aCCvMaR_AJ_6ssHxsGE4j27N_QLtcoNafkkqgXyY0aberPDk28K_wjQB-vo2RHKCuaGdZlImi3iVK46MhbssfuO51eys66Mzck7CbLt5uG5tWUChrs925GIzgAROiYVbbd_e7sSNY5N1pNA2qU9WCGKjh0X_Z5hkTE5E1SaNLEoeS3GAqjNlw5rpkIDqNa5t4dlEHoGXWC-dLpxiVwa6DqGjMX7iyZ8Ka-xHMDkrU3F3sw1iUz16Qr4X6J423DhfSZ8o9u9OWCIRdY6lrXzb27sJn4YnBOzyd6EJF7EBFdHSOhbily7SNcB4kPbf01tiK1bZeyeV8c-h6MuLvKKyE3OevvFHkVV8WgexeRXOs-cQOTidFp686dbfS2yuXRaE2UAf3mkhSiR6tCG4PnuaBPnjRVQm0KSJDOCduMMDcryh8mEILpc15Li4A9y1MCQXn7_ZGIgXiZNaq3DVWXFLiYwD8_c7s84byct2xExjD8drFj678GG7l25I7CBKn1Bvmx6jzHySASKeGaV-4ajYG8p7165cVtwOKbBdxM268Y5RASlewT09y8iC55gaKRG6jod3Q5rqqoiXjGD4v4p8iQNVY4gaGGpKpj2jV_n0HAR2Znr3CrJ0-RoMaKm8gHXsLx0-mkISVPN-FlYSaQmke4aX45UljeVb8z7arn4jn_9C0o9AnbB3ztdyEHi7bBYX8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.offermate.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 e00ea78724e74e888885f93271ae0996_cpn_300x600_1.png
static.criteo.net/design/dt/13073/221212/ Frame 6649 258 KB
258 KB 61ms
61ms Image
image/png 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/13073/221212/e00ea78724e74e888885f93271ae0996_cpn_300x600_1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

54ff0cc1da68ac3c4a0ffefd678a80df3ee64360dda5a9729c26a52e381f44ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:35:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 12 Dec 2022 23:10:08 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6397b4d0-4066d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 263789
expires: Mon, 11 Dec 2023 18:35:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEI1UF4X-Dxt7aR2RM6frXaM&google_cver=1&google_push=AavPq0PaNIW7VfqJTzVyTv0jleHPaLo0QHKwBGuRtvpwAgnp4z304b5POA5HpWFZFIo6UA8D0fX6UAOXATnYt080ueVLx6GBLKnrhg

Verdicts & Comments Add Verdict or Comment

244 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.offermate.us/	1970-01-20 16:59:11	Name: SrvCch Value: 0
www.offermate.us/	1969-12-31 23:59:59	Name: _csrf Value: 4be5b6a1762e326539ecaa0038d3f79108db0f807a3d80df0150880c2f36708ca%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%220O4UXZ7U9mC7I0SH8t0XgrAhE4GHAn1S%22%3B%7D
www.offermate.us/	1969-12-31 23:59:59	Name: PHPSESSID Value: jeql4giidcadjblsesp6h9b452
www.offermate.us/	1970-01-20 16:59:11	Name: push Value: 0
.offermate.us/	1970-01-20 10:23:11	Name: _gcl_au Value: 1.1.455209523.1671215725
.bing.com/	1970-01-20 17:35:11	Name: MUID Value: 12582771415D6C590914350D40CD6DB5
.bat.bing.com/	1970-01-20 08:23:40	Name: MR Value: 0
.offermate.us/	1970-01-20 08:15:02	Name: _uetsid Value: 67f261407d7011ed87eaafab63399896
.offermate.us/	1970-01-20 17:35:11	Name: _uetvid Value: 67f283307d7011ed9372d340219ec751
.offermate.us/	1970-01-20 17:35:11	Name: __gads Value: ID=e8778f9432ac508d-224014211dd900a9:T=1671215725:RT=1671215725:S=ALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA
.offermate.us/	1970-01-20 17:35:11	Name: __gpi Value: UID=000008d6ec1ad532:T=1671215725:RT=1671215725:S=ALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q
.offermate.us/	1970-01-20 17:49:35	Name: _ga Value: GA1.2.637920405.1671215725
.offermate.us/	1970-01-20 08:15:02	Name: _gid Value: GA1.2.668962019.1671215725
.offermate.us/	1970-01-20 08:13:35	Name: _gat_UA-24834420-23 Value: 1
.offermate.us/	1970-01-20 10:23:11	Name: _fbp Value: fb.1.1671215725661.820422478
.doubleclick.net/	1970-01-20 17:49:35	Name: IDE Value: AHWqTUk7z-HHdpH1CmkZKokb_I9NYCv0RJos6MSV3F7f4KEFHPXvpWmeiz2oftkwGqU
.3lift.com/	1970-01-20 10:23:11	Name: tluid Value: 1747232426317227935982
.adingo.jp/	1970-01-20 08:56:47	Name: ID Value: 1712a9fbf760a642a60461ac9cbc8aed
.pubmatic.com/	1970-01-20 08:15:02	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 16:59:33	Name: A3 Value: d=AQABBG66nGMCEDz1PurbPnTEHM5sT0BqFp4FEgEBAQELnmOmYwAAAAAA_eMAAA&S=AQAAAjbZKxI74CGNjb46oz6asP8
.dotomi.com/	1970-01-20 08:13:35	Name: DotomiTest Value: 7b3c6b4e79fd144b
.pubmatic.com/	1970-01-20 16:59:11	Name: KADUSERCOOKIE Value: 3F241926-6B3F-48A5-9044-11CCD963BFB9
.1rx.io/	1970-01-20 16:59:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cd5d8dbc-80f3-40df-9b4b-cdb3abf76159-005%22%7D
.targeting.unrulymedia.com/	1970-01-20 16:59:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cd5d8dbc-80f3-40df-9b4b-cdb3abf76159-005%22%7D
.offermate.us/	1970-01-20 16:59:11	Name: FCNEC Value: %5B%5B%22AKsRol_DE2oyUvcKKLC8b_skVQ0R23iRpbX5dfyEg617nE4CFqZv_j_Sth4ruwT-JyPjziVO-4U-yg27lUFyhAOn9XFlIKX_Y7_Bd7tCnjCH8VN1eOwuhpafTKxWqWdrSMnhys1L-qgbgNcZCqEqh4kwxgz0M2fs2Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'wake-lock'.
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, document-domain, encrypted-media, fullscreen, geolocation, gyroscope, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'layout-animations'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'oversized-images'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'wake-lock'.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-1447540957213601&output=html&h=600&slotname=3636510535&adk=2725862456&adf=2253931658&pi=t.ma~as.3636510535&w=300&lmt=1671215725&rafmt=12&format=300x600&url=https%3A%2F%2Fwww.offermate.us%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671215724557&bpp=1&bdt=534&idt=530&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De8778f9432ac508d-224014211dd900a9%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mau2F1i4-g4yy8U_2lZRt2f7xhmCA&gpic=UID%3D000008d6ec1ad532%3AT%3D1671215725%3ART%3D1671215725%3AS%3DALNI_Mayo3imCx3HUMWg5QR5e4va0iH04Q&prev_fmts=0x0%2C970x250&nras=1&correlator=8010226533420&frm=20&pv=1&ga_vid=637920405.1671215725&ga_sid=1671215725&ga_hid=722654441&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1245&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44779793%2C44780792&oid=2&pvsid=2535021534236116&tmod=1212937400&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=256&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1nAXLpW9KM&p=https%3A//www.offermate.us&dtd=908 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEI1UF4X-Dxt7aR2RM6frXaM&google_cver=1&google_push=AavPq0PaNIW7VfqJTzVyTv0jleHPaLo0QHKwBGuRtvpwAgnp4z304b5POA5HpWFZFIo6UA8D0fX6UAOXATnYt080ueVLx6GBLKnrhg Message: Failed to load resource: net::ERR_CONNECTION_CLOSED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; connect-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; font-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; frame-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; img-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' * data:; manifest-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; object-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; prefetch-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; script-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; style-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; media-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; form-action 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; worker-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' ; report-uri https://hyperia.report-uri.com; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=10; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://hyperia.report-uri.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ads.us.criteo.com
adservice.google.com
bat.bing.com
cat.va.us.criteo.com
cc.adingo.jp
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cs.chocolateplatform.com
csi.gstatic.com
csm.us.criteo.net
dclk-match.dotomi.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i1.ytimg.com
image6.pubmatic.com
na.leafletscdns.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
pr-bh.ybp.yahoo.com
rr5---sn-5uaezn6d.googlevideo.com
rtb.va.us.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.offermate.us
cs.chocolateplatform.com
104.36.115.113
142.251.32.98
199.127.204.171
2600:1f18:4e9:5a01:953b:8eec:4f4e:8fe
2604:a880:2:d0::867:1
2606:4700:20::681a:364
2606:4700::6811:190e
2606:ae80:1450:16::2010
2607:f8b0:4002:20::b
2607:f8b0:4004:c1d::9c
2607:f8b0:4006:809::2002
2607:f8b0:4006:80b::2008
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::200d
2607:f8b0:4006:824::2003
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2620:1ec:c11::200
2a00:1450:4013:c02::78
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.234.62.154
52.223.22.214
74.119.119.147
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ab34c57ee1f14bb1d6e37c059dffba89cadf80cbebd49a2971121d005af603
0a3765812085e78cf5c8ef508d37dbb388e759a41b38a750074c9f89c3ce009d
0b4ad8d9670043a8bddfd23a873267f8a0b69d20c6d4462b99cd93bd2ec4fe5c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c4badc56d92e303fffbd2de827f8af35bd81277eed7769e2ff1cd3ddd905e6c
0d511afc02a8e5c791db7620508773fe00bf24125241431009b825561bd4c680
0d9f243e38580effa8393e2fde8b1b6292b50af8653b8eb68a0fa5f4ae6a9d35
105cf9ddd93f9878d396ec4de2fc5670b7292e7aca0cbca8ffe7fb132dc4cb29
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
197baf71752364617bd9929b66a95800e32d52a9d772462321b315d392f53a7f
19d2f3e5f18643487919295ad4c38569a81bcf0991cfec959263028df7464a8f
20b7ec5c587ce88329c10b1ab2f288ecd11dcd57e5716e90d6a957f8fddd3db6
233f8b68d5b4b1c127d9158d9f95264db585de59615870c0f35f7206fd2b1f3f
241a46fd048af19c00cd5f4dcaea50a1f55f3670eb08391958d4dac79de8431f
259b67aae500877eceb2ab41928696ff03aa65b25cfd298f668030b87db493cc
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
27ec53402c2d42952e8e82510f6191417cace71630b568afcd2128c21bc8e00c
29a752d15d7bd07fd03047e05da40ee76a449fddff6b07d11b0590ec14a42a86
29e48bbb25dd73c5c9d988dbd04eaddde99afde50956735dc88f072c8d07a2e9
2a3fb34ae025677212e700cb7d111a98de45647c886e935b922780fd462a89a5
2a580791947e51ec9b7817f9308d53077b18dbcc2912171ed81f9ab1ea7513a4
2aef827372813cba5b8b8ae139932da6592afdc6b504922aa6cb0d3f49d30d7b
2ba49e607ddf4b4f25ec7a01b592fe3edcfbe553cdcacd653e19029487cc93e5
2bfd24b6018eabacf24d3b080bc0d1e596ef925f0ace36a75f2e0b366aa07b68
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33ee9d99b05cd79ec0f6ea663e67e2ec1dad603ecc1097f36e67f409d82c310c
3a8aa4f8289dbe27e4536ce7c9fd76fff9bb877120cdf5fef5d4b43da4d0f118
3b6ea7197c129da3836559a176c818194155e9c55e1488a53737b4f5b5cdb55e
3e812266ac27e3f1720ebc553de65acec90cfc1782bcd36bb1a8305478574018
3e96a98b86b593a267c26a4752e791435a78bbeffe0932dde731806462e7d950
3fd12deefa64862014e7ca38f43f830c3aa80a1b51b0e61cd1836412fffc369b
41f0b1f70226fc301262476fa425ce47d672231a09780fd1e1ba1830d8179daa
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
45b64cdda0bb21032dfb9ff73d0d66b32d4aa7c161f90acfe761359c3b8fdcce
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d854887c44f508723c55232b873e3341b9318ddaf6b1a20fee6433b8fb168b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e29326c1c8252cf2465776bf384fb6fbd3d91fc302149350f8b663fff1ac98f
54ff0cc1da68ac3c4a0ffefd678a80df3ee64360dda5a9729c26a52e381f44ae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
56d01b4cf70e0ed0b165975a9593af188e15a6a852639d17505e1caa8f947a5a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
618119c8b74b2688669bffa930cf626b72bf6cb5cb7c9e63d7f58ae6069f69ee
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d1834dc3b795cb4fc20b91d9a8f9de59f7f7fdcec215eed927e4f13bddfcec
65ea40ab44d4fa019c0a48580c04386e6c42b969ea8f831672cc6347717edbc2
681edf17a7cf0e80c5117629eec2531bf0bfd77ec9f9a8308a1bc2edac88a275
69fa52163f2919f8779601fb55952724fd3bcc7d023a8aa46a745411549a1f07
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6bfd9594e0deab6eb276ac768a5f78cbff9b2e5268e6d5f93c51049bd1c731b2
6dbe1fb9a4260a50ae25666e53e5bc28d26603b09257d3078ede6fb85c792250
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7368f0ad139592962f015c33a985f9114e12b422d986707d7986c1fc882b0151
759db94c655042b39e207f0193216b0d593e1dff2bdc804ff43aa82cfb80cf35
781d20f6ab63e5c8efe76157ffcb7806dcf8b34127ae96a64156183344fa3fcb
7828a5bc85904d079437337a002bbea4d4c87041a6ee7f6a99b063fd923fce29
7947f7ef98f28e9f013b67c652054290168a9f1cea35d6adaf1d9cf94b189fda
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8879a080003508dbe7793725d0d8aea45f79575197bbf327aa7184f53453b2d7
8977d2ea89b22a6ac43969fb601b0e9075cfc56eaea69126063f5d36604dbd08
8b561dfb613b3ce2817a2a104a5c926fb98ae34b96c0e6cecd70247199bfba2e
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee58d7a465790bceb3d5565174bd85909ff338ccd8ae434cf5a262e5e04f6b4
90788d0ac8dcc6a570be2e3594afae912c6ddf1990f6cd5d80481188b0d69ef2
91034096a2642e55a433bb4abeaf3190199d4995a8eb28774afd625b9064dd8e
9123ef5cf89cdb1ee2e6db82eb04ff97e874de65e8db71ddba2e66fde522ac06
92f0fd1c23f26017bff521ec841b537e41749fba72ca5089b97dc68edddd4732
96ec0f57e578dfde10226d62a8cf0b2248ae8231a68749db24b83ca02f0688a8
97806b1ab991026f8028e149e626c2429e7675a7abb51291a97bf0798ca73d39
993bf0be3660792988453fb0fcf226678fe0b7c7151dbd8dcb1ab2e14617ef4a
99991f39bb189ca2d44f080b2edeea85b4c271b947ac9e713dd090cd6bed3117
99dbbb83845a12f36b66597ed4a0bdb54bb2b7cc3423befa2fa6cc1f5e587326
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a207fc4201f0d924d9f4e7e3a802f0a153d63618496385cbb3e58aa6f2a4bdb7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dd6f056f8b25904142307e2fc6eb8b6b9ba8e7eeb8d3fea15add77aef98e39
a4ff54b33055883529652c5ee3251116bc2cb70e81bc38ad3bb4a22c11b2c233
a5a82c58d5b5a0c21fdcdd96daa06c5d2c10badc26def9a838dde13be7644733
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
ae493e14304c86985e882d37986036cdfe8ad5a68e76d9564dfe317a8324aff0
b156192d2524056dbc8af028d8a71dfb5a74346ccc5a0910ef98182005762a1b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7b63eeeefd76cca5d2056b980fc96e69d89415206e6a6c14ff68501a4468080
b9ddde51ab92d004a75b2175f19078fbdf355497b8b9bd68de4737badc9493be
bd865c4cfa19eae7a2ab528225e0cef75faaf0191f506835cdf7d8df1a09e919
bff96d7350eb95914a87918f6c051d09cba779a2d67e01ef2beb09e3b80efc20
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1547c5dfb5689e3acad15ec9131b08b6085f0648bcf9e073530751312ab60f1
c1bb82aebcf2f4bb70878e30af73a0c22ffb935bceb82f81cb0852e78a674032
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c81869b88f6f49de16cea03c5c0c4f5af5116baebdff2d2afc3e68ad7505de0a
cabcd49efd69dad693f5f56e07da68897370ccaa4bfd08ddb94fe394efda7f86
cdf658d42009a4ba188c24d84eb9b76fb7bdb90057c7fda60c0c66960da7a2f2
d04d5136b9647b83466d700587b21b875075a5abb5da08aabfce9b7ef5dc34a9
d9098b0333640086d3ec12a46046ca91e7521119555d591ab5fbd6372e714264
d9f6174ede3693c2d9532979043825dc703abfa9b5f3364c49abdecc96af24ac
da80416501065eabe7ea25359a8b8811926d8a212f3ea94b8cd4c55efb7df3c1
db3989e843bb3c67c9fd9198755ce180ed96ba58c44f7cd3c25bf8021c0f1baa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08360eef30cc5b85f5f1a78296e1344aee87642c5f2850bb275c2f3858e8225
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f2cca7784269c376cea0c66fa206e809162035f87759bd0d44d171dda8053b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b15d2ffde35fb7664d124a18cacc52283c7aceb3ac8594ac540ced31bbcb22
ea88adff36505b44e034dda505e6dfbff22f8b35b1ed2dd413abcad42d522ebd
eecbc38ae1f5732c0081b9d762dbebca1ad3b3b8e7f34a40669104f920090e09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b8459126998109517499ccd0fd2000f8d9f3c7c66cd0d2a26a222f32b9fe36
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f37da54d326b99171b82af3e0f90a8022b3cafa3caa5db1064a841340b4485a7
f3e732bc8162534e2b55058624bb0d918c31c4f2281a06fdd11c9316c245c201
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fc744decbaa1624399c76e9d8cd5025f2b4fa7117b706d56fc9c3d815f6cdff9
fe4dc37903f228e23bdf7d8a80e4b95b74639233b52e316f16005e125ad09d15
ff97bcaf602dfe77d822148616137565b2006068bf13cfdba06381b36acb7b09

www.offermate.us Open in urlscan Pro 2604:a880:2:d0::867:1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

96 %HTTPS

84 %IPv6

27 Domains

39 Subdomains

32 IPs

2 Countries

3526 kBTransfer

5815 kBSize

25 Cookies

2 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.offermate.us Open in urlscan Pro
2604:a880:2:d0::867:1 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

96 %
HTTPS

84 %
IPv6

27
Domains

39
Subdomains

32
IPs

2
Countries

3526 kB
Transfer

5815 kB
Size

25
Cookies

162 HTTP transactions
2 data transactions