urlscan.io logo urlscan.io
SecurityTrails logo

gc-entry-v2.dealofferz.xyz Open in urlscan Pro
172.67.207.106  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nfj3njs.com/wdt8k/k1jbp4/0.8429834551108877
Effective URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Submission: On July 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 10 domains to perform 35 HTTP transactions. The main IP is 172.67.207.106, located in United States and belongs to CLOUDFLARENET, US. The main domain is gc-entry-v2.dealofferz.xyz.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.
This is the only time gc-entry-v2.dealofferz.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.117.163.91 396982 (GOOGLE-CL...)
18 172.67.207.106 13335 (CLOUDFLAR...)
1 2600:9000:250... 16509 (AMAZON-02)
1 18.160.41.58 16509 (AMAZON-02)
1 2a02:4780:b:7... 47583 (AS-HOSTINGER)
5 2607:f8b0:400... 15169 (GOOGLE)
7 172.67.180.90 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 34.117.132.251 396982 (GOOGLE-CL...)
1 172.67.205.140 13335 (CLOUDFLAR...)
35 8
1    34.117.163.91 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 91.163.117.34.bc.googleusercontent.com
www.nfj3njs.com
18    172.67.207.106 (United States)

ASN13335 (CLOUDFLARENET, US)
gc-entry-v2.dealofferz.xyz
1    2600:9000:2509:9200:a:3d5:af40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.3dsintegrator.com
1    18.160.41.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-58.iad55.r.cloudfront.net
static.hotjar.com
1    2a02:4780:b:737:0:33ac:e24b:2 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
vjkwakity.com
5    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    172.67.180.90 (United States)

ASN13335 (CLOUDFLARENET, US)
zoom-sf.genderseparator.com
1    2607:f8b0:4004:c1f::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.117.132.251 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.132.117.34.bc.googleusercontent.com
www.nbgdhrtrk.com
1    172.67.205.140 (United States)

ASN13335 (CLOUDFLARENET, US)
bdl.potentialoffers.xyz
Apex Domain
Subdomains		 Transfer
18 dealofferz.xyz
gc-entry-v2.dealofferz.xyz
466 KB
7 genderseparator.com
zoom-sf.genderseparator.com
1 MB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
5 KB
1 potentialoffers.xyz
bdl.potentialoffers.xyz
1 KB
1 nbgdhrtrk.com
www.nbgdhrtrk.com
652 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 vjkwakity.com
vjkwakity.com
1 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
433 B
1 3dsintegrator.com
cdn.3dsintegrator.com — Cisco Umbrella Rank: 232312
7 KB
1 nfj3njs.com
www.nfj3njs.com
605 B
35 10
Domain Requested by
18 gc-entry-v2.dealofferz.xyz gc-entry-v2.dealofferz.xyz
7 zoom-sf.genderseparator.com gc-entry-v2.dealofferz.xyz
5 fonts.googleapis.com gc-entry-v2.dealofferz.xyz
1 bdl.potentialoffers.xyz
1 www.nbgdhrtrk.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 vjkwakity.com
1 static.hotjar.com gc-entry-v2.dealofferz.xyz
1 cdn.3dsintegrator.com gc-entry-v2.dealofferz.xyz
1 www.nfj3njs.com 1 redirects
35 10

This site contains no links.

Subject Issuer Validity Valid
dealofferz.xyz
WE1		 2024-07-11 -
2024-10-09		 3 months crt.sh
*.3dsintegrator.com
Amazon RSA 2048 M02		 2024-01-16 -
2025-02-12		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
vjkwakity.com
R10		 2024-07-29 -
2024-10-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
genderseparator.com
WE1		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Frame ID: 59D3ACD89513CC9283FE0E9F8E747EA7
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GC Entry

Page URL History Show full URLs

  1. http://www.nfj3njs.com/wdt8k/k1jbp4/0.8429834551108877 HTTP 307
    https://www.nfj3njs.com/wdt8k/k1jbp4/0.8429834551108877 HTTP 302
    https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

35
Requests

97 %
HTTPS

40 %
IPv6

10
Domains

10
Subdomains

8
IPs

1
Countries

1621 kB
Transfer

3565 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nfj3njs.com/wdt8k/k1jbp4/0.8429834551108877 HTTP 307
    https://www.nfj3njs.com/wdt8k/k1jbp4/0.8429834551108877 HTTP 302
    https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://www.nbgdhrtrk.com/28KL6/4LCGPB/ HTTP 302
  • https://bdl.potentialoffers.xyz/?affId=1&c1=&c2=&c3=6f33be6766814185a23c55e682e5aaf9

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gc-entry-v2.dealofferz.xyz/
Redirect Chain
  • http://www.nfj3njs.com/wdt8k/k1jbp4/0.8429834551108877
  • https://www.nfj3njs.com/wdt8k/k1jbp4/0.8429834551108877
  • https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
0cc7b7e54233ad56d25b2400053f00be44d078ae3b388e6550644a1437368c5a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac0e0c4788da524-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 22:03:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xe03eykwK9ky91nYmyzp4f6%2FlmAULfB1bAz7fXhrOh61wVv4dXzHuXEVxVYxqjxKfJMrc1hjR%2FnZD7ZCGTyl%2FxLylXMlLxI6N%2FMFQdUqUFTIT82EA8OvmWTy8nupvOc2fi6I57F2Yxx7LcCdcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Next.js

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 22:03:21 GMT
location
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
64f99546-265f-410b-b760-275b8333ada4
e9523f104d9abfbf.css
gc-entry-v2.dealofferz.xyz/_next/static/css/ 		205 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/css/e9523f104d9abfbf.css
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da700fa839ed9434926783829111f2956c577352e440c6dbb5fb233bbfdced6

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523729
etag
W/"333e2-18fac3f2a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pl8SZrASWC32oBT0%2FoXlEjuFWTU5w9GdKO9SOv2yZTU%2Fk7nWkV%2B4vKV6aNOA%2FT8zbbbMWhP8dLunHMoJcwCT3H5WIWart%2FZ4No%2FtrZwU9z9Nmd50FrgmyidLT8mlJgoeOdyICxYBGnXVOFVXNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c5fa95a524-MIA
alt-svc
h3=":443"; ma=86400
webpack-62c02dad1a6a4cb4.js
gc-entry-v2.dealofferz.xyz/_next/static/chunks/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/webpack-62c02dad1a6a4cb4.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fbe1923790a7655daa154224f16e1f63c6c3f0e4859c55014f967be3c9674f4

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523729
etag
W/"89e-18fac3f2a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N39rlEogoB4J0enHBBRzCgpjx5BSZtIWhyVDI6tyZ6zScbxW0Q49v8gRFaN%2BpbB%2B%2FK%2FGAhzyngUw6wXQkCt2Uzuzw4SdPevGvm7dqS008HzilQpM7YnrX5hd%2BnCtHC%2BgDsPV26yRijhqA5QUEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c5fa97a524-MIA
alt-svc
h3=":443"; ma=86400
framework-2c79e2a64abdb08b.js
gc-entry-v2.dealofferz.xyz/_next/static/chunks/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/framework-2c79e2a64abdb08b.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523729
etag
W/"226fc-18fac3f2a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVJpsHO25nrGhYwT1pxRMcckEWEdqYLFtJs%2B%2BVnIGPlw6Sm1X4AeodTW5q3mzh1ZGV9xrH9EdiJq1EySB%2F3Scv2RbP3zqHO76bPJjWA60a6YV2CkbW73HVtDXos4uuZW7sfzqiQxfoxYRmdvpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c62aeda524-MIA
alt-svc
h3=":443"; ma=86400
main-af3068766efac2e7.js
gc-entry-v2.dealofferz.xyz/_next/static/chunks/ 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/main-af3068766efac2e7.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9e0c7032ea964de9c940737f5db95d9cbea28b47fa200a8b807ba829464fc0

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523729
etag
W/"18d75-18fac3f2a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKmhcegRcnlvdXlMlY0Do42MgDx1JnTxiuFAm4j8b%2BLlQd3k29DEOvPthDOf%2FoDRiUBgfhhT65Cm%2Bowkv%2F4pYkA4fyWeOggjMVdmsXQIHF79JlUDj6CrsMZenXLZVaWVVan8BdqwlsWKqoXB9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c62aefa524-MIA
alt-svc
h3=":443"; ma=86400
_app-1d7e3cc2b15bbf34.js
gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/ 		473 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/_app-1d7e3cc2b15bbf34.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fd4c3dbfc4a1decc366d1f5a68387c0b99f95fcc793021c2a3e758042f5943

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523729
etag
W/"76228-18fac3f2a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kw1dBSsDJHpBqrv%2BQIeG4TzRBpBlsDm6PY77Sf5nx%2FmOlUMtvojMnonaX%2Bc8s8aKWBjE0GPGOVEEZ6IPbv2CsVXZXWESD%2BP8QBBEJHwkz29Fl097uBlzqcCPVDdnzOzOV1xcOhileEE5eiCmHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c62af1a524-MIA
alt-svc
h3=":443"; ma=86400
172-377964afbc48459f.js
gc-entry-v2.dealofferz.xyz/_next/static/chunks/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/172-377964afbc48459f.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1434aa4efdf510819649b8e0bc0e6adf812fc6be6638be0ef18dd7eb2676b9a7

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523729
etag
W/"111bc-18fac3f2a0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUJJzDv8wZL0j5ybcZTCtkjl8Li5yupjRurrY9wXlafGgGjQuyFv9PtQwlKoJqVIBkhyuZLiaR9ss8ijZirSKoZAGM9EGWgRYpIdTL%2B1Kkfhzu5iFIUDA6uk4fjWjwKWyDtuYYgsIQ%2BjWm%2FyjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c62af2a524-MIA
alt-svc
h3=":443"; ma=86400
555-9e7941ce10a8d8a7.js
gc-entry-v2.dealofferz.xyz/_next/static/chunks/ 		339 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/555-9e7941ce10a8d8a7.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd45f4a2a91adba49c83176f3aeca12b9a826a312915407a63726dcd35910d8d

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523729
etag
W/"54d62-18fac3f2a0e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLprKfKLQ0pq3mMwf6i5Q1wzhvugXdojnFgaokjdTf6cxkgHsft1HozY4AD0BK6q5fuO%2BJsnLFekGL3r8nH8M0Z%2BKd7YtlBxn82PUdNMOodm8bZqtLIBVy59qj9%2FF27sdEumVhb6z%2F9QvhTUcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c62af4a524-MIA
alt-svc
h3=":443"; ma=86400
index-d9895ea2a72b5857.js
gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/index-d9895ea2a72b5857.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad4a06a7798ab28dd7280c2a619d3c46697f91722eaac6623413a77d13d096f

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 May 2024 20:16:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
523730
etag
W/"6ba0-18fac3f2a0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eEp%2BQw0mr8wSaDQY0iJTavpdfq%2BTimRIyKUetiicaKR6mQDFk6%2Fjqbq%2FuDxF2DQ21Y88jIGEObcnma5ZEmy7VbhPRTu5vi%2F2HYOWBdChx1Yww%2Fymk9Z3zIMi96zrwVhaJFOrsE7wNPGgGAWWZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c62af7a524-MIA
alt-svc
h3=":443"; ma=86400
_buildManifest.js
gc-entry-v2.dealofferz.xyz/_next/static/SPFVxw2JwqgwTUSuse8Yx/ 		534 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/SPFVxw2JwqgwTUSuse8Yx/_buildManifest.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cad242bfea4025ca7a73f340d5d3729c50eeaa7450953aaa2de6ffcdf97bf04

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 14:37:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
196442
etag
W/"216-190feeca8d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCYSKnqft8Vuyo%2B7vRpKw%2FTx0rIFYxVRQYbbMe2DYfE8RPOQz8vpumSLzCbY5musATHgVxNLJQSxlXjNPDoDJLg3lU5uJRHwAggTm6CfsrcxdN%2BxJsGuqHOc4buqDUx7GXFeqDDjjRM%2BgWCImw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c62af9a524-MIA
alt-svc
h3=":443"; ma=86400
_ssgManifest.js
gc-entry-v2.dealofferz.xyz/_next/static/SPFVxw2JwqgwTUSuse8Yx/ 		77 B
558 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/_next/static/SPFVxw2JwqgwTUSuse8Yx/_ssgManifest.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 14:37:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
196442
etag
W/"4d-190feeca8d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gl9DMahj7nqDksm78iStN4CvEzSWsbsiU8UV4v9QQHJ7R6voZCNBH9z0ZsoJtjR7GJtTbzKtCJ8C%2BqUprtfwtyI%2FZPSVqoSkBgbA6jn5dj4QoWmAMaa2ivd6UIiRJ6aAqA0mCnt8eC6YumMFpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
cf-ray
8ac0e0c63b0da524-MIA
alt-svc
h3=":443"; ma=86400
threeds.2.1.0.20220901.min.js
cdn.3dsintegrator.com/ 		31 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.3dsintegrator.com/threeds.2.1.0.20220901.min.js
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2509:9200:a:3d5:af40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
PAAY CDN /
Resource Hash
c47e1a4ad8d39486e026635c5972abfa0c0b22db6f534330fee5d0030a80f983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 09:09:01 GMT
x-amz-version-id
neTLV4ZIRDI7g6bxb2UiMk2e0CYykhZm
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 c6bba20dc3ec8526b729f039a2fdf7ae.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2
age
46461
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 01 Sep 2022 14:42:52 GMT
server
PAAY CDN
etag
W/"90df46f26dc2cf5707f0959d1d80856c"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=604800, immutable
x-amz-cf-id
0eJw2bG4QGY8LlJdE9kksJdTcXkmP8UAGuO7dr4lxrgrCJZw67088g==
hotjar-3190175.js
static.hotjar.com/c/ 		0
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3190175.js?sv=6
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-58.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
date
Wed, 31 Jul 2024 22:02:41 GMT
x-content-type-options
nosniff
via
1.1 4244245835579031ffc201ddc6d644a2.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P1
age
41
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
etag
W/d41d8cd98f00b204e9800998ecf8427e
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
xXcXQXvunEG5kN6Aga--Jb-ZvyK7-APiI-M-2gj5xg5A40y0MEqI0A==
form.min.css
gc-entry-v2.dealofferz.xyz/GC%20Entry_files/ 		608 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/main-af3068766efac2e7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
952b82ef93276433b165133ec67c1cee281404a87a3bf99f616e667f070b25dc

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:22 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2024 16:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9800a-18eecd2e346"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDb5MVnbvnvlytxDRtAR2pFdjEYOJUO1OpTKpNrWKVKaztgLLe5RSKWo4ZklV59ap5qUmv%2BB9AMUrS8pdVC7KlXgnb%2Bc7mUO8x8DE%2BVppaFIzeK9wWMrAU66kFcxhpi8WfKhwvYOHdDvjOOABw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
8ac0e0c92ebea524-MIA
alt-svc
h3=":443"; ma=86400
visa-logo.png
gc-entry-v2.dealofferz.xyz/GC%20Entry_files/ 		671 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/visa-logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befd0c3f7012ebb7beabe465a2507d245f2c4a4f4073cea5f3900694cefe9149

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:22 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2024 16:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"29f-18eecd2e34a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0yZLyXz4NkU7Lv1HRcF0r55afnl53jYLVFYvanDNs7oKfQmo5m4j%2BOTdjFoCLIY%2FYCziZjIJuUT8ZNbjObndCJX0eTzT2VHq%2FnzLo0enj3y1T0cBWuBOS6UXbYMrGKU0qNqVY8UvZxGU1rrHiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8ac0e0c96f35a524-MIA
alt-svc
h3=":443"; ma=86400
content-length
671
base.png
gc-entry-v2.dealofferz.xyz/GC%20Entry_files/ 		362 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/base.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dcc16d136b4fbb8bc0195f8f227bb6b26e1a3503f722573aa60b9de71400077

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:22 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2024 16:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"16a-18eecd2e342"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZVT3XNfpz6pefQCfe9k10VIMiPtR8EQS5LcFZeagMqQBn8r2aDLVT8FM%2BhpJ%2FanWq8nyssxcGV5VeV7zkgQvO%2FUoGwoKlWIdRg1A1J1lIH5Zw1gjFO9UdjP3%2BM9vPMsKz7cddQprmakFLRnOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8ac0e0c96f37a524-MIA
alt-svc
h3=":443"; ma=86400
content-length
362
Mastercard.png
gc-entry-v2.dealofferz.xyz/GC%20Entry_files/ 		606 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/Mastercard.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d1a4fe5255e033474c9162ddd0c1a1268ca0d171633961e24dcbdd9c2c0810d

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:22 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2024 16:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"25e-18eecd2e342"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eayFiCzKa5mqqdcfzC5a4EMRJMy2XP3Fp9CkwUVIiByGLnoLqGId1HJqSZixMWK96PI8i7X8TYUfkhqOXX3yfkfv99u3X5XPaHerr5ksrKn7cpk6HVGboBF6WYVJFK9gA1otlKjvGN36jR%2B%2F1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8ac0e0c96f39a524-MIA
alt-svc
h3=":443"; ma=86400
content-length
606
lock_icn.png
vjkwakity.com/dtc-v3-n/ 		782 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vjkwakity.com/dtc-v3-n/lock_icn.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:737:0:33ac:e24b:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e1482ebef74cc20da80cae5d624c085582b79edd02a44ffe3edd56427dd1e068
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:02:59 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 03 Jul 2023 05:18:14 GMT
server
LiteSpeed
etag
"30e-64a25a16-67ccf30149f89071;;;"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
782
expires
Wed, 07 Aug 2024 22:02:59 GMT
secure-img.png
gc-entry-v2.dealofferz.xyz/GC%20Entry_files/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/secure-img.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c971f61dd7f09949551ca84e5dce27adca1f8536ae73adfb822e8d8cd03753d

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:22 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 17 Apr 2024 16:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"38d7-18eecd2e346"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIWfMWDo9Zpf8JkLVoj5EsF05Nea54L8S%2B6w0GFFbV9zR20toLQgVTOo1IdVAZYMFMLI4j8fxzpR%2FQhBmbKabCgqX8nD148dJg5W6s4v%2F8nAJ8FOSMb9PJr5CmSqU1wrQdt7u2sLN4c9av1XRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8ac0e0c96f3ca524-MIA
alt-svc
h3=":443"; ma=86400
content-length
14551
css2
fonts.googleapis.com/ 		446 B
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Shadows+Into+Light&display=swap
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
76416c3d387eb6702c2a9bcf7fa3abd5bf7b1cf478965b26d05965f055332c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 22:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 22:01:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 22:03:22 GMT
css2
fonts.googleapis.com/ 		2 KB
506 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@200;500;800&display=swap
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427e56deec59c53dd48d3bc03def13ccc5e3d27573ebbb44e858ae0dba47ebfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 22:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 21:56:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 22:03:22 GMT
css2
fonts.googleapis.com/ 		3 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300&display=swap
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
476dbea84f9f5179dc06e5cfffcf4c7034665bf56f726a4439e19fbbe3d35464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 22:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 20:34:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 22:03:22 GMT
css2
fonts.googleapis.com/ 		5 KB
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;500&display=swap
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
859407cf936ee45dabd060619e85cfca4fa104f1ca78fc4961636d2d290d5e6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 22:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 21:22:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 22:03:22 GMT
css2
fonts.googleapis.com/ 		46 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ae7f95490a78f65a3612c5c50957a7af7aa44425713df780551f839341965c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 22:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 21:53:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 22:03:22 GMT
favicon.ico
gc-entry-v2.dealofferz.xyz/ 		1 KB
1017 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
547f95445c1a470f8e384f7be44e6c8ba5a63579db46a626d0f4bd77745b6b10

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/?affId=20&c1=&c2=&c3=cfe60fab6ac54b28885fc8c399e40698
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
x-powered-by
Next.js
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BIYd0q0kVbFgRc6ZGNJ9OKAVLzcKzNolPg7BhI0RjjjA1KNl2lmDV8Nl10u7MvF2tLEuiAiETBOfKzpPxPmiANK2uwJIuLg%2BuXSS9uKY1iTPNek2sCaF9%2BG1jKjZZWf%2B9c%2FFVXNc86CpnzoMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
8ac0e0ca4862a524-MIA
alt-svc
h3=":443"; ma=86400
display-details-v3
zoom-sf.genderseparator.com/api/projects/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoom-sf.genderseparator.com/api/projects/display-details-v3?projectKey=ncZWL7tRYFflNI4yNeUq7rHH
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/_app-1d7e3cc2b15bbf34.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
71382e366665ec37a57ec2cf521a032d8d66e934b5461ad61eb62386a102334c
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Sdk-Ver
3023
Content-Type
application/json

Response headers

date
Wed, 31 Jul 2024 22:03:23 GMT
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
server
cloudflare
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5sfBfco5z3HnnT4%2Bptvnzl99iyrOme%2F4kZnako5UGknVwD2ebCWbMNIcrldkh0PdvbTHtQwurEPzhE8OrqAZfDTPiYQ%2FotwBlOrBspkPJG%2FIwrtVvbxc6nCRMcrx0bLjX5uTQHwFnhYXeP0B3qQ%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin
access-control-allow-credentials
true
cf-ray
8ac0e0ccbe7da57c-MIA
get-user-ip
zoom-sf.genderseparator.com/api/projects/ 		29 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoom-sf.genderseparator.com/api/projects/get-user-ip
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/_app-1d7e3cc2b15bbf34.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
b079c50148443f5971650e0ddb21d184c7c80b15cae73ce1a71cefa8e877522e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:23 GMT
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=86400
content-length
29
referrer-policy
no-referrer
server
cloudflare
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJknI6E20FVv1JRmDJwbQNb9ZmxxdkK4Pgnh4Sb6TnzVcMlIB7148%2F8sjZ5jSpK2%2F0v9%2BhKBFrODVCMflRS9WVT4HQf4R1R4tOyG8o8DERALYhGF6aCg6PtT6wzz2dU4UUAFHOty9kXS3MI%2FDbc%3D"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-credentials
true
cf-ray
8ac0e0cb6c97a57c-MIA
display-details-v3
zoom-sf.genderseparator.com/api/projects/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zoom-sf.genderseparator.com/api/projects/display-details-v3?projectKey=ncZWL7tRYFflNI4yNeUq7rHH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sdk-ver
Access-Control-Request-Method
POST
Origin
https://gc-entry-v2.dealofferz.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,Origin,Accept,X-Sdk-Ver
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
access-control-max-age
31536000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac0e0cb6c90a57c-MIA
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date
Wed, 31 Jul 2024 22:03:22 GMT
expect-ct
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyGoCtbgxFB2eVeYGWL6w0OZc7fS5UpNW1pQ%2BGoiOt0R%2BXGWLpnwEQDcMyIXC6fYMkyh7AzamaUuKKmvW1g9UbfysJooJFFoD3fvXahlo6%2BR08LEngGEj0Ya500fSqeyI2nlPaq4pAgFNjLCmnQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
Metropolis-Regular.otf
gc-entry-v2.dealofferz.xyz/GC%20Entry_files/vendor/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/vendor/Metropolis-Regular.otf
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/form.min.css
Origin
https://gc-entry-v2.dealofferz.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
x-powered-by
Next.js
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txryXcvYikxV7caTWIKWFouh3ZojPtUCfunQA4cbYxQrC5q0J011qjfAZS7Lxz842P9eHTX3NVlfNV64aAOXsXU4qcMp5%2FJq9bmi%2FTYqlHz10rtvdLAm%2FoCRetlTyNubiOUVW%2B%2F5rz0tTAy1Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
8ac0e0cd6cf2a524-MIA
alt-svc
h3=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gc-entry-v2.dealofferz.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Jul 2024 08:18:05 GMT
x-content-type-options
nosniff
age
395118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Jul 2025 08:18:05 GMT
/
bdl.potentialoffers.xyz/
Redirect Chain
  • https://www.nbgdhrtrk.com/28KL6/4LCGPB/
  • https://bdl.potentialoffers.xyz/?affId=1&c1=&c2=&c3=6f33be6766814185a23c55e682e5aaf9
1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bdl.potentialoffers.xyz/?affId=1&c1=&c2=&c3=6f33be6766814185a23c55e682e5aaf9
Protocol
H3
Server
172.67.205.140 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
e7a72ef9618f795c58985c74ef1fb8317ecf0ad2b6f52a91e747418d5df722ca

Request headers

Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 22:03:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Next.js
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS,PATCH,DELETE,POST,PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eYoiPJOHnFjkc8sehphkrXWT9peXqLSSDCjMdxRoohPvypOtEkrGVq9hnUyXY80fA7GVtZQK6cPk4EOLlsLrDYFk8rFEEuPIf9OeI4ooDi3eXJG%2Fhqse1qBYB8uBJIqUaP9Z%2FYrgVFUEbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8ac0e0dad8ff8df1-MIA
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 31 Jul 2024 22:03:25 GMT
via
1.1 google
server
nginx
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
location
https://bdl.potentialoffers.xyz/?affId=1&c1=&c2=&c3=6f33be6766814185a23c55e682e5aaf9
access-control-allow-credentials
true
x-eflow-request-id
15c006ae-b062-40a7-8436-603a08b49a16
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
import-clicks
zoom-sf.genderseparator.com/api/plugins/konnektive/ 		408 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoom-sf.genderseparator.com/api/plugins/konnektive/import-clicks?projectKey=ncZWL7tRYFflNI4yNeUq7rHH
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/_app-1d7e3cc2b15bbf34.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
31c1720b967e3b8d3e7ecdb3cc0a9a93d4cec37e6404a43bb6c979c86a729561
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Sdk-Ver
3023
Content-Type
application/json

Response headers

date
Wed, 31 Jul 2024 22:03:26 GMT
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
server
cloudflare
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKUk2Qg3yPa9kvw%2BCFwf3%2BUdq0QzTlvo24DWRpqWnHwLnPO7QzFp8VR7l12Ng0Ix6AZSeXvPTS8YU7XipLDqR8IGZKop770VGH8OE7QaWFEU6BmKO%2FimA1QW%2B3BEiHlusTsLHUiMa8tGdLUxSOc%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin
access-control-allow-credentials
true
cf-ray
8ac0e0dc9e10a57c-MIA
import-clicks
zoom-sf.genderseparator.com/api/plugins/konnektive/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zoom-sf.genderseparator.com/api/plugins/konnektive/import-clicks?projectKey=ncZWL7tRYFflNI4yNeUq7rHH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sdk-ver
Access-Control-Request-Method
POST
Origin
https://gc-entry-v2.dealofferz.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,Origin,Accept,X-Sdk-Ver
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
access-control-max-age
31536000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac0e0dbfd51a57c-MIA
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date
Wed, 31 Jul 2024 22:03:25 GMT
expect-ct
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IbDMTh6L9cXcI3LhyU4c2MxQZf8kyFQZSdmyHLC1KSCak9KhnOX6aRHuB4o8gto%2B9K9AZ27%2F%2Fp6UZUP7M3hA%2BiIlMbQOHuwYLvsZ8shPy4I8gG9cw12h9E%2FNfChw28VHr0KWlTebeu2YWEiItKQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
display-details-v3
zoom-sf.genderseparator.com/api/projects/ 		87 KB
66 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zoom-sf.genderseparator.com/api/projects/display-details-v3?projectKey=71PLchGkunYEXb6GE
Requested by
Host: gc-entry-v2.dealofferz.xyz
URL: https://gc-entry-v2.dealofferz.xyz/_next/static/chunks/pages/_app-1d7e3cc2b15bbf34.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Strapi <strapi.io>
Resource Hash
1e1ef09229c16e8fba77da107925407bf56117d0907da92e2aaee27864140f66
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://gc-entry-v2.dealofferz.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Sdk-Ver
3023
Content-Type
application/json

Response headers

date
Wed, 31 Jul 2024 22:03:26 GMT
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Strapi <strapi.io>
x-dns-prefetch-control
off
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
no-referrer
server
cloudflare
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4EGo7w4NnKZjosqjGlliqnMO%2FapGrb0jkQ4CIPH%2BeTquB2AdHPSa%2BbOeo5FN8JK78wXqyZqYqzBLek%2F7RplCDsV26uEimGHyzPP1UVP7g4%2BYLfXJsECmJvn6Suh3vJZIzJpls%2Byc6KbpADQFIQ%3D"}],"group":"cf-nel","max_age":604800}
vary
Origin
access-control-allow-credentials
true
cf-ray
8ac0e0e34828a57c-MIA
display-details-v3
zoom-sf.genderseparator.com/api/projects/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zoom-sf.genderseparator.com/api/projects/display-details-v3?projectKey=71PLchGkunYEXb6GE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.90 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-sdk-ver
Access-Control-Request-Method
POST
Origin
https://gc-entry-v2.dealofferz.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,Origin,Accept,X-Sdk-Ver
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://gc-entry-v2.dealofferz.xyz
access-control-max-age
31536000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ac0e0e2af5ca57c-MIA
content-security-policy
connect-src 'self' https:;img-src 'self' data: blob: https://dl.airtable.com;media-src 'self' data: blob:;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
date
Wed, 31 Jul 2024 22:03:26 GMT
expect-ct
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYSu0xL80MMtCncdhY8AEamelHauBBI7L0TjBMaOSmbHWRDIt7Gvyrm%2FkuMtk2zNLdVJ1oDPENGgvmJhaPLDjceSwOPaQkrtQIexqfbC999QvnNoTs1jnGRrRXUhD%2FnbPk%2Fup%2FVyZAm54vpmUd4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ThreeDS object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| _ object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST function| hj object| _hjSettings

2 Cookies

Domain/Path Name / Value
www.nfj3njs.com/ Name: uniqueClick_k1jbp4
Value: 5882ea70-3b2f-4465-bc9b-95f66b44e8cb:1722463401
www.nfj3njs.com/ Name: transaction_id
Value: cfe60fab6ac54b28885fc8c399e40698

2 Console Messages

Source Level URL
Text
network error URL: https://gc-entry-v2.dealofferz.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gc-entry-v2.dealofferz.xyz/GC%20Entry_files/vendor/Metropolis-Regular.otf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bdl.potentialoffers.xyz
cdn.3dsintegrator.com
fonts.googleapis.com
fonts.gstatic.com
gc-entry-v2.dealofferz.xyz
static.hotjar.com
vjkwakity.com
www.nbgdhrtrk.com
www.nfj3njs.com
zoom-sf.genderseparator.com
172.67.180.90
172.67.205.140
172.67.207.106
18.160.41.58
2600:9000:2509:9200:a:3d5:af40:93a1
2607:f8b0:4004:c17::5f
2607:f8b0:4004:c1f::5e
2a02:4780:b:737:0:33ac:e24b:2
34.117.132.251
34.117.163.91
03fd4c3dbfc4a1decc366d1f5a68387c0b99f95fcc793021c2a3e758042f5943
0cc7b7e54233ad56d25b2400053f00be44d078ae3b388e6550644a1437368c5a
1434aa4efdf510819649b8e0bc0e6adf812fc6be6638be0ef18dd7eb2676b9a7
1ae7f95490a78f65a3612c5c50957a7af7aa44425713df780551f839341965c3
1e1ef09229c16e8fba77da107925407bf56117d0907da92e2aaee27864140f66
2ad4a06a7798ab28dd7280c2a619d3c46697f91722eaac6623413a77d13d096f
2c971f61dd7f09949551ca84e5dce27adca1f8536ae73adfb822e8d8cd03753d
31c1720b967e3b8d3e7ecdb3cc0a9a93d4cec37e6404a43bb6c979c86a729561
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
427e56deec59c53dd48d3bc03def13ccc5e3d27573ebbb44e858ae0dba47ebfc
476dbea84f9f5179dc06e5cfffcf4c7034665bf56f726a4439e19fbbe3d35464
547f95445c1a470f8e384f7be44e6c8ba5a63579db46a626d0f4bd77745b6b10
5d1a4fe5255e033474c9162ddd0c1a1268ca0d171633961e24dcbdd9c2c0810d
5dcc16d136b4fbb8bc0195f8f227bb6b26e1a3503f722573aa60b9de71400077
6da700fa839ed9434926783829111f2956c577352e440c6dbb5fb233bbfdced6
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
71382e366665ec37a57ec2cf521a032d8d66e934b5461ad61eb62386a102334c
76416c3d387eb6702c2a9bcf7fa3abd5bf7b1cf478965b26d05965f055332c10
7cad242bfea4025ca7a73f340d5d3729c50eeaa7450953aaa2de6ffcdf97bf04
859407cf936ee45dabd060619e85cfca4fa104f1ca78fc4961636d2d290d5e6c
8fbe1923790a7655daa154224f16e1f63c6c3f0e4859c55014f967be3c9674f4
952b82ef93276433b165133ec67c1cee281404a87a3bf99f616e667f070b25dc
b079c50148443f5971650e0ddb21d184c7c80b15cae73ce1a71cefa8e877522e
bd45f4a2a91adba49c83176f3aeca12b9a826a312915407a63726dcd35910d8d
befd0c3f7012ebb7beabe465a2507d245f2c4a4f4073cea5f3900694cefe9149
c47e1a4ad8d39486e026635c5972abfa0c0b22db6f534330fee5d0030a80f983
dd9e0c7032ea964de9c940737f5db95d9cbea28b47fa200a8b807ba829464fc0
e1482ebef74cc20da80cae5d624c085582b79edd02a44ffe3edd56427dd1e068
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a72ef9618f795c58985c74ef1fb8317ecf0ad2b6f52a91e747418d5df722ca
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7