Submitted URL: https://www.telechargeoffers.com/go.aspx?MD=2001&MC=PYPBL66
Effective URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Submission: On February 08 via manual from US — Scanned from DE

Summary

This website contacted 20 IPs in 5 countries across 17 domains to perform 86 HTTP transactions. The main IP is 95.100.153.130, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.telechargeoffers.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 13th 2021. Valid for: a year.
This is the only time www.telechargeoffers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 95.100.153.130 20940 (AKAMAI-ASN1)
4 23.59.68.114 16625 (AKAMAI-AS)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.21.143.57 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
4 54.236.135.9 14618 (AMAZON-AES)
2 54.176.85.227 16509 (AMAZON-02)
1 54.246.159.25 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 104.17.208.240 13335 (CLOUDFLAR...)
1 52.222.206.77 16509 (AMAZON-02)
2 8 2600:9000:215... 16509 (AMAZON-02)
1 54.73.67.72 16509 (AMAZON-02)
3 104.17.209.240 13335 (CLOUDFLAR...)
86 20
Apex Domain
Subdomains
Transfer
39 telechargeoffers.com
www.telechargeoffers.com
396 KB
11 qualtrics.com
znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1205
72 KB
9 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2604
d.adroll.com — Cisco Umbrella Rank: 1561
77 KB
4 brilliantcollector.com
lib-us-1.brilliantcollector.com — Cisco Umbrella Rank: 25392
614 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
2 KB
3 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1501
m.addthis.com — Cisco Umbrella Rank: 1468
141 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5557
655 B
2 google.com
www.google.com — Cisco Umbrella Rank: 13
655 B
2 delivra.com
integration.delivra.com — Cisco Umbrella Rank: 93701
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
96 KB
2 akamaihd.net
ds-aksb-a.akamaihd.net — Cisco Umbrella Rank: 4780
5 KB
1 cloudfront.net
d6tizftlrpuof.cloudfront.net
2 KB
1 usabilla.com
w.usabilla.com — Cisco Umbrella Rank: 3214
11 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1758
325 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 361
1 KB
86 17
Domain Requested by
39 www.telechargeoffers.com 1 redirects www.telechargeoffers.com
10 siteintercept.qualtrics.com znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com
www.telechargeoffers.com
siteintercept.qualtrics.com
8 s.adroll.com 2 redirects www.telechargeoffers.com
s.adroll.com
4 lib-us-1.brilliantcollector.com www.telechargeoffers.com
4 www.google-analytics.com www.googletagmanager.com
www.telechargeoffers.com
2 www.google.de www.telechargeoffers.com
2 www.google.com www.telechargeoffers.com
2 stats.g.doubleclick.net www.telechargeoffers.com
2 integration.delivra.com www.telechargeoffers.com
2 www.googletagmanager.com www.telechargeoffers.com
2 ds-aksb-a.akamaihd.net www.telechargeoffers.com
2 s7.addthis.com www.telechargeoffers.com
s7.addthis.com
1 d.adroll.com s.adroll.com
1 d6tizftlrpuof.cloudfront.net www.telechargeoffers.com
1 znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com www.telechargeoffers.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 w.usabilla.com www.telechargeoffers.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 www.googleadservices.com www.googletagmanager.com
1 z.moatads.com s7.addthis.com
86 21

This site contains no links.

Subject Issuer Validity Valid
www.telecharge.com
DigiCert SHA2 Secure Server CA
2021-11-13 -
2022-11-15
a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-27
a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.brilliantcollector.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-15 -
2022-02-15
a year crt.sh
integration.delivra.com
Thawte RSA CA 2018
2020-02-14 -
2022-03-13
2 years crt.sh
w.usabilla.com
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
www.google.com
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
www.google.de
GTS CA 1C3
2022-01-10 -
2022-04-04
3 months crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-24 -
2022-09-24
a year crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
s.adroll.com
Amazon
2021-08-02 -
2022-08-31
a year crt.sh
adroll.mgr.consensu.org
Amazon
2021-09-09 -
2022-10-08
a year crt.sh

This page contains 5 frames:

Primary Page: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Frame ID: EED1EE9246F10EBA64EA3A94EF1CFE69
Requests: 82 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 770718D981DBE13D663FF6A627E45FF4
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 864FEE312EFAEF632AD9BD09BF97A561
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/4f637a7e796d.js?lv=1
Frame ID: 865CEAEB3C363E913F22DA9D1DC82EF8
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/telecharge-button-bcaa09b6f0180a383e9fc4b19b48d49d.png
Frame ID: 1D8371585E3C50F15F95A2D0A303897A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title


Page URL History Show full URLs

  1. https://www.telechargeoffers.com/go.aspx?MD=2001&MC=PYPBL66 HTTP 302
    https://www.telechargeoffers.com/offeroverview.aspx?productid=13390 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • addthis\.com/js/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

97 %
HTTPS

42 %
IPv6

17
Domains

21
Subdomains

20
IPs

5
Countries

841 kB
Transfer

2786 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.telechargeoffers.com/go.aspx?MD=2001&MC=PYPBL66 HTTP 302
    https://www.telechargeoffers.com/offeroverview.aspx?productid=13390 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://s.adroll.com/j/exp/JOH75BOZPJEWDGO22THTEZ/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 74
  • https://s.adroll.com/j/pre/JOH75BOZPJEWDGO22THTEZ/BH3YAKJ3SRGYLKNCJJIT3L/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

86 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request offeroverview.aspx
www.telechargeoffers.com/
Redirect Chain
  • https://www.telechargeoffers.com/go.aspx?MD=2001&MC=PYPBL66
  • https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
171 KB
25 KB
Document
General
Full URL
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
707b3e6faa3d4c85a6943cd53179088f737cfb850aa972de31731b2f8d4136a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
pragma
no-cache
expires
-1
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
server
content-encoding
gzip
x-akamai-transformed
9 26996 0 pmb=mTOE,3mRUM,1
date
Tue, 08 Feb 2022 20:49:38 GMT
content-length
24339
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=utf-8
content-length
1539
cache-control
no-cache, no-store
pragma
no-cache
expires
-1
location
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:37 GMT
jquery-3.5.1.js
www.telechargeoffers.com/Scripts/jquery/
281 KB
83 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/jquery/jquery-3.5.1.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Jan 2022 21:43:59 GMT
server
etag
"7f1fd81fd7d81:0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=0
date
Tue, 08 Feb 2022 20:49:38 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-length
84805
x-xss-protection
1; mode=block
expires
Tue, 08 Feb 2022 20:49:38 GMT
styles_main.css
www.telechargeoffers.com/Stylesheets/
92 KB
23 KB
Stylesheet
General
Full URL
https://www.telechargeoffers.com/Stylesheets/styles_main.css
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a2566299208d66d222319be328b2230ad10e07e47b3ad8910f92fd04412a7b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
no-cache, no-store
vary
Accept-Encoding
content-length
23354
x-xss-protection
1; mode=block
expires
Tue, 08 Feb 2022 20:49:38 GMT
27a275
www.telechargeoffers.com/akam/11/
32 KB
11 KB
Script
General
Full URL
https://www.telechargeoffers.com/akam/11/27a275
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2fc5e13dc15e1cbf01ab5ecf79194768c30349287abebf65f5d2cdccefed9744

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:38 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2019 20:03:42 GMT
etag
"792cc8cff123b652498d1a1965dd3de7a9807c8e2f2253de1042d24a6e16114d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
10449
expires
Tue, 08 Feb 2022 20:49:38 GMT
WebResource.axd
www.telechargeoffers.com/
23 KB
5 KB
Script
General
Full URL
https://www.telechargeoffers.com/WebResource.axd?d=_rXzvXDgj2Xuofc0zdWjg7AkThNiRQhSM8iyKHl5TT_bJZtj4oFaQmc2XeqTkOEQQC2HxjT36tHxbklzsN_ySsXnwn5Am4jdaxTuvPr2DmE1&t=637453888754849868
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:38 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
no-cache, no-store
vary
Accept-Encoding
content-length
4627
x-xss-protection
1; mode=block
expires
-1
tealeaf.js
www.telechargeoffers.com/Scripts/
168 KB
55 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/tealeaf.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3d6d1857caa32908e606ce41a078e3dce2551fc5f89bd7b1853d5f13db6785e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
55919
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:37 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"45aec898fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
shubert_ExistingAccount.js
www.telechargeoffers.com/Scripts/
22 KB
5 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_ExistingAccount.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f51a880696a89480221509b3f90b89e0fb58b22023a52e65286b70dcffe2dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
4881
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:27 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"9d99d92fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
ScriptResource.axd
www.telechargeoffers.com/
26 KB
6 KB
Script
General
Full URL
https://www.telechargeoffers.com/ScriptResource.axd?d=Hpv-ovDfC1_coJBhJ3o68rGSwikXdXtQUAKK490BM6dp_g8LbEsUKXzur06lKcAmemZS8RjxlEl1gJyIhuXH7eObIgWplCnpIXb2UqFk0tGsvsAoA7l6i06q97UW_9GQBiv3EibRwZg7Qqpyfda6UXFMF9Jx9OslwGntO7T9ZBI1&t=ffffffffe191061b
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:38 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store
vary
Accept-Encoding
content-length
5468
x-xss-protection
1; mode=block
expires
-1
Telerik.Web.UI.WebResource.axd
www.telechargeoffers.com/
140 KB
35 KB
Script
General
Full URL
https://www.telechargeoffers.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=radScriptManager11_TSM&compress=1&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen-US%3aba1d5018-bf9d-4762-82f6-06087a49b5f6%3aea597d4b%3ab25378d2
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7828eaf521ab49cd287dba29442807a43deb5f7bb105f27b56454a045f6341be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:38 GMT
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
cache-control
no-cache, no-store
vary
Accept-Encoding
content-length
35148
x-xss-protection
1; mode=block
expires
-1
shubert_styledradiocheck.css
www.telechargeoffers.com/Stylesheets/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.telechargeoffers.com/Stylesheets/shubert_styledradiocheck.css
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
61088361060063d5addd3e4f568c455f511ad816cbf95a6af0b1341372a340cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
no-cache, no-store
vary
Accept-Encoding
content-length
2516
x-xss-protection
1; mode=block
expires
Tue, 08 Feb 2022 20:49:38 GMT
broadway_logo.png
www.telechargeoffers.com/Images/Product/
4 KB
4 KB
Image
General
Full URL
https://www.telechargeoffers.com/Images/Product/broadway_logo.png
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6ba783c6d8d9035ead4ede41a842caaa527fcb6a487118c825b0bc830d1e7ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
x-check-cacheable
YES
x-serial
487
etag
"2e75bb26ae6d71:0"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Fri, 07 Jan 2022 06:05:04 GMT
content-length
4376
server
Akamai Image Manager
expires
Wed, 09 Feb 2022 08:49:38 GMT
common.js
www.telechargeoffers.com/Scripts/
9 KB
3 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/common.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b0aad2c9bdf5966b78882287903a42d07481ee933c690dc71a7692fab4cfff06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
3223
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:43:54 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"f937fc7efd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
shubert_headercontrol.js
www.telechargeoffers.com/Scripts/
15 KB
4 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_headercontrol.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c915238ae67926e318e17a6c005287c810caa873f926573996866878d4fd19d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
3541
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:19 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"d3b3bd8dfd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
Shubert_SessionHandler.js
www.telechargeoffers.com/Scripts/
3 KB
1 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/Shubert_SessionHandler.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f902734b5f2d7a6d0fb6d9270b9e0500e8f6999e0476f4023f4e2ca63454572
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
884
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:34 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"db827b96fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
font-awesome.min.css
www.telechargeoffers.com/Stylesheets/font-awesome-4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://www.telechargeoffers.com/Stylesheets/font-awesome-4.7.0/css/font-awesome.min.css
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
850ad2b47759b688c0030e378d844c7abde141bbc3297c870660c25ea5cfa4e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
no-cache, no-store
vary
Accept-Encoding
content-length
7771
x-xss-protection
1; mode=block
expires
Tue, 08 Feb 2022 20:49:38 GMT
addthis_widget.js
s7.addthis.com/js/250/
353 KB
114 KB
Script
General
Full URL
https://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.68.114 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-68-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Tue, 08 Feb 2022 20:49:38 GMT
x-host
s7.addthis.com
content-length
116415
shubert_UtilityControl.js
www.telechargeoffers.com/Scripts/
4 KB
2 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_UtilityControl.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9becd304333932e5113d9fca9dd282f1bb8b079ebdd25f96965e84ae3f77b697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
1449
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:35 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"15817897fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
shubert_MarketingCodeHeaderControl.js
www.telechargeoffers.com/Scripts/
5 KB
2 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_MarketingCodeHeaderControl.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a8d4bc6d542f98f89aec4106de7a358715585c63f1d23a44e0cd6d7dcda2ef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
1400
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:28 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"ea204793fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
Play-That-Goes-Wrong-Broadway-Show-Tickets-1-111016.jpg
www.telechargeoffers.com/Images/Product/
4 KB
4 KB
Image
General
Full URL
https://www.telechargeoffers.com/Images/Product/Play-That-Goes-Wrong-Broadway-Show-Tickets-1-111016.jpg
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b51d3d575b16cc2007ef32817ab64dc750cd0b2f32d001e9f569b67e80473bc1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
x-check-cacheable
YES
x-serial
1794
etag
"dfb4a5b312e6d71:0"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Thu, 16 Dec 2021 20:13:52 GMT
content-length
4368
server
Akamai Image Manager
expires
Wed, 09 Feb 2022 08:49:38 GMT
Shubert2010-doubleS_17px-01.png
www.telechargeoffers.com/Images/Product/
390 B
576 B
Image
General
Full URL
https://www.telechargeoffers.com/Images/Product/Shubert2010-doubleS_17px-01.png
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1a8402803f05300aa7574411ad1690ba82b8583d49d92c911fa49e701b07cb73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
last-modified
Fri, 07 Jan 2022 06:05:04 GMT
server
Akamai Image Manager
etag
"e588f290ce6d71:0"
content-type
image/png
cache-control
private, no-transform, max-age=43200
content-length
390
expires
Wed, 09 Feb 2022 08:49:38 GMT
AccessServices_TelechargeHeader_Generic_2020_175x145_black.jpg
www.telechargeoffers.com/Images/Product/
6 KB
6 KB
Image
General
Full URL
https://www.telechargeoffers.com/Images/Product/AccessServices_TelechargeHeader_Generic_2020_175x145_black.jpg
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
67704defd0c7115851b39e8fa2f92c177dcb2abe60a49158f7775c4f00ad7efa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
x-check-cacheable
YES
x-serial
1916
etag
"c2805e48ee6d71:0"
content-type
image/png
cache-control
private, no-transform, max-age=43200
last-modified
Thu, 16 Dec 2021 18:46:47 GMT
content-length
5722
server
Akamai Image Manager
expires
Wed, 09 Feb 2022 08:49:38 GMT
shubert_ProductHeaderView.js
www.telechargeoffers.com/Scripts/
3 KB
2 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_ProductHeaderView.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
628486a143d6698e8845cbb896e4db9e105f0ace17133b21bfbdfbc00482e307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
1320
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:32 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"73c5bc95fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
shubert_SubNavigation.js
www.telechargeoffers.com/Scripts/
3 KB
1 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_SubNavigation.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4805f2a89ee3f11bd87a08c5bdfce277e04fbd514de5b7ebcdc6662470de83a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
1105
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:34 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"4273e996fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
shubert_footercontrol.js
www.telechargeoffers.com/Scripts/
3 KB
1 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_footercontrol.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9bfe65f23fcc5d78e4b29dff2a4a2e95008f11a4df7d5f24b3897dc80116c8f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
1058
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:27 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"d0d7bc92fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
popup_overlay.js
www.telechargeoffers.com/Scripts/
21 KB
5 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/popup_overlay.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb06d76e45e2d06366b15f630f214ce5d0e1cfc20bf448d91e01c5f5b2bc64bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
4952
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:09 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"1fe0a487fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
shubert_RadioCheckCtl.js
www.telechargeoffers.com/Scripts/
15 KB
4 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_RadioCheckCtl.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79554b62a04d4846b522d7299ec1c72687a0ae066afd407f8c50272d865d249b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
3991
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:33 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"ba12ea95fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
shubert_select.js
www.telechargeoffers.com/Scripts/
7 KB
2 KB
Script
General
Full URL
https://www.telechargeoffers.com/Scripts/shubert_select.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
230742e112ba90ceb0d4c8179da08f988cd3d9d92edf30aefbd30703ecdce819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-length
1698
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 12 Jan 2022 21:44:33 GMT
server
x-frame-options
SAMEORIGIN
date
Tue, 08 Feb 2022 20:49:38 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store
etag
"73845c96fd7d81:0"
accept-ranges
bytes
expires
Tue, 08 Feb 2022 20:49:38 GMT
SkTSGA
www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/
77 KB
20 KB
Script
General
Full URL
https://www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/SkTSGA
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 16:10:06 GMT
etag
"d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
19642
expires
Thu, 03 Mar 2022 17:04:03 GMT
aksb.min.js
ds-aksb-a.akamaihd.net/
13 KB
5 KB
Script
General
Full URL
https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 08 Feb 2022 20:49:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Aug 2018 18:25:26 GMT
Server
Apache
ETag
"15de19f42b35806faf815298644157e0:1535653526"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
4826
bg.gif
www.telechargeoffers.com/images/global/
278 B
466 B
Image
General
Full URL
https://www.telechargeoffers.com/images/global/bg.gif
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Stylesheets/styles_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
37a772921848c01c8bbb959222f7903b1828656e39b629f0190db95fb54bf0d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/Stylesheets/styles_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
last-modified
Fri, 09 Apr 2021 04:46:45 GMT
server
Akamai Image Manager
etag
"e63568b272e3d61:0"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
278
expires
Wed, 09 Feb 2022 08:49:38 GMT
html_bg.png
www.telechargeoffers.com/images/global/
27 KB
27 KB
Image
General
Full URL
https://www.telechargeoffers.com/images/global/html_bg.png
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Stylesheets/styles_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f71d32866bb55e95a46d177ed7d43c6fcc02c7a2ba2b3040d4d6ae2508bd7718

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/Stylesheets/styles_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
last-modified
Mon, 22 Nov 2021 14:05:39 GMT
server
Akamai Image Manager
etag
"cce258f1cacd61:0"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
27154
expires
Wed, 09 Feb 2022 08:49:38 GMT
gtm.js
www.googletagmanager.com/
143 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KZ8RT4B
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb6aa40c14a29f3f248a3a5f6fc0d8e0eb3f13a4f7c076915c0dd689facf53df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53523
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 20:07:17 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Feb 2022 20:49:38 GMT
gtm.js
www.googletagmanager.com/
121 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NW9BJH9
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20f4400830106b006839c33793ef1ea93d872db3b7feee8ad03dc84c7f8e0df2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43898
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 20:07:17 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Feb 2022 20:49:38 GMT
font-awesome.min.css
www.telechargeoffers.com/Stylesheets/font-awesome-4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://www.telechargeoffers.com/Stylesheets/font-awesome-4.7.0/css/font-awesome.min.css
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
850ad2b47759b688c0030e378d844c7abde141bbc3297c870660c25ea5cfa4e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
date
Tue, 08 Feb 2022 20:49:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
no-cache, no-store
vary
Accept-Encoding
content-length
7771
x-xss-protection
1; mode=block
expires
Tue, 08 Feb 2022 20:49:38 GMT
NGOC____-final.woff
www.telechargeoffers.com/Stylesheets/NewsGothicCondensed/
33 KB
33 KB
Font
General
Full URL
https://www.telechargeoffers.com/Stylesheets/NewsGothicCondensed/NGOC____-final.woff
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Stylesheets/styles_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92f5298193812a2f711f950c959761c5ed19441674c85f616206eee248e97183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.telechargeoffers.com/Stylesheets/styles_main.css
Origin
https://www.telechargeoffers.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 12 Jan 2022 21:45:26 GMT
server
etag
"8adae9b5fd7d81:0"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff
cache-control
no-cache, no-store
date
Tue, 08 Feb 2022 20:49:38 GMT
accept-ranges
bytes
content-length
33391
x-xss-protection
1; mode=block
expires
Tue, 08 Feb 2022 20:49:38 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/
2 KB
1 KB
Script
General
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.143.57 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-143-57.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
B402EDC6F7271ED7
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50028
accept-ranges
bytes
content-length
948
x-amz-id-2
3ZiQcYtRTuh4WJ4BUq+mWoVqgQk4EdHwIkUrSZre2GxPFo/4IUZsv5aBqLknQUvSl0wjR3iM+HQ=
rule_hor_whiteF.gif
www.telechargeoffers.com/images/
46 B
232 B
Image
General
Full URL
https://www.telechargeoffers.com/images/rule_hor_whiteF.gif
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Stylesheets/styles_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f5a9481216691b05d0be2628d0bbdb6fe30acdfe02396dc48fea774194adcdf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/Stylesheets/styles_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
last-modified
Sun, 29 Aug 2021 00:49:17 GMT
server
Akamai Image Manager
etag
"7c20147e74acd61:0"
content-type
image/gif
cache-control
private, no-transform, max-age=43200
content-length
46
expires
Wed, 09 Feb 2022 08:49:39 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZ8RT4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2687
date
Tue, 08 Feb 2022 20:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 08 Feb 2022 22:04:52 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KZ8RT4B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14850
x-xss-protection
0
server
cafe
etag
8228622888473677312
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 08 Feb 2022 20:49:39 GMT
selected_rt.jpg
www.telechargeoffers.com/images/
780 B
996 B
Image
General
Full URL
https://www.telechargeoffers.com/images/selected_rt.jpg
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Stylesheets/styles_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
64df4a260f13318730802f685dee30059a67ccb30613ff3457b360778705193d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/Stylesheets/styles_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
x-check-cacheable
YES
x-serial
1830
etag
"1bac16b63cd71:0"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Fri, 17 Sep 2021 06:51:26 GMT
content-length
780
server
Akamai Image Manager
expires
Wed, 09 Feb 2022 08:49:39 GMT
e3ad1d7c1d2e48efab9b7ce149fc774d
lib-us-1.brilliantcollector.com/collector/switch/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/e3ad1d7c1d2e48efab9b7ce149fc774d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.135.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-135-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-requested-with
Origin
https://www.telechargeoffers.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
content-length
0
vary
Accept-Encoding,Origin
access-control-allow-origin
https://www.telechargeoffers.com
access-control-allow-methods
GET
access-control-allow-headers
x-requested-with
access-control-allow-credentials
true
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-envoy-upstream-service-time
0
server
istio-envoy
SkTSGA
www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/
18 B
717 B
XHR
General
Full URL
https://www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/SkTSGA
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/SkTSGA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.telechargeoffers.com
access-control-allow-credentials
true
x_req_id
3312aadc-4bd6-4dea-a44b-1099323ed911
access-control-allow-headers
Content-Type
content-length
18
productheader.gif
www.telechargeoffers.com/images/
312 B
529 B
Image
General
Full URL
https://www.telechargeoffers.com/images/productheader.gif
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Stylesheets/styles_main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f01580b6001fa6bfd448cec0ae2a5beb62fe1bd65915f7b80dd35e84a507d13c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/Stylesheets/styles_main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
x-check-cacheable
YES
x-serial
509
etag
"13e4174a71e3d61:0"
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Fri, 09 Apr 2021 04:46:53 GMT
content-length
312
server
Akamai Image Manager
expires
Wed, 09 Feb 2022 08:49:39 GMT
truncated
/
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
e3ad1d7c1d2e48efab9b7ce149fc774d
lib-us-1.brilliantcollector.com/collector/switch/
1 B
249 B
XHR
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/e3ad1d7c1d2e48efab9b7ce149fc774d
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.135.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-135-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://www.telechargeoffers.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
dcname
prod-dal
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.telechargeoffers.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
nodeid
wscollector-66b7df9bf9-827x6
content-length
1
server
istio-envoy
_ate.track.config_resp
v1.addthisedge.com/live/boost/telecharge/
166 B
325 B
Script
General
Full URL
https://v1.addthisedge.com/live/boost/telecharge/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.68.114 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-68-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
content-encoding
gzip
etag
659743217
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=54, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
154
300lo.json
m.addthis.com/live/red_lojson/
89 B
249 B
Script
General
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=6202d762fef7d496&bkl=0&bl=1&pdt=2354&sid=6202d762fef7d496&pub=telecharge&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.telechargeoffers.com&fp=offeroverview.aspx%3Fproductid%3D13390&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1644353378460&jsl=1&uvs=6202d7626949cefc000&skipb=1&callback=addthis.cbs.jsonp__41446266512327410
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.68.114 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-68-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbb23fd5dca43a2a55bd9b902af7cce1f24e8e962866527cd389a5612a7444bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 7707
0
0

sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 864F
71 KB
26 KB
Document
General
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.68.114 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-59-68-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
etag
W/"5f971164-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Tue, 08 Feb 2022 20:49:39 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
dltrv2.js
integration.delivra.com/tracking/
5 KB
3 KB
Script
General
Full URL
https://integration.delivra.com/tracking/dltrv2.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.176.85.227 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-85-227.us-west-1.compute.amazonaws.com
Software
nginx/1.16.1 / ASP.NET
Resource Hash
1eccafa505ed2780d183002eba49c3738ab95b86e68c53c71ef6acf3f2b329e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
content-encoding
gzip
server
nginx/1.16.1
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/javascript; charset=utf-8
cache-control
public
expires
Tue, 08 Feb 2022 20:51:25 GMT
4f637a7e796d.js
w.usabilla.com/ Frame 865C
38 KB
11 KB
Script
General
Full URL
https://w.usabilla.com/4f637a7e796d.js?lv=1
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.159.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-159-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
719f68e7af23175646286f0a0751e6441db357612542f09ef3ddcc6b48fb3f77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
content-encoding
gzip
x-widget-server
2.1
etag
"04ba3f7d997e1555d3fa9a1fcb11cf74"
content-type
text/javascript
cache-control
public,max-age=0
content-length
11525
collect
stats.g.doubleclick.net/j/
1 B
445 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=INSERT%20ID&cid=918633769.1644353379&jid=826849760&gjid=1198594358&_gid=682907391.1644353379&_u=YGBAiUABBAAAAE~&z=1581807952
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telechargeoffers.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Feb 2022 20:49:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.telechargeoffers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
151 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1836032741&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAG~&jid=1919025235&gjid=2076719896&cid=918633769.1644353379&tid=UA-66858352-4&_gid=682907391.1644353379&_r=1&gtm=2wg270NW9BJH9&cd1=The%20Play%20That%20Goes%20Wrong&cd2=1644353378480.gbnz2oia&cd3=918633769.1644353379&cd4=%5Bpixel_seatsection%5D&cd5=Play&cd6=Off-Broadway&z=700869388
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telechargeoffers.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.telechargeoffers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
193 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1836032741&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiUABB~&jid=826849760&gjid=1198594358&cid=918633769.1644353379&tid=INSERT%20ID&_gid=682907391.1644353379&gtm=2wg270KZ8RT4B&z=2063050465
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:53:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3353
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
91 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1836032741&t=pageview&_s=1&dl=https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiUABBAAAAE~&jid=&gjid=&cid=918633769.1644353379&tid=INSERT%20ID&_gid=682907391.1644353379&gtm=2wg270KZ8RT4B&z=1890767686
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 19:53:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3353
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/480002519/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/480002519/?random=1644353378587&cv=9&fst=1644353378587&num=1&label=hDMCCJOhyLMCENeD8eQB&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg270&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80ee254c4b41ca0899e24dcf9386fdc83a0f7e6cd033cb3cf763e5ee479ba1fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1063
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
72 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-66858352-4&cid=918633769.1644353379&jid=1919025235&gjid=2076719896&_gid=682907391.1644353379&_u=YGDACUABBAAAAG~&z=1169345688
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telechargeoffers.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Feb 2022 20:49:39 GMT
content-type
text/plain
access-control-allow-origin
https://www.telechargeoffers.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66858352-4&cid=918633769.1644353379&jid=1919025235&_u=YGDACUABBAAAAG~&z=1844641702
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-66858352-4&cid=918633769.1644353379&jid=1919025235&_u=YGDACUABBAAAAG~&z=1844641702
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/480002519/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/480002519/?random=1644353378587&cv=9&fst=1644350400000&num=1&label=hDMCCJOhyLMCENeD8eQB&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg270&sendb=1&frm=0&url=https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390&async=1&fmt=3&is_vtc=1&random=1010483703&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/480002519/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/480002519/?random=1644353378587&cv=9&fst=1644350400000&num=1&label=hDMCCJOhyLMCENeD8eQB&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg270&sendb=1&frm=0&url=https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390&async=1&fmt=3&is_vtc=1&random=1010483703&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Feb 2022 20:49:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SkTSGA
www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/
18 B
703 B
XHR
General
Full URL
https://www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/SkTSGA
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.telechargeoffers.com
access-control-allow-credentials
true
x_req_id
25bc8356-de0b-45e0-b5da-d38509b6c0d3
access-control-allow-headers
Content-Type
content-length
18
collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.135.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-135-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Origin
https://www.telechargeoffers.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
content-length
0
vary
Accept-Encoding,Origin
access-control-allow-origin
https://www.telechargeoffers.com
access-control-allow-methods
POST
access-control-allow-headers
content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-credentials
true
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-envoy-upstream-service-time
0
server
istio-envoy
collectorPost
lib-us-1.brilliantcollector.com/collector/
38 B
365 B
Fetch
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.135.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-135-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

Content-Encoding
gzip
X-PageId
P.JHNSW523QKDDY8NBA8T7ALE3HDFE
X-Tealeaf
device (UIC) Lib/6.1.0.1989
X-Tealeaf-SyncXHR
false
Accept-Language
de-DE,de;q=0.9
X-Tealeaf-MessageTypes
1,2,5,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
e3ad1d7c1d2e48efab9b7ce149fc774d
X-Tealeaf-SaaS-TLTSID
40257863004212041735310121855623
X-Requested-With
fetch
X-TealeafType
GUI
X-TeaLeaf-Page-Url
/offeroverview.aspx
Referer
https://www.telechargeoffers.com/

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
dcname
prod-dal
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://www.telechargeoffers.com
cache-control
no-cache
access-control-allow-credentials
true
tltsid
40257863004212041735310121855623
x-envoy-upstream-service-time
1
nodeid
wscollector-66b7df9bf9-827x6
content-length
38
server
istio-envoy
expires
Fri, 31 Dec 1998 12:00:00 GMT
pixel_27a275
www.telechargeoffers.com/akam/11/
0
539 B
XHR
General
Full URL
https://www.telechargeoffers.com/akam/11/pixel_27a275
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 08 Feb 2022 20:49:39 GMT
content-length
0
content-type
text/html
PageView.ashx
integration.delivra.com/tracking/cs/v3/
0
216 B
XHR
General
Full URL
https://integration.delivra.com/tracking/cs/v3/PageView.ashx
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.176.85.227 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-176-85-227.us-west-1.compute.amazonaws.com
Software
nginx/1.16.1 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.telechargeoffers.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
server
nginx/1.16.1
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
POST
access-control-allow-origin
https://www.telechargeoffers.com
cache-control
private
access-control-allow-headers
Content-Type, Accept
content-length
0
/
znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com/SIE/
7 KB
4 KB
Script
General
Full URL
https://znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_aWP4k6zSORRHjFj
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe659394f4a2b1d2f723cbe5c1e989243175eb7a728c1b7869904b5e94ff4193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
340484
cf-polished
origSize=8435
cf-ray
6da7b9d0cd2d910a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
13
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-xRF+jwwWbwhEeVvZLTWkKInZLZw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
telecharge-button-bcaa09b6f0180a383e9fc4b19b48d49d.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame 1D83
2 KB
2 KB
Image
General
Full URL
https://d6tizftlrpuof.cloudfront.net/themes/production/telecharge-button-bcaa09b6f0180a383e9fc4b19b48d49d.png
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-77.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
367bbadaf0a83215aca2bc9eef4fce807868bfaf003e268a02bcaaf7a0ebf403

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 15:26:52 GMT
Via
1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 09 Jun 2021 14:29:57 GMT
Server
AmazonS3
Age
21100968
ETag
"bcaa09b6f0180a383e9fc4b19b48d49d"
X-Cache
Hit from cloudfront
x-amz-version-id
Zv4P06GcOEyTBze3KZ8xTTwioh124sFg
Cache-Control
max-age=315360000, no-transform, public
X-Amz-Cf-Pop
FRA56-P3
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
1880
X-Amz-Cf-Id
L8U8KkupSkHl9rjJnRWW-rmWH-2xtjoyckHnlayXuSdZJdgOTIRxJw==
roundtrip.js
s.adroll.com/j/
46 KB
15 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
mLgRV7jYHDvB6wDphJKX5Q2F5vg5l49f
Content-Encoding
gzip
Etag
W/"b8caabe626e64605e61edd5174246bf4"
Age
2073
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Last-Modified
Mon, 07 Feb 2022 16:47:41 GMT
Server
AmazonS3
Date
Tue, 08 Feb 2022 20:15:10 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
PirQD0zG1X7Ko9RMKf6d40--gELRbJ1MtZKD8YQvV2oq8ihAs3_A7w==
SkTSGA
www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/
18 B
684 B
XHR
General
Full URL
https://www.telechargeoffers.com/D6t3oT/Mm4/MCp/-9ZyoQTT/7t5SmpSbc7/PjhiD35gAgo/X2YOZ/SkTSGA
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.153.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-153-130.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer
https://www.telechargeoffers.com/offeroverview.aspx?productid=13390
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.telechargeoffers.com
access-control-allow-credentials
true
x_req_id
936308da-04eb-48f4-96f2-92943b298b21
access-control-allow-headers
Content-Type
content-length
18
11.00f5dbb614ff0ba9bcba.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
57 KB
18 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.00f5dbb614ff0ba9bcba.chunk.js?Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&Q_BRANDID=www.telechargeoffers.com
Requested by
Host: znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com
URL: https://znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_aWP4k6zSORRHjFj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae995b0ab65bfc285051cc7adeab246869ed0aa88fe016b17764f2612d7cd4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
586241
cf-polished
origSize=59349
cf-ray
6da7b9d12de0910a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
13
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Jan 2022 18:42:52 GMT
server
cloudflare
etag
W/"e7d5-17eb17267e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
b
ds-aksb-a.akamaihd.net/2/799341/
0
269 B
Image
General
Full URL
https://ds-aksb-a.akamaihd.net/2/799341/b?dE=0&cS=0&cE=0&rqS=0&rsS=627&rsE=634&sS=&dl=631&di=1691&fp=2548&dlS=1769&dlE=1814&dc=2498&leS=2498&leE=2512&to=&ol=0&cr=6&mt=&mb=&b=133377&u=https%3A//www.telechargeoffers.com/offeroverview.aspx&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/97.0.4692.71%20Safari/537.36&pl=Linux%20x86_64&us=&gh=95.100.153.126&t=&rid=53775081&r=36186&akM=a&akN=ae&vc=14:17&bpcip=c11b0e00&akTX=1&akTI=53775081&ai=503760&pmgn=&pmgi=&pmp=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba4b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 08 Feb 2022 20:49:40 GMT
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store, private
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Tue, 08 Feb 2022 20:49:40 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
16 KB
2 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_aWP4k6zSORRHjFj&Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9796f57e485e157c82c7b08d2025cb1e7d59a62cefe62da56836e31ca876efc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telechargeoffers.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
10
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.telechargeoffers.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
8d651e31df7c13ee
cf-ray
6da7b9d16e76910a-FRA
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/JOH75BOZPJEWDGO22THTEZ/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
762 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:2156:800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC
Via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
82103
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Mon, 18 Oct 2021 21:07:54 GMT
Server
AmazonS3
Date
Mon, 07 Feb 2022 22:01:18 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
qtYq4PJL566wvrodCJg-Nmej6CgTPs40roC7rHDZU7xtLId78eYT0Q==

Redirect headers

Date
Tue, 08 Feb 2022 12:26:12 GMT
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Age
30207
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
U-yTNq_WsSfjF7XAOfkeh02k023VxXC2KsGR_m1An5tfPZU_QUHiXg==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/JOH75BOZPJEWDGO22THTEZ/BH3YAKJ3SRGYLKNCJJIT3L/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
733 B
Script
General
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:2156:800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
54601
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Tue, 08 Feb 2022 05:40:34 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
DaBsaCnC3EE3FrMetPVCLpT1OgrE9nF8FO01MMZDxKJn79TdxS_qtA==

Redirect headers

Date
Tue, 08 Feb 2022 12:26:12 GMT
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Age
30207
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
iBxUtR91kBMs8uTsptlC5bXxaA6jArek-JelUSg4OEHl7KuQa3xPBg==
index.js
s.adroll.com/j/pre/JOH75BOZPJEWDGO22THTEZ/BH3YAKJ3SRGYLKNCJJIT3L/
4 KB
3 KB
Script
General
Full URL
https://s.adroll.com/j/pre/JOH75BOZPJEWDGO22THTEZ/BH3YAKJ3SRGYLKNCJJIT3L/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
YALq4vIN1VpWYl7YEwbRdRMZaUhhnjLt
Content-Encoding
gzip
Etag
W/"33ed216ef4569e95a97e55fb39d91d38"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Mon, 07 Feb 2022 18:03:58 GMT
Server
AmazonS3
Date
Tue, 08 Feb 2022 20:49:41 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
W7C94k93sw8tYuFg66wQYpIvYbycGrRb1Ax7BqjBPwOcGnaDcxtkYQ==
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/
101 KB
32 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&Q_BRANDID=shubertorganization
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.00f5dbb614ff0ba9bcba.chunk.js?Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&Q_BRANDID=www.telechargeoffers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60af31f4402255b9fe3e40e493adfde0b7fdb8a71891151c04c51ca788e79eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
586241
cf-polished
origSize=103870
cf-ray
6da7b9d24866910a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
12
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Jan 2022 18:42:52 GMT
server
cloudflare
etag
W/"195be-17eb17267e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
JOH75BOZPJEWDGO22THTEZ
d.adroll.com/consent/check/
386 B
479 B
Script
General
Full URL
https://d.adroll.com/consent/check/JOH75BOZPJEWDGO22THTEZ?arrfrr=https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390&_s=d2fe651ebdefca66ee97748513cba684&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.67.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-67-72.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
781802bee14db2dbe16d14b9631187b05d2d273ed00ca95e7d5c8b80b1120868

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
server
nginx/1.20.0
content-length
386
content-type
application/javascript
4.806f08f742b81afc3693.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
2 KB
910 B
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.806f08f742b81afc3693.chunk.js?Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&Q_BRANDID=shubertorganization
Requested by
Host: znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com
URL: https://znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_aWP4k6zSORRHjFj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6fd7d505ec3dda45209f6209743f6288de77545d256a2808c019e13d948896b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
586239
cf-polished
origSize=2539
cf-ray
6da7b9d2c94b910a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
5
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Jan 2022 18:42:52 GMT
server
cloudflare
etag
W/"9eb-17eb17267e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.7f19def3b50f19a5628c.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
28 KB
6 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.7f19def3b50f19a5628c.chunk.js?Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&Q_BRANDID=shubertorganization
Requested by
Host: znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com
URL: https://znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_aWP4k6zSORRHjFj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a75101f8884d477aa9a48ce8a3313de35f4d0e0d6a06c7613800828d2c4d6081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
586239
cf-polished
origSize=29269
cf-ray
6da7b9d2c950910a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
13
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Jan 2022 18:42:52 GMT
server
cloudflare
etag
W/"7255-17eb17267e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
PopOverModule.js
siteintercept.qualtrics.com/dxjsmodule/
9 KB
3 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/PopOverModule.js?Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&Q_BRANDID=shubertorganization
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.00f5dbb614ff0ba9bcba.chunk.js?Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&Q_BRANDID=www.telechargeoffers.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
586192
cf-polished
origSize=10440
cf-ray
6da7b9d2c953910a-FRA
edge-control
max-age=604800
x-envoy-upstream-service-time
7
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 31 Jan 2022 18:42:52 GMT
server
cloudflare
etag
W/"28c8-17eb17267e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
3 KB
1 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_3zasXKsvDDXiG3j&Version=2&Q_ORIGIN=https://www.telechargeoffers.com&Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca35cb360783ce679960a0d2886f04d2c28d336fc50165fd4a55c665661e600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
x-envoy-upstream-service-time
17
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 08 Feb 2022 20:49:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
cf-ray
6da7b9d2e8989171-FRA
servershortname
expires
Fri, 06 Feb 2032 20:49:40 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
4 KB
2 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9G2fk5Nre1rrK29&Version=1&Q_InterceptID=SI_3zasXKsvDDXiG3j&Q_ORIGIN=https://www.telechargeoffers.com&Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f5a4bd122400d92dbf83d3e88185d6bee895945d803101649bbfabd8db1a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
x-envoy-upstream-service-time
11
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 08 Feb 2022 20:49:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
cf-ray
6da7b9d2e89d9171-FRA
servershortname
expires
Fri, 06 Feb 2032 20:49:40 GMT
consent_tcfv2.js
s.adroll.com/j/
391 KB
54 KB
Script
General
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ca95c128ac8182e275c27d7d2c79e496468b000c84f1760427bda48e6c76ea5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
NUNn6FITSuYhdE6o4FnWYSf0oL.peI4s
Content-Encoding
gzip
Etag
W/"1af244f5a65f1d15e18b6804e4d65960"
Age
161
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Last-Modified
Mon, 20 Dec 2021 18:54:25 GMT
Server
AmazonS3
Date
Tue, 08 Feb 2022 20:47:00 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
RUwhrXI7XSl-ENq38Neln7HSsC2vqZ_Hi88HcWzfGc72bzAv2WZkwQ==
nextroll-32x32.png
s.adroll.com/i/favicon/
2 KB
2 KB
Image
General
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via
1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
5240
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Date
Tue, 08 Feb 2022 19:22:21 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
BCfnZZ-Y7Zyx-O7PD1wQXAvHbE2XADr3AUdC6EMyDpFCuvGELu0wuA==
popup_shadow_transparent.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/
3 KB
3 KB
Image
General
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/popup_shadow_transparent.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aede8f02cedece57ae792626eca030168c6e989e9c58f82935b1934a1df6fb15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.telechargeoffers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 20:49:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1256097
cf-polished
origSize=3581
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time
6
cf-bgj
imgq:85,h2pri
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Jan 2022 17:59:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=315360000, public
trace-id
f33501523129d12b
cf-ray
6da7b9d65998910a-FRA
servershortname
expires
Fri, 23 Jan 2032 07:54:43 GMT
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/
45 B
240 B
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9G2fk5Nre1rrK29&Q_SIID=SI_3zasXKsvDDXiG3j&Q_ASID=AS_3jBFG2bCMAMrX5H&Q_CLIENTVERSION=1.66.0&Q_CLIENTTYPE=web&r=1644353380129
Requested by
Host: www.telechargeoffers.com
URL: https://www.telechargeoffers.com/Scripts/tealeaf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.telechargeoffers.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 08 Feb 2022 20:49:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
3
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.telechargeoffers.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
trace-id
131a2390e5513f4d
cf-ray
6da7b9d6ab089171-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

397 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery object| w object| d object| AKSB string| bazadebezolkohpepadr object| theForm function| __doPostBack function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| pako object| TLT function| logToTealeaf string| CurrentPageId number| headerHeightValue number| sessionTimeOutValue string| ProductInfoWithOneContentAreaType string| OfferModeHeaderControlContainerType string| HeaderControlType string| serverSessionId string| UserConfirmationBoxType string| NavigationContainerControlType string| NavigationControlType string| ProductHeaderViewType string| MarketingCodeHeaderControlType string| SessionHandlerType string| ExistingAccountType string| informationRequiredErrorId undefined| valGroupOnLoginSubmit undefined| overlayDivId undefined| childCtlGroupColelction undefined| selectedCtlGroupId object| LoginControlJSON function| PopulateLoginControlJSON function| ValidateLogin function| ClearLoginPassword function| ClearPasswordTextField function| ShowMembershipRenewalPrompt function| OnRenewalGetSuccess function| SetExpirationChoiceTypeId function| HighlightInvalidEntries function| ClearError function| closeExistingAccountOverlay function| FormatLoginErrorSummary function| CheckValidatorLogin function| ValidateMembershipChoiceSelection function| ValidateLoginMandatoryFields undefined| urlForgotPassword undefined| lblForgortPasswordResultClientId undefined| forgortPasswordResultClientId undefined| accountLockoutMessageClientId undefined| valSummaryForgotPassword undefined| isOfferModeValue string| ISUserEmailExists function| RedirectToForgotPasswordPage function| RedirectToForForgotPasswordOnOfferContext function| OnGetSuccessCancelOfferTransaction function| ProcessRedirectForgotPassword function| ShowExpirationPrompt function| ShowMembershipPrompt function| OnGetSuccess function| MICToggleDivToBlockMode undefined| hdnMembershipId function| MICRegisterClientIds function| SetMembershipId function| Login_KeyPress function| PopulateLoginChildControlGroupIds function| ShowLoginChildControlFromGroupId function| UserConfirmationOnOrderCancellationForCreateAccount function| confirmCancelTransactionOnCreateAccount function| RedirectToCreateAccountCallBack boolean| submitButtonClicked string| MembershipRenewalPromptType string| InlineMessageType string| MembershipInfoControlType string| UtilityControlType string| OfferHeaderControlType string| SessionTimerType string| ActiveMembershipDetectorType string| OfferTransactionControlType string| OfferHeaderImageControlType string| OfferHeaderTextControlType string| TransactionTimerType string| StarTimerType string| MetaTagsType string| EventSubNavType string| SubNavigationType string| OfferoverviewControlType string| OfferModeFooterControlContainerType string| FooterControlType string| Page_ValidationVer boolean| Page_IsValid boolean| Page_BlockSubmit object| Page_InvalidControlToBeFocused object| Page_TextTypes function| ValidatorUpdateDisplay function| ValidatorUpdateIsValid function| AllValidatorsValid function| ValidatorHookupControlID function| ValidatorHookupControl function| ValidatorHookupEvent function| ValidatorGetValue function| ValidatorGetValueRecursive function| Page_ClientValidate function| ValidatorCommonOnSubmit function| ValidatorEnable function| ValidatorOnChange function| ValidatedTextBoxOnKeyPress function| ValidatedControlOnBlur function| ValidatorValidate function| ValidatorSetFocus function| IsInVisibleContainer function| IsValidationGroupMatch function| ValidatorOnLoad function| ValidatorConvert function| ValidatorCompare function| CompareValidatorEvaluateIsValid function| CustomValidatorEvaluateIsValid function| RegularExpressionValidatorEvaluateIsValid function| ValidatorTrim function| RequiredFieldValidatorEvaluateIsValid function| RangeValidatorEvaluateIsValid function| ValidationSummaryOnSubmit function| Sys$Enum$parse function| Sys$Enum$toString function| Sys$Component$_setProperties function| Sys$Component$_setReferences function| $create function| $addHandler function| $addHandlers function| $clearHandlers function| $removeHandler function| $get function| $find function| Type object| Sys object| _events function| PageMethods function| gtc function| WebForm_OnSubmit object| Shubert function| Trim function| ReplaceAll function| setCookie function| Set_Cookie function| Get_Cookie function| Delete_Cookie function| roundNumber function| isValidDate function| CheckForCreditCard function| htmlDecode function| isIOS undefined| requestedUrlFromHeader string| headerControlClientId string| searchKeyTypeAhead string| TextSearchPharseClientId string| HeaderControlClientId undefined| requestUrlForBuyTicketMode string| IsBuyTicketMode function| ShowOverlay function| HideOverlay function| OfferLogin function| ShowHeaderConfirmation undefined| LoginUrl function| ShowHeaderConfirmationLogin function| OfferHeaderLogin function| RedirectToRequestedPageOnHeaderLinkClick function| RedirectToRequestedPageFromHeaderOnCancelOrder function| MarketingCodeLeaveTheOfferFromHeaderLink_Callback function| ShowSuggestionOnKeyPress function| onEnterkeyPressdoSearch function| RefreshSearchSuggestions function| RemoveRequestedUrlNResetWelcomeMessage function| OnSuccessResetWelcomeMessage function| RemoveRequestedUrl function| ValidateSearchKeyWord function| RemoveIllegalChars function| ContainsAny function| RedirectToSearchResultPageBuyTicketMode function| RedirectToSearchResultPage function| ShowLoginForPostBackFromContentPage function| OnSuccess object| dataLayer function| onGetTransactionIdCallBack function| RedirectToHome function| BlockDirtyTransactionDetectionOnNewTransactionInitiation function| UnBlockDirtyTransactionDetectionOnTransactionInitiationCompletion function| UpdateCurrentTransactionId function| BlockDirtyTransactionDetection function| UnBlockDirtyTransactionDetection function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto function| printit string| buttonConfiguration object| addthis_config object| addthis_localize function| EmailToFriendViaLocalMailClient function| EmailToFriend function| CloseEmailOverlay undefined| hdnEmailConfiguration function| SetControlIds object| google_tag_manager function| CloseBackToEventListConfirmation function| ApplyStyleToControl function| BtnMarketingCodeHeaderNoThanks_Click function| MarketingCodeConfirmationCancel_Click function| MarketingCodeLeaveTheOffer_ConfirmationYesClick function| MarketingCodeLeaveTheOffer_Callback object| MarketingCodeHeaderData function| SetProductIdToMarketingCodeHeaderDataJSON function| AddMarketingCodeToWishList function| ShowMarketingCodeWishListStatusMessage function| SaveMarketingCodeToMyEventList function| OpenLoginPopUp function| HideOfferHeaderLoginOverlay function| ShowLoginInOfferHeader function| AddMarketingCodeToWishListFromMarketingCodeHeader function| SaveMarketingCodeForMyEventListFromMarketingCodeHeader function| RedirectToAllEvents string| GoogleAnalyticsObject function| ga object| google_tag_data string| adroll_adv_id string| adroll_pix_id function| SetAlertDivPosition function| ProductHeaderViewLoginOverlay function| OnProductHeaderCallBack function| HideProductHeaderViewLoginOverlay function| ShowAddToEventListStatusMessage function| AddEventToMyList function| ToggleOfferHeaderToBlockMode undefined| SubnavigationSelectedMenuId undefined| SubnavigationSelectedMenuName function| SetMenuSelected undefined| currentRedirectUrl function| TicketSearchResultSessionHandling function| CancelOrderOnCurrentTransaction function| RedirectToRequestedPageFromSubnavigation function| ReleaseInquireInOfferContext undefined| requestedUrlFromFooterLink string| loginRequiredToRedirect function| ShowFooterConfirmation function| RedirectToRequestedPageOnFooterLinkClick function| OfferFooterLogin function| RedirectToRequestedPageFromFooterOnCancelOrder function| MarketingCodeLeaveTheOfferFromFooterLink_Callback string| requestProcessingMsg function| SetRequestProcessingMsg object| showPopupBlock object| toolTipHoverpane function| applyFocustoElements function| setFocusOnoverlay function| pageLoad function| getFullDate function| equalHeight function| updateRadioCheckStyle function| enableradioCheckBoxStyle object| pageRequestMgr function| pageLoadedHandler function| SelectRadioButton function| RepeaterGroupRadioSelection function| getCheckboxValue function| RepeaterGroupCheckboxSelection function| ControlSetCheck function| ControlSetUnCheck function| ControlIsChecked function| UpdateSelectStyles function| reactiveStyles object| Page_ValidationSummaries object| Page_Validators object| ctl01_ctl03_ccMarketingCodeHeaderControl_ccExistingAccount_valSummaryExistingUser object| ctl01_ctl03_ccMarketingCodeHeaderControl_ccExistingAccount_valForgotPassword object| ctl01_ctl03_ccMarketingCodeHeaderControl_ccExistingAccount_regexLoginEmail object| ctl01_ctl03_ccMarketingCodeHeaderControl_ccExistingAccount_revFPMail string| isProductHeaderLoaded string| allEventsPageResource string| valSummaryExistingUserClientId string| countyResource string| valSummaryForgotPasswordClientId string| messageForgotPasswordClientId string| txtEmailClient string| lblMandatoryFieldMessage boolean| Page_ValidationActive function| ValidatorOnSubmit object| __TsmHiddenField string| currentTransactionId boolean| dirtyDetectionInProcess boolean| isDirtyTransacionDetectionBlocked string| HomePageUrl string| dirtyTransactionPopupDelay object| _ac object| _cf object| bmak number| bm_counter object| bm_script undefined| scripts string| bm_url object| url_split string| obfus_state_field string| state_field_str string| _sd_trace function| op string| urhehlevkedkilrobacf object| addthis_share string| EXcl string| EXe object| EXsl string| EXu function| lightningjs function| usabilla_live boolean| __@@##MUH object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| DlvTracking boolean| __adroll_loaded object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.66.0 object| RT string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list object| _qsie object| __adroll_consent_data object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner object| __adroll_consent_prev_lastchild function| __cmp function| __tcfapi function| qsiRequestAnimationFrame

28 Cookies

Domain/Path Name / Value
www.telechargeoffers.com/ Name: ASP.NET_SessionId
Value: 2cvkpm0udbyizjhizasc1lgz
www.telechargeoffers.com/ Name: SameSite
Value: None
www.telechargeoffers.com/ Name: stop_mobi
Value:
www.telechargeoffers.com/ Name: flowid
Value: 9209fc938be943c3b50040f9c7a0731a
.telechargeoffers.com/ Name: bm_sz
Value: EA54258B8F90F3AE05127461DDD7FD26~YAAQfplkX+xuk7h+AQAAiFQZ2w5X0DXhqQTUm4pNVe2a4pH4s57Qvnjdx+Z917NissoyOo2wAONxjebeV3xYHe750P4/M3PsIVcdS80Vb/u2Ii/OmLJ2cYb5X9tepsYC4rO/OQlHIiYUBg5SW63j82ueRoH9VuVm5wnIftV/v5esIA0zgD3wpgzjTSxBwmgvv+kefkdXKDKIQUosgU5qAfKlug7nch651pkmpH8v2SW5ZQTuS4MPE5Z+mqQoAELoZlEfTOIZtqhbCiNWd6ZdI0XmxjOhgRiYu58PHXD8/A9tN5AHhJ2NA0n6NcB6~3621687~3425593
www.telechargeoffers.com/ Name: ADRUM_BT1
Value: R:67|i:960460|e:12
www.telechargeoffers.com/ Name: ADRUM_BTa
Value: R:67|g:82cee4d9-cef6-435f-9472-7d534f02a1d7|n:shubert-prod_ef802727-d909-43bd-b459-9644ee76b951
www.telechargeoffers.com/ Name: BIGipServerWhiteLabel-Pool
Value: !eSpvU63DtwfBFQY+ConChrmpox6Q+Uld798sBOS/+LJwYAEzKVatqj1V0NbNCNrDck1jvzMAP9ffFjE=
.telechargeoffers.com/ Name: bm_mi
Value: 7B35AF30DC743B76A26C44B5A3E46DE8~B67VZoSBbR5AKlFoAIR6/fB4OGk86hMKXclNG4wT1afNvZtkTXC3XvdfTeoBypRuY0Ouk9Vy/dQbMd9HIV8gFo5SF3tDQgMnRRXOOM5GXfwKAIeGGEwCgZEd2J5P0Rmw0hmvtZlK7Ix2W/Ymr2K7AfrvlFobPFe+BFQ+6trt7YJkHCpj+3uPGw4XOSJUzfZzn4IPgToxZDGVU2+zxV+IAji2vUyw+PrzqJ2FrHa5He4mwzjO9sXwBw+m5miFwpi1as4XQV888cfkZErM8ZFqaJ0isWmqOHtPGamvKa7VVPg=
.telechargeoffers.com/ Name: _gcl_au
Value: 1.1.662617591.1644353378
.telechargeoffers.com/ Name: TLTSID
Value: 40257863004212041735310121855623
www.telechargeoffers.com/ Name: 2cvkpm0udbyizjhizasc1lgzShubert_SessionTimeout
Value: 1644353378445
www.telechargeoffers.com/ Name: __atuvc
Value: 1%7C6
www.telechargeoffers.com/ Name: __atuvs
Value: 6202d7626949cefc000
.telechargeoffers.com/ Name: _ga
Value: GA1.2.918633769.1644353379
.telechargeoffers.com/ Name: _gid
Value: GA1.2.682907391.1644353379
.telechargeoffers.com/ Name: _dc_gtm_INSERTID
Value: 1
.telechargeoffers.com/ Name: _gat_UA-66858352-4
Value: 1
.addthis.com/ Name: uvc
Value: 1%7C6
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.addthis.com/ Name: loc
Value: MDAwMDBFVURFQlkyMjk3MTkwOTAwNTAwMDBDSA==
.telechargeoffers.com/ Name: dlv-suid
Value: 00033a00-9b40-4ab1-a439-7f11af0dcd07
.telechargeoffers.com/ Name: dlv-auid
Value: bb4832b4-87f6-46dd-bb10-e6ba31965adb
.telechargeoffers.com/ Name: ak_bmsc
Value: 01EB6703E99966A7330C8671F2C3F5E9~000000000000000000000000000000~YAAQfplkXxRvk7h+AQAAZF4Z2w6w+0aRjih8PcvwoWZZd8wGw7Hsz/WUvoIm2582lueSJX5QB7dom8KGj9lKmlj090k0h81S6tfNPTi45pCqea6JwiHgzhE2/IqNt3ixCywkOUdnTcxegCON9AJSMEFprUI5sJD45fuu5FdTNMApq/jqX1qTj1lDO+ZpWWr07y1WnC8dDt/cSYmoG7dc607vgXlQSquxy6dhUyGjSiFbQNsqMepV4QCDEPm83auW4XHpIhvLVUZCVtQGSmUEhQdtJ/v75Qltjgms7+TXur21WW0kBTOu1zc5zRDpn26bohxi3G0q1hTgJSTXBAGFX4U0Bvow2FRMKFPmnRrMEh9kK4OcHjl/VQ5DoL7qZVRjhtXGBsVTAE6meezR2sbU8U5E8EYjVLzFl9+Cg+vY4A==
.telechargeoffers.com/ Name: _abck
Value: 624AC59275F681DB25B28B44D32E4E54~-1~YAAQfplkXxlvk7h+AQAAOV8Z2wdY1MlRPBP5ujom3ibtGwYthroVbt9BNRxLDXy+ZEkEeGbA2FmzG6Bc3S+RWoCFvNcK4l92RxN+Tc7/60PabeQeYnIKlu942VouWXv9+9jPdOHuG1CbyFJjx1yhlZ788zmWk8UHL0gCRHMKEcXMhwP9983Pt/W2HRZRjzsK9eAvvclbmcD+Hr/s2DuSNj14MhploVADwKtszl7AmN9UkD070K7O6Vwr8zgHPirBmI7fcmBpcY3axjgShRoBuLezR+e+XLAIecB/x1pxrWIdVTncT8VciSko2DY3qsu0z7U4P6p4ALc+iLZUOuOOTFvrFUX0MiyLj4Rg/Wv/VZt9L93eShNELr+7llQyr21KHAGVCvOP1f39aSLQxCpYeJA2mes=~-1~||-1||~-1
www.telechargeoffers.com/ Name: QSI_HistorySession
Value: https%3A%2F%2Fwww.telechargeoffers.com%2Fofferoverview.aspx%3Fproductid%3D13390~1644353379433
.telechargeoffers.com/ Name: QSI_SI_3zasXKsvDDXiG3j_intercept
Value: true
www.telechargeoffers.com/ Name: GDPRmobile
Value: 3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.adroll.com
d6tizftlrpuof.cloudfront.net
ds-aksb-a.akamaihd.net
googleads.g.doubleclick.net
integration.delivra.com
lib-us-1.brilliantcollector.com
m.addthis.com
s.adroll.com
s7.addthis.com
siteintercept.qualtrics.com
stats.g.doubleclick.net
v1.addthisedge.com
w.usabilla.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.telechargeoffers.com
z.moatads.com
znawp4k6zsorrhjfj-shubertorganization.siteintercept.qualtrics.com
s7.addthis.com
104.17.208.240
104.17.209.240
142.250.186.98
2.21.143.57
23.59.68.114
2600:9000:2156:800:6:9280:1080:93a1
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9c
2a02:26f0:6c00::210:ba4b
52.222.206.77
54.176.85.227
54.236.135.9
54.246.159.25
54.73.67.72
95.100.153.130
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
1a8402803f05300aa7574411ad1690ba82b8583d49d92c911fa49e701b07cb73
1ca95c128ac8182e275c27d7d2c79e496468b000c84f1760427bda48e6c76ea5
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
1eccafa505ed2780d183002eba49c3738ab95b86e68c53c71ef6acf3f2b329e9
1f51a880696a89480221509b3f90b89e0fb58b22023a52e65286b70dcffe2dd2
20f4400830106b006839c33793ef1ea93d872db3b7feee8ad03dc84c7f8e0df2
230742e112ba90ceb0d4c8179da08f988cd3d9d92edf30aefbd30703ecdce819
2f902734b5f2d7a6d0fb6d9270b9e0500e8f6999e0476f4023f4e2ca63454572
2fc5e13dc15e1cbf01ab5ecf79194768c30349287abebf65f5d2cdccefed9744
367bbadaf0a83215aca2bc9eef4fce807868bfaf003e268a02bcaaf7a0ebf403
37a772921848c01c8bbb959222f7903b1828656e39b629f0190db95fb54bf0d3
3d6d1857caa32908e606ce41a078e3dce2551fc5f89bd7b1853d5f13db6785e1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
4805f2a89ee3f11bd87a08c5bdfce277e04fbd514de5b7ebcdc6662470de83a0
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
61088361060063d5addd3e4f568c455f511ad816cbf95a6af0b1341372a340cc
628486a143d6698e8845cbb896e4db9e105f0ace17133b21bfbdfbc00482e307
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
64df4a260f13318730802f685dee30059a67ccb30613ff3457b360778705193d
67704defd0c7115851b39e8fa2f92c177dcb2abe60a49158f7775c4f00ad7efa
6a2566299208d66d222319be328b2230ad10e07e47b3ad8910f92fd04412a7b7
6a8d4bc6d542f98f89aec4106de7a358715585c63f1d23a44e0cd6d7dcda2ef4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba783c6d8d9035ead4ede41a842caaa527fcb6a487118c825b0bc830d1e7ff1
707b3e6faa3d4c85a6943cd53179088f737cfb850aa972de31731b2f8d4136a6
719f68e7af23175646286f0a0751e6441db357612542f09ef3ddcc6b48fb3f77
781802bee14db2dbe16d14b9631187b05d2d273ed00ca95e7d5c8b80b1120868
7828eaf521ab49cd287dba29442807a43deb5f7bb105f27b56454a045f6341be
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
79554b62a04d4846b522d7299ec1c72687a0ae066afd407f8c50272d865d249b
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
80ee254c4b41ca0899e24dcf9386fdc83a0f7e6cd033cb3cf763e5ee479ba1fc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850ad2b47759b688c0030e378d844c7abde141bbc3297c870660c25ea5cfa4e5
8c915238ae67926e318e17a6c005287c810caa873f926573996866878d4fd19d
92f5298193812a2f711f950c959761c5ed19441674c85f616206eee248e97183
9796f57e485e157c82c7b08d2025cb1e7d59a62cefe62da56836e31ca876efc5
9becd304333932e5113d9fca9dd282f1bb8b079ebdd25f96965e84ae3f77b697
9bfe65f23fcc5d78e4b29dff2a4a2e95008f11a4df7d5f24b3897dc80116c8f4
9ca35cb360783ce679960a0d2886f04d2c28d336fc50165fd4a55c665661e600
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a75101f8884d477aa9a48ce8a3313de35f4d0e0d6a06c7613800828d2c4d6081
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aede8f02cedece57ae792626eca030168c6e989e9c58f82935b1934a1df6fb15
b0aad2c9bdf5966b78882287903a42d07481ee933c690dc71a7692fab4cfff06
b51d3d575b16cc2007ef32817ab64dc750cd0b2f32d001e9f569b67e80473bc1
b60af31f4402255b9fe3e40e493adfde0b7fdb8a71891151c04c51ca788e79eb
b6fd7d505ec3dda45209f6209743f6288de77545d256a2808c019e13d948896b
bbb23fd5dca43a2a55bd9b902af7cce1f24e8e962866527cd389a5612a7444bf
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c0f5a4bd122400d92dbf83d3e88185d6bee895945d803101649bbfabd8db1a27
c702f93c91758dab0525c376a408e8327f30bad81a8d30f26588c770585418f6
cae995b0ab65bfc285051cc7adeab246869ed0aa88fe016b17764f2612d7cd4b
d62a3b924d49cc3909d8c7e7d66c6fda8780c357fae0f927993f424928401b20
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb06d76e45e2d06366b15f630f214ce5d0e1cfc20bf448d91e01c5f5b2bc64bb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9453f74b2617d43dcef4242cf5845101fcfb57289c81bceb20042b0023a192
f01580b6001fa6bfd448cec0ae2a5beb62fe1bd65915f7b80dd35e84a507d13c
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f5a9481216691b05d0be2628d0bbdb6fe30acdfe02396dc48fea774194adcdf0
f71d32866bb55e95a46d177ed7d43c6fcc02c7a2ba2b3040d4d6ae2508bd7718
fb6aa40c14a29f3f248a3a5f6fc0d8e0eb3f13a4f7c076915c0dd689facf53df
fe659394f4a2b1d2f723cbe5c1e989243175eb7a728c1b7869904b5e94ff4193