www.offers.com Open in urlscan Pro
104.16.175.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trk.cp20.com/click/g8re-zvt-6w4m-ob7cm5/pmreg33oorqwg5boovzwk4s7nfsceorcgmytamzthayteit5
Effective URL:
https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Submission: On April 02 via api (April 2nd 2020, 8:30:16 pm UTC) from US

Summary HTTP 97 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 24 domains to perform 97 HTTP transactions. The main IP is 104.16.175.182, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.offers.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on March 31st 2020. Valid for: 6 months.

This is the only time www.offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.24.224.100 216.24.224.100	17358 (ETOLL1) (ETOLL1)
25	104.16.175.182 104.16.175.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	104.85.253.54 104.85.253.54	16625 (AKAMAI-AS) (AKAMAI-AS)
14	2606:4700::68... 2606:4700::6812:9d32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.216.20.125 52.216.20.125	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.122 13.225.78.122	16509 (AMAZON-02) (AMAZON-02)
2	23.61.242.16 23.61.242.16	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.86.38.8 104.86.38.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
1	54.152.157.17 54.152.157.17	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:eb:... 2a02:26f0:eb:1ac::13b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
2	52.208.18.218 52.208.18.218	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
2	34.232.243.86 34.232.243.86	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.172.13.155 54.172.13.155	14618 (AMAZON-AES) (AMAZON-AES)
1	23.62.118.129 23.62.118.129	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
1	23.45.237.36 23.45.237.36	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
97	24

1 216.24.224.100 (Ottawa, Canada) 1 redirects

ASN17358 (ETOLL1, CA)
PTR: click.skem1.com

trk.cp20.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 104.16.175.182 (United States)

ASN13335 (CLOUDFLARENET, US)

www.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.85.253.54 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-253-54.deploy.static.akamaitechnologies.com

cdn.nsstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.ziffdavis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:9d32 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi2.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sgi.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.20.125 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-122.fra2.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.61.242.16 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-61-242-16.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.86.38.8 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-86-38-8.deploy.static.akamaitechnologies.com

zdstatic.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.152.157.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-157-17.compute-1.amazonaws.com

preferences.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:1ac::13b2 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

g.pcmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.18.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-18-218.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.243.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-243-86.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.13.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-13-155.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.62.118.129 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-118-129.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.237.36 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-237-36.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	offers.com 1 redirects www.offers.com zdstatic.offers.com	796 KB
14	offerscdn.net sgi2.offerscdn.net sgi.offerscdn.net	64 KB
12	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	141 KB
8	zdbb.net 1 redirects cdn.static.zdbb.net gurgle.zdbb.net zdbb.net jogger.zdbb.net	25 KB
7	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	104 KB
4	ziffdavis.com static.ziffdavis.com	30 KB
3	googletagservices.com www.googletagservices.com	82 KB
2	bing.com bat.bing.com	8 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	betrad.com l.betrad.com	240 B
2	google.com adservice.google.com	342 B
2	google.de adservice.google.de	342 B
2	evidon.com c.evidon.com	1 KB
2	truste.com privacy-policy.truste.com preferences.truste.com	12 KB
2	amazonaws.com s3.amazonaws.com	8 KB
1	bluekai.com stags.bluekai.com
1	krxd.net cdn.krxd.net	383 B
1	bkrtx.com tags.bkrtx.com	11 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
1	pcmag.com g.pcmag.com	323 B
1	googleapis.com ajax.googleapis.com	33 KB
1	nsstatic.net cdn.nsstatic.net	17 KB
1	cp20.com 1 redirects trk.cp20.com	415 B
0	Failed function sub() { [native code] }. Failed
97	24

	Domain	Requested by
25	www.offers.com	www.offers.com ajax.googleapis.com static.ziffdavis.com
13	sgi.offerscdn.net	www.offers.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	securepubads.g.doubleclick.net	cdn.nsstatic.net securepubads.g.doubleclick.net www.offers.com
4	static.ziffdavis.com	zdstatic.offers.com static.ziffdavis.com
4	cdn.static.zdbb.net	1 redirects www.offers.com cdn.static.zdbb.net
3	www.googletagservices.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	bat.bing.com	www.googletagmanager.com www.offers.com
2	www.google-analytics.com	www.googletagmanager.com www.offers.com
2	l.betrad.com	www.offers.com
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	zdbb.net	www.offers.com
2	zdstatic.offers.com	1 redirects www.offers.com
2	c.evidon.com	www.offers.com zdstatic.offers.com
2	s3.amazonaws.com	www.offers.com
1	stags.bluekai.com	tags.bkrtx.com
1	cdn.krxd.net	cdn.static.zdbb.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	www.googletagmanager.com	www.offers.com
1	gurgle.zdbb.net	cdn.static.zdbb.net
1	g.pcmag.com	cdn.nsstatic.net
1	preferences.truste.com	www.offers.com
1	ajax.googleapis.com	www.offers.com
1	privacy-policy.truste.com	www.offers.com
1	sgi2.offerscdn.net	www.offers.com
1	cdn.nsstatic.net	www.offers.com
1	trk.cp20.com	1 redirects
0	https Failed	www.offers.com
97	32

This site contains links to these domains. Also see Links.

Domain
www.creditcardsexplained.com
www.ziffdavis.com
www.facebook.com
pinterest.com
twitter.com
www.instagram.com
privacy.truste.com

Subject Issuer	Validity	Valid
ssl453640.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-03-31` - `2020-10-07`	6 months	crt.sh
www.ziffdavis.com DigiCert SHA2 Extended Validation Server CA	`2020-02-18` - `2022-05-19`	2 years	crt.sh
ssl882224.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-08` - `2020-07-16`	6 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.truste.com Go Daddy Secure Certificate Authority - G2	`2018-01-26` - `2021-03-06`	3 years	crt.sh
*.evidon.com DigiCert ECC Secure Server CA	`2019-02-01` - `2020-05-02`	a year	crt.sh
ziffdavis.com DigiCert SHA2 Secure Server CA	`2020-02-18` - `2021-04-18`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.zdbb.net COMODO RSA Domain Validation Secure Server CA	`2018-02-23` - `2021-02-22`	3 years	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2020-01-10` - `2021-04-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Frame ID: A27F0903227B59A8EF07B0076A4A0EA9
Requests: 81 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&phint=offersbrand%3Dcvs&phint=bbseg%3D900160&phint=bbseg%3D900164&phint=bbseg%3D900169&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D800021&phint=bbseg%3D800022&phint=bbseg%3D900159&phint=__bk_t%3D20%25%20off%20CVS%20Coupons%20%26%20Promo%20Codes%20%2B%20Free%20Shipping%202020&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&phint=__bk_v%3D3.1.4&limit=10&r=3409924
Frame ID: 6047B8E2D29D74AA0C457FA3BB497699
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswmW0Olb6n82D52T1kDPPXezJa-dvMyQVLQsIvIG5_cA7l11dDRprn-RFFY_ZR950eAxG_fSV7rVOcOKSCx5DZTKTzY-WgQtFoU-yqoLZOcLIWzV2K8jp3N5sTS2btbiec0yS2-REqk9nORa20EHZH69X79VmEb6apMxyijbAJgwOFuc4yzPVqIbzkgnIv8d1y-hyacTbjF4FgP1l6ZhRRvJjJTdY5t3H9AHxtzZ3hDxy1rvf8z4ZexNJpYMGWE0BJRj7_2D6iOMg&sai=AMfl-YTN5kTNlbQvFAzl9ShZcRhO-GkKEmYlAmwaEJp8R6vdzInspqaF2D-JTPglZ5kkYkdvBmkijVG9W6iDkTkif7EiM4tpKwVYmSnrKAM0&sig=Cg0ArKJSzD6c8GZ_hrL_EAE&urlfix=1&adurl=
Frame ID: 7FEF5A1F3758E794BDDDFD4A8D5F0569
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: C6C4340B8E96AC17BF3359C6E078226C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html
Frame ID: 78B1BCD75404FB13994EC10AAB5FF563
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046729&w=300&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&ea=0&flash=0&wgl=1&adsid=NT&dt=1585859401731&bpp=13&bdt=74&fdt=130&idt=131&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&correlator=3521890963431&frm=23&ife=4&pv=2&ga_vid=97410509.1585859398&ga_sid=1585859402&ga_hid=1408887582&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=180&ady=871&biw=1585&bih=1200&isw=300&ish=250&ifk=2585373043&scr_x=0&scr_y=0&eid=21065532%2C44713363&oid=3&pvsid=3750254826903468&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.dw8xzqlw8wxw&fsb=1&dtd=143
Frame ID: 81ACF37DA93E6B834A3040D0852DF76F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 6D0D205FC2AB073F54380D3C19112896
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://trk.cp20.com/click/g8re-zvt-6w4m-ob7cm5/pmreg33oorqwg5boovzwk4s7nfsceorcgmytamzthayteit5 HTTP 302
https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=3... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

97
Requests

99 %
HTTPS

38 %
IPv6

24
Domains

32
Subdomains

24
IPs

6
Countries

1385 kB
Transfer

2927 kB
Size

11
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.creditcardsexplained.com/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/terms-of-use
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://www.creditcardsexplained.com/articles
Title: Credit Card Blog

Search URL Search Domain Scan URL

URL: http://www.facebook.com/OffersDOTcom

Search URL Search Domain Scan URL

URL: http://pinterest.com/Offerscom/

Search URL Search Domain Scan URL

URL: https://twitter.com/offers

Search URL Search Domain Scan URL

URL: https://www.instagram.com/offerscom/

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk.cp20.com/click/g8re-zvt-6w4m-ob7cm5/pmreg33oorqwg5boovzwk4s7nfsceorcgmytamzthayteit5 HTTP 302
https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 30

https://zdstatic.offers.com/jst/zdconsent.js HTTP 302
https://zdstatic.offers.com/jst/eu/zdconsent.js

97 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.offers.com/cvs/
Redirect Chain

http://trk.cp20.com/click/g8re-zvt-6w4m-ob7cm5/pmreg33oorqwg5boovzwk4s7nfsceorcgmytamzthayteit5
https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

77 KB
15 KB

461ms
417ms

Document
text/html

104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

769ecb296b202221a4264e041052747fc6a77a1ae01bb4a5878f822462876826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.offers.com
:scheme: https
:path: /cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 02 Apr 2020 20:29:57 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d812ac0c46a62fc417b1b7dfc45e770e31585859397; expires=Sat, 02-May-20 20:29:57 GMT; path=/; domain=.offers.com; HttpOnly; SameSite=Lax psid=fd29e47a22fc9b48bbfa2471c7979f67833bc47a; path=/; domain=www.offers.com ovt=1585859397%7C1585859397%7C1585859397; expires=Thu, 03-Mar-2022 05:00:00 GMT; Max-Age=60424203; path=/ ouid=1662894103701357857%26b0e5b9b9b21443ad3b2c8cbbdad56ac80a8fcfbe682f57c087cca2c27dae2dee; expires=Thu, 03-Mar-2022 21:29:57 GMT; Max-Age=60483600; path=/; domain=www.offers.com osvt=1662894103704503586%2Cs%3Doffer-alerts%2C1585862997%26342dc0f6fb728c8151623b94564ba774c774c85cd7647d5cbd97f4f1f898e543; expires=Thu, 02-Apr-2020 21:29:57 GMT; Max-Age=3600; path=/; domain=www.offers.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 57dd4e123b0dfa88-AMS
content-encoding: gzip

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812#group=
Server: TRK04
Refresh: 0; URL=https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812#group=
Date: Thu, 02 Apr 2020 20:29:57 GMT
Content-Length: 250

GET z0WVjCBSEeGLoxIxOQVEwQ.min.js
https//cdn.static.zdbb.net/js/ 0
0

GET
H2 200 vendor.css
www.offers.com/assets/v1585772904/ 48 KB
10 KB 38ms
37ms Stylesheet
text/css 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1585772904/vendor.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83686
cf-polished: origSize=48922
status: 200
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 20:28:27 GMT
server: cloudflare
etag: W/"5e84f96b-bf1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
expires: Sun, 31 Mar 2030 20:29:57 GMT
cache-control: public, max-age=315360000
cf-ray: 57dd4e153b9efa88-AMS
cf-bgj: minify

GET
H2 200 base.css
www.offers.com/assets/v1585772904/ 136 KB
27 KB 47ms
46ms Stylesheet
text/css 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1585772904/base.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9503defd63b30d7252bbda341bc77fc4f83f4ccb6b97c4d87f97ea71f7ca7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83686
cf-polished: origSize=139818
status: 200
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 20:28:49 GMT
server: cloudflare
etag: W/"5e84f981-2222a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
expires: Sun, 31 Mar 2030 20:29:57 GMT
cache-control: public, max-age=315360000
cf-ray: 57dd4e153ba6fa88-AMS
cf-bgj: minify

GET
H2 200 base-async.css
www.offers.com/assets/v1585772904/ 4 KB
1 KB 32ms
31ms Stylesheet
text/css 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1585772904/base-async.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83685
cf-polished: origSize=3838
status: 200
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 20:28:52 GMT
server: cloudflare
etag: W/"5e84f984-efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
expires: Sun, 31 Mar 2030 20:29:57 GMT
cache-control: public, max-age=315360000
cf-ray: 57dd4e153ba9fa88-AMS
cf-bgj: minify

GET
H2 200 merchant.css
www.offers.com/assets/v1585772904/ 19 KB
4 KB 33ms
32ms Stylesheet
text/css 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1585772904/merchant.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004826e89804ce85513edf2a8a806359be29ad6d12e229ef7adbe580dc6edba2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83685
cf-polished: origSize=19744
status: 200
vary: Accept-Encoding
last-modified: Mon, 23 Mar 2020 19:25:31 GMT
server: cloudflare
etag: W/"5e790d2b-4d20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
expires: Sun, 31 Mar 2030 20:29:57 GMT
cache-control: public, max-age=315360000
cf-ray: 57dd4e153babfa88-AMS
cf-bgj: minify

GET
H2 200 offers.com.lean.js Show response
cdn.nsstatic.net/ns/ 53 KB
17 KB 96ms
25ms Script
application/javascript 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nsstatic.net/ns/offers.com.lean.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9e335ccd63b4eed2e2d5303085c5126e9c5e76c587cc519ab5a4a2ab7a518a5e

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 7afUQRrJNj4t3N3ZoTwr5PrS9CyubASZ
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 13:44:20 GMT
x-amz-request-id: DCE91BA4012EC19A
date: Thu, 02 Apr 2020 20:29:58 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=418
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 16791
x-amz-id-2: sJS0yPGijzUAV1WX+Lxfn7PiW33JJinWgvOjnwfA/+QLMWJkUCvyTEjLoOxMph6g2YTEi8vZfZM=
expires: Thu, 02 Apr 2020 20:36:56 GMT

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

75 KB
22 KB

20ms
19ms

Script
application/javascript

104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 892600ef021cc884d4d3eeca64a5a7b9a6d824de7f87086703a9d6e1a10b9d3c

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: TJdhcBFzh7.WHKuyk7Qq6cFi8o95JQFj
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 12:26:40 GMT
x-amz-request-id: 6B52398972DDCE98
date: Thu, 02 Apr 2020 20:29:58 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 22135
x-amz-id-2: 2nFDse2+YAjIV/n5To3c5xUTpOA7cdgd/uee79fa5Ndbn8FjesIvYczauJR+NqEhfRTXxl0dCTo=
expires: Thu, 02 Apr 2020 21:29:58 GMT

Redirect headers

status: 303
date: Thu, 02 Apr 2020 20:29:58 GMT
cache-control: max-age=3600
core-eu: Yes
content-length: 0
location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
expires: Thu, 02 Apr 2020 21:29:58 GMT

GET
H2 200 logo.svg
www.offers.com/images/v1585772904/ 11 KB
4 KB 32ms
30ms Image
image/svg+xml 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1585772904/logo.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46675519a5eaaa256607e76684e863a6e153311e8f1572c890e21f763cf1139a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83683
status: 200
vary: Accept-Encoding
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: W/"5c781423-2cc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 57dd4e154bb7fa88-AMS
expires: Sun, 31 Mar 2030 20:29:57 GMT

GET
H2 200 471.v276.png
sgi2.offerscdn.net/i/production/published/5/topnav_image/ 2 KB
3 KB 77ms
47ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/5/topnav_image/471.v276.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4052001a535f609af1900ffdd0a90d5d6eafbc1ff0bf42c2157290540b659

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 179651
cf-polished: origFmt=png, origSize=3786
status: 200
content-disposition: inline; filename="471.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 2516
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e156c99d705-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 04dAc7n7dh6y2pzuUkF1aye.h90.w170.flpad.v95.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 15 KB
15 KB 353ms
330ms Image
image/png 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/04dAc7n7dh6y2pzuUkF1aye.h90.w170.flpad.v95.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad7c30707a14d999dec26924ef945a2589f0499f8812195b67bd3d6f431d1a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 57dd4e1558d5dfff-FRA
content-length: 15548
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 addon-shoe.png
www.offers.com/images/v1585772904/browser-addon/ 16 KB
16 KB 41ms
39ms Image
image/webp 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1585772904/browser-addon/addon-shoe.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d087e00637f786aa999d4f3cb4b7957e1ef6974bdcdd14522d29c902b72542bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83682
cf-polished: origFmt=png, origSize=28035
status: 200
content-disposition: inline; filename="addon-shoe.webp"
strict-transport-security: max-age=31536000
content-length: 16624
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-6d83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 31 Mar 2030 20:29:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57dd4e154bb8fa88-AMS
cf-bgj: imgq:100

GET
H2 200 chrome-small.png
www.offers.com/images/v1585772904/browser-addon/browser-logos/ 1 KB
1 KB 32ms
31ms Image
image/webp 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1585772904/browser-addon/browser-logos/chrome-small.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86decae1c8fb2910fa26e36d75768e1eee8143ac7973bde2fede8fbd5b234a1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83682
cf-polished: origFmt=png, origSize=1177
status: 200
content-disposition: inline; filename="chrome-small.webp"
strict-transport-security: max-age=31536000
content-length: 1102
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-499"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 31 Mar 2030 20:29:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57dd4e154bbafa88-AMS
cf-bgj: imgq:100

GET
H2 200 addon-offersbanner.png
www.offers.com/images/v1585772904/browser-addon/ 1 KB
2 KB 36ms
35ms Image
image/webp 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1585772904/browser-addon/addon-offersbanner.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2470d29d5a2f2a5f0c7728af1270c584bcd13f9be2b9e7f3bb4dc34caec2f6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83682
cf-polished: origFmt=png, origSize=2393
status: 200
content-disposition: inline; filename="addon-offersbanner.webp"
strict-transport-security: max-age=31536000
content-length: 1470
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-959"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 31 Mar 2030 20:29:57 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57dd4e154bbbfa88-AMS
cf-bgj: imgq:100

GET
H/1.1 200
OK 15346269.jpg
s3.amazonaws.com/avatars.images.offers.com/medium/ 3 KB
4 KB 427ms
119ms Image
image/jpeg 52.216.20.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/avatars.images.offers.com/medium/15346269.jpg?timestamp=1577388935
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.20.125 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 26c57443d4bd5ede09faae76ac60ebab5990ab78f950608288edb0c8c6013e3c

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 20:29:59 GMT
Last-Modified: Thu, 21 Sep 2017 21:06:24 GMT
Server: AmazonS3
x-amz-request-id: 6538355981EC77F7
ETag: "03a99c9daee1f4c163761760f7b844e6"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3320
x-amz-id-2: X96LQCtut28Jfk1e50Hy5P1NA6AjhyEd08Wd9QcN8j5pCKnirjxXulU5edC+eriOvSk6UsTlTds=

GET
H/1.1 200
OK 28734647.jpg
s3.amazonaws.com/avatars.images.offers.com/medium/ 4 KB
4 KB 439ms
123ms Image
image/jpeg 52.216.20.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/avatars.images.offers.com/medium/28734647.jpg?timestamp=1573571515
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.20.125 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: acfdf951d75b585fa94257105c7df56e1083ad44385419a7cd92e230f34ec2fa

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 20:29:59 GMT
Last-Modified: Wed, 23 Oct 2019 15:21:49 GMT
Server: AmazonS3
x-amz-request-id: 8654399BD8300E2E
ETag: "c2171d4725044531ba68ad86c048a7fa"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3653
x-amz-id-2: ZH1TEeBH5kKAJiFFMDWzbZEDh5NhddO+5imUcNUreHBfpAwC5CjOcM3FME4+GPSdjx+SLRfQnX8=

GET
H2 200 02zLDwCqTbhlnKCTPdI0yqf.h90.w134.flpad.v694.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 5 KB
5 KB 43ms
20ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02zLDwCqTbhlnKCTPdI0yqf.h90.w134.flpad.v694.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a4a13facc8c43a3050bf006af334c09fd12c0ae986f75fb927096a78f705f76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
cf-cache-status: HIT
age: 2293490
cf-polished: origFmt=png, origSize=7700
status: 200
content-disposition: inline; filename="02zLDwCqTbhlnKCTPdI0yqf.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 5492
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e1558d7dfff-FRA
expires: Fri, 02 Apr 2021 20:29:57 GMT

GET
H2 200 036AtPTSfEi6mICq0oPedW7.h90.w134.flpad.v197.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 4 KB
4 KB 41ms
18ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/036AtPTSfEi6mICq0oPedW7.h90.w134.flpad.v197.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04e452d23b82ec18aa9ebac8bfb884fe56d30b87ea9db54427bd38b745f9f011

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
cf-cache-status: HIT
age: 1775446
cf-polished: origFmt=png, origSize=6168
status: 200
content-disposition: inline; filename="036AtPTSfEi6mICq0oPedW7.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 3720
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e1558dadfff-FRA
expires: Fri, 02 Apr 2021 20:29:57 GMT

GET
H2 200 04TQcq9C8esVEnXBXNycvrD.h90.w134.flpad.v121.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 9 KB
9 KB 414ms
392ms Image
image/png 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/04TQcq9C8esVEnXBXNycvrD.h90.w134.flpad.v121.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

813bd2e632fc6e4bd10f709d4e2cad25e513776bb9d6824302ee42ceaf77edc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 57dd4e1558dedfff-FRA
content-length: 9536
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 02ry6qoJ70F2iqTglORKCWO.h90.w134.flpad.v163.bffffff.jpg
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 41ms
18ms Image
image/jpeg 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02ry6qoJ70F2iqTglORKCWO.h90.w134.flpad.v163.bffffff.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2153f0023fa2012a606b9af8e16698ed0b71697e26ca4a61342b690f9c86e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
cf-cache-status: HIT
age: 4786947
cf-polished: status=not_needed
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 1570
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e1558e0dfff-FRA
expires: Fri, 02 Apr 2021 20:29:57 GMT

GET
H2 200 00ebVEnjbokXgtzpToBWfNz.h90.w134.flpad.v663.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 40ms
38ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/00ebVEnjbokXgtzpToBWfNz.h90.w134.flpad.v663.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac5a522529b28261f073aa89efa1092dac3420197110b6c9c550771a00d15cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 83315
cf-polished: origFmt=png, origSize=4595
status: 200
content-disposition: inline; filename="00ebVEnjbokXgtzpToBWfNz.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 2074
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e157944dfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 02RGwAdnXnoxI2rPZTySLqq.h90.w134.flpad.v1232.bffffff.jpg
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 19ms
17ms Image
image/jpeg 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02RGwAdnXnoxI2rPZTySLqq.h90.w134.flpad.v1232.bffffff.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f36fd49ebfd14edd81b5c3ced8c2b30eb020f666dd1ea8ddd91810af6d751fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 860592
cf-polished: status=not_needed
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 1831
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e157946dfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 03HTj1foKgiwd7n9MleM1x4.h90.w134.flpad.v504.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 4 KB
4 KB 24ms
22ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/03HTj1foKgiwd7n9MleM1x4.h90.w134.flpad.v504.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7300ee12606bf498da2b1aaa166c138d12de28acb108f3b3d5dabdde9728ded4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 83315
cf-polished: origFmt=png, origSize=8815
status: 200
content-disposition: inline; filename="03HTj1foKgiwd7n9MleM1x4.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 4166
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e157949dfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 06VNUDSYNY1PNDf1CBY22Bs.h90.w134.flpad.v363.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 20ms
18ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/06VNUDSYNY1PNDf1CBY22Bs.h90.w134.flpad.v363.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f040de03767057b9e5e423c27cd9d30c6883fe5ef0747595b3386cdcc2f8b8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 69282
cf-polished: origFmt=png, origSize=3059
status: 200
content-disposition: inline; filename="06VNUDSYNY1PNDf1CBY22Bs.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 2032
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15794adfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 05rYmYjupF2bDjQoMQ0PaTm.h90.w134.flpad.v117.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 8 KB
8 KB 18ms
16ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/05rYmYjupF2bDjQoMQ0PaTm.h90.w134.flpad.v117.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

822866553ccabb539e28b51fdb22575834e2af463980b3d6c23425bff7141925

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 2298387
cf-polished: origFmt=png, origSize=10899
status: 200
content-disposition: inline; filename="05rYmYjupF2bDjQoMQ0PaTm.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 7754
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15794ddfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 01HHe3n0ybPb5TsFfP6gCFw.h90.w134.flpad.v266.bffffff.jpg
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 24ms
22ms Image
image/jpeg 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/01HHe3n0ybPb5TsFfP6gCFw.h90.w134.flpad.v266.bffffff.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86bbfe2ecc3387c3090426839f808b343b47adae385cc4b1e72f6516d39887c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 1980822
cf-polished: status=not_needed
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 1892
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15794fdfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 02i3pcpcZk0GEbETzetqK7V.h90.w134.flpad.v596.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 22ms
20ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02i3pcpcZk0GEbETzetqK7V.h90.w134.flpad.v596.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57af7489b4c0191725b77e4c9fc82908fe9d93e8e58c6af95b59ab60c4c7207

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 72812
cf-polished: origFmt=png, origSize=2632
status: 200
content-disposition: inline; filename="02i3pcpcZk0GEbETzetqK7V.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 1786
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e157950dfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 063JVYMJrQGV9EVDjfNQThl.h90.w134.flpad.v144.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 3 KB
3 KB 32ms
30ms Image
image/webp 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/063JVYMJrQGV9EVDjfNQThl.h90.w134.flpad.v144.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c6e6d06e63ab90bf213a518fafe208a5a037dd490c9e2469d5aea9504f4092

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
cf-cache-status: HIT
age: 1378116
cf-polished: origFmt=png, origSize=4320
status: 200
content-disposition: inline; filename="063JVYMJrQGV9EVDjfNQThl.webp"
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 2816
cf-bgj: imgq:100
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e157953dfff-FRA
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 logo-teal.svg
www.offers.com/images/v1585772904/ 16 KB
6 KB 40ms
37ms Image
image/svg+xml 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1585772904/logo-teal.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963b8de7f03501dbce44cb686d583bd7813ddb2591c5eb37c89d20e2cf63676b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83681
status: 200
vary: Accept-Encoding
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: W/"5c781423-4110"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 57dd4e154bd3fa88-AMS
expires: Sun, 31 Mar 2030 20:29:57 GMT

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 11 KB
11 KB 41ms
9ms Image
image/svg+xml 13.225.78.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.122 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-122.fra2.r.cloudfront.net

Software

TXS /

Resource Hash

4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 05:44:26 GMT
Via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 58966
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10781
X-Xss-Protection: 1; mode=block, 1; mode=block
Server: TXS
ETag: W/"10781-1571742336000"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=0
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: pipgJTSOnWsqPn5Vzp2t4DsMAecTGfIcjHRqEfwW7ZbdCtCmALhqXQ==

GET
H2 200 icong1.png
c.evidon.com/pub/ 600 B
899 B 194ms
60ms Image
image/png 23.61.242.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/icong1.png
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.61.242.16 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-61-242-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 16:14:21 GMT
server: AkamaiNetStorage
access-control-allow-origin
etag: "d08da9f445b63100a56646de99043059:1558455261"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
status: 200
access-control-max-age: 86400
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 623

GET
H2

200

zdconsent.js Show response
zdstatic.offers.com/jst/eu/
Redirect Chain

https://zdstatic.offers.com/jst/zdconsent.js
https://zdstatic.offers.com/jst/eu/zdconsent.js

16 KB
6 KB

19ms
18ms

Script
application/javascript

104.86.38.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zdstatic.offers.com/jst/eu/zdconsent.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.86.38.8 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-86-38-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2904a9687b59e1138b03f660e35f6fd2537dc9a6dae039b012f9b72c3c275683

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 3JT37HZXGjQ7JF54M98W0APtkCeu4viY
content-encoding: gzip
last-modified: Thu, 20 Feb 2020 14:26:05 GMT
x-amz-request-id: ED8E22E415E60FED
date: Thu, 02 Apr 2020 20:29:58 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 5881
x-amz-id-2: +bs0MsYbLTloYq5HxRTDdr5GBYl/NN6p8qu/jAfDAYPXQe++xlmqh12i8Zodw3pZI+jqFfngMsY=
expires: Thu, 02 Apr 2020 21:29:58 GMT

Redirect headers

status: 302
date: Thu, 02 Apr 2020 20:29:58 GMT
cache-control: max-age=3600
content-length: 0
location: https://zdstatic.offers.com/jst/eu/zdconsent.js
expires: Thu, 02 Apr 2020 21:29:58 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 10 Mar 2020 23:55:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1974844
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Mar 2021 23:55:53 GMT

GET
H2 200 js Show response
preferences.truste.com/webservices/ 3 KB
1 KB 319ms
102ms Script
text/javascript 54.152.157.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences.truste.com/webservices/js?&domain=ziffdavis.com&type=ziffdavis&js=2
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.152.157.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-152-157-17.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
server: Apache/2.4.7 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1106
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vendor.js Show response
www.offers.com/assets/v1585772904/ 177 KB
54 KB 40ms
39ms Script
application/javascript 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1585772904/vendor.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ea7ec4b4a33bc63388fb688e541c925fe73cdc9eb57e60ddc8164e90b047f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83685
status: 200
cf-bgj: minify
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 20:28:31 GMT
server: cloudflare
etag: W/"5e84f96f-2c460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 57dd4e155bd8fa88-AMS
expires: Sun, 31 Mar 2030 20:29:57 GMT

GET
H2 200 base.js Show response
www.offers.com/assets/v1585772904/ 47 KB
12 KB 35ms
34ms Script
application/javascript 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1585772904/base.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ff3aba6c1c8e343bc7bfa1ed86ad04cd8715b381c3bdc2c252a25672b668c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83684
status: 200
cf-bgj: minify
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 20:28:50 GMT
server: cloudflare
etag: W/"5e84f982-bdc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 57dd4e155bd9fa88-AMS
expires: Sun, 31 Mar 2030 20:29:57 GMT

GET
H2 200 merchant.js Show response
www.offers.com/assets/v1585772904/ 13 KB
4 KB 38ms
38ms Script
application/javascript 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1585772904/merchant.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5069775aa84e8d2b688a62d315bc9325d17c6086b73885a06d50df1482c38051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83684
status: 200
cf-bgj: minify
vary: Accept-Encoding
last-modified: Wed, 01 Apr 2020 20:28:59 GMT
server: cloudflare
etag: W/"5e84f98b-33fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 57dd4e155bdbfa88-AMS
expires: Sun, 31 Mar 2030 20:29:57 GMT

GET
H2 200 bullet-black.png
www.offers.com/images/ 94 B
378 B 31ms
31ms Image
image/webp 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/bullet-black.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/base.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7857061
cf-polished: origFmt=png, origSize=149
status: 200
content-disposition: inline; filename="bullet-black.webp"
strict-transport-security: max-age=31536000
content-length: 94
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 31 Mar 2030 20:29:58 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57dd4e15bcfcfa88-AMS
cf-bgj: imgq:100

GET
H2 200 fa-solid-900.woff2
www.offers.com/fonts/ 115 KB
115 KB 44ms
42ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-solid-900.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/base.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6413
status: 200
vary: Accept-Encoding
content-length: 117516
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-1cb0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd05fa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 fa-regular-400.woff2
www.offers.com/fonts/ 142 KB
142 KB 37ms
35ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-regular-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/base.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6413
status: 200
vary: Accept-Encoding
content-length: 145072
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-236b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd06fa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 Gilroy-Bold.otf
www.offers.com/fonts/ 54 KB
54 KB 41ms
39ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Bold.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/merchant.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5454
status: 200
vary: Accept-Encoding
content-length: 55376
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd07fa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 Gilroy-Regular.otf
www.offers.com/fonts/ 53 KB
53 KB 44ms
42ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Regular.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/merchant.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5454
status: 200
vary: Accept-Encoding
content-length: 53840
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd08fa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 Gilroy-Medium.otf
www.offers.com/fonts/ 54 KB
54 KB 31ms
29ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Medium.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/merchant.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5454
status: 200
vary: Accept-Encoding
content-length: 54972
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d6bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd09fa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 Gilroy-SemiBold.otf
www.offers.com/fonts/ 54 KB
54 KB 107ms
105ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-SemiBold.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60d34dcfd46cf6328488f5eea4dddf42f7fe2109ce977c166105c06734126781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/merchant.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6411
status: 200
vary: Accept-Encoding
content-length: 55212
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d7ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd0afa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 OpenSans-Bold.woff2
www.offers.com/fonts/ 46 KB
46 KB 42ms
41ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Bold.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/base.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6392
status: 200
vary: Accept-Encoding
content-length: 46676
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd0dfa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 200 fa-brands-400.woff2
www.offers.com/fonts/ 70 KB
71 KB 51ms
51ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-brands-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/base.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5454
status: 200
vary: Accept-Encoding
content-length: 72148
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-119d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e15bd0efa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H/1.1 200
OK geocc.js Show response
g.pcmag.com/ 184 B
323 B 37ms
7ms Script
application/javascript 2a02:26f0:eb:1ac::13b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://g.pcmag.com/geocc.js
Requested by: Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/offers.com.lean.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:eb:1ac::13b2 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 20:29:58 GMT
Connection: keep-alive
Content-Length: 184
Content-Type: application/javascript

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 60ms
41ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.nsstatic.net
URL: https://cdn.nsstatic.net/ns/offers.com.lean.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

6fc62e4e9fde38552593904aba8452bd03cc2fb868123c9ef8cf268451098582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "475 / 97 of 1000 / last-modified: 1585768003"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14583
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:29:58 GMT

GET
H2 200 info Show response
gurgle.zdbb.net/ 160 B
359 B 111ms
110ms XHR
application/json 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a507ed4a6cd3541861524231136caba9f7e3ffae8100fc41852d7360914a7afd

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Origin: https://www.offers.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 160

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
108 B 107ms
34ms Image
image/gif 52.208.18.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=b2d7bb89-9844-4f6c-9e81-351787618ff4&zd_location=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.18.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-18-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 02 Apr 2020 20:29:58 GMT
content-length: 43
content-type: image/gif

GET
H2 200 evidon-sitenotice-bundle.js Show response
static.ziffdavis.com/sitenotice/ 159 KB
18 KB 31ms
20ms Script
application/javascript 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ziffdavis.com/sitenotice/evidon-sitenotice-bundle.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/eu/zdconsent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d88ed713f139ba266cf436d153f77748c3f36d35060ff7080a5b610d145215e3

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: uINnMMFmuNYPW_hH5qlzEHAoLPQArJUG
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 12:56:45 GMT
x-amz-request-id: 892C0758468A788D
date: Thu, 02 Apr 2020 20:29:58 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 18554
x-amz-id-2: tZ+F3629lmHkYc0InLVzRFRYHIQiTSGr+sTdvUYqh2XJgOOVZw3JmNOle6bIxDslQuIIQ+TMP7E=
expires: Thu, 02 Apr 2020 21:29:58 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
451 B 62ms
61ms Script
application/x-javascript 23.61.242.16
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/eu/zdconsent.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.61.242.16 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-61-242-16.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
access-control-allow-origin
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
status: 200
access-control-max-age: 86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 settings.js Show response
static.ziffdavis.com/sitenotice/660/offers/ 4 KB
922 B 26ms
16ms Script
application/javascript 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ziffdavis.com/sitenotice/660/offers/settings.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/eu/zdconsent.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a36cabb6964322068de62e75c707bbf5b4e09fd05c1f6d9820842618c022c62a

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: S1L6hOzDqg2oTcY716Oxbq2xfGw3Oc4a
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 16:34:31 GMT
x-amz-request-id: 9F3593F0EC720F3A
date: Thu, 02 Apr 2020 20:29:58 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 581
x-amz-id-2: zHUDkVW5IbPrAKPRgVVFIy1qL9GdM4UpVNgRGtoMdYqxLFGCIqAYMKgLUlexdynHqekZ+O7rOvk=
expires: Thu, 02 Apr 2020 21:29:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 168 KB
62 KB 43ms
43ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62957
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:29:58 GMT

GET
H2 200 en.js Show response
static.ziffdavis.com/sitenotice/660/translations/ 165 KB
7 KB 23ms
23ms Script
application/javascript 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ziffdavis.com/sitenotice/660/translations/en.js
Requested by: Host: static.ziffdavis.com
URL: https://static.ziffdavis.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bc60b4bbc72c7e823d78f410385320b812510f90bd2e758c481ec2e24c3e929

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: KK7OQiYSE61euo4D1SZogeweIpLl_E72
content-encoding: gzip
last-modified: Thu, 19 Mar 2020 18:55:16 GMT
x-amz-request-id: 66C3604E44736EE8
date: Thu, 02 Apr 2020 20:29:58 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 6935
x-amz-id-2: E6wZY0S/IzvO/tsN2E3M4uVD/nbeMXauB8MYoVON3KQ5RG0keFeyEHAsqU/W6kWR6BSpkr+kK1A=
expires: Thu, 02 Apr 2020 21:29:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
35 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e50b8394b43465a02966faf6782945ddfbea79558c7a044bcef7bb55ac22872d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35238
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Apr 2020 20:29:58 GMT

GET
H2 200 offer-tile-placeholder.png
www.offers.com/images/ 72 B
281 B 40ms
39ms Image
image/webp 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/offer-tile-placeholder.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1682067
cf-polished: origFmt=png, origSize=162
status: 200
content-disposition: inline; filename="offer-tile-placeholder.webp"
strict-transport-security: max-age=31536000
content-length: 72
last-modified: Wed, 17 Jul 2019 02:02:26 GMT
server: cloudflare
etag: "5d2e81b2-a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sun, 31 Mar 2030 20:29:58 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 57dd4e17aa64fa88-AMS
cf-bgj: imgq:100

GET
H2 200 eAAAAAAAAAAAAAAAAAAAAA
zdbb.net/n/ 43 B
108 B 33ms
33ms Image
image/gif 52.208.18.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/n/eAAAAAAAAAAAAAAAAAAAAA?tp=ofpweeaflkwerkldfksklwk&tpc=1662894103701357857&zd_pageview_id=b2d7bb89-9844-4f6c-9e81-351787618ff4&zd_location=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.18.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-18-218.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Thu, 02 Apr 2020 20:29:58 GMT
content-length: 43
content-type: image/gif

POST
H2 200 / Show response
www.offers.com/core/merchant/impressions/ 0
188 B 167ms
166ms XHR
text/html 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/core/merchant/impressions/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Origin: https://www.offers.com
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
cf-ray: 57dd4e17ba98fa88-AMS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 evidon-barrier.js Show response
static.ziffdavis.com/sitenotice/ 12 KB
4 KB 18ms
17ms Script
application/javascript 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ziffdavis.com/sitenotice/evidon-barrier.js
Requested by: Host: static.ziffdavis.com
URL: https://static.ziffdavis.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 480d30338783c813282382f880f4c7133a60a92f2e83066c5b39def3fde484c1

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: wYO2gyVOumwJPEUA6Qh.42phdpFE1pvv
content-encoding: gzip
last-modified: Thu, 16 Jan 2020 20:16:46 GMT
x-amz-request-id: 1ABD88B28C390C6D
date: Thu, 02 Apr 2020 20:29:58 GMT
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 3503
x-amz-id-2: PPM8dYcEeJJawKLkgcFH2FdNmMSrUjSdNCPHnTkqNDU2vGOzcEM72kHyYryjesqMBuc/4i/sBc8=
expires: Thu, 02 Apr 2020 21:29:58 GMT

GET
H2 204 18610
l.betrad.com/site/v3/660/147/3/1/3/2/ 0
120 B 288ms
100ms Image
text/plain 34.232.243.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/660/147/3/1/3/2/18610?consent=0
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.243.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-243-86.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6683
date: Thu, 02 Apr 2020 18:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 02 Apr 2020 20:38:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 24 KB
8 KB 41ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
last-modified: Thu, 19 Mar 2020 02:21:04 GMT
x-msedge-ref: Ref A: 7F93F173557B4ED7B412F5AD7117910F Ref B: FRAEDGE1119 Ref C: 2020-04-02T20:29:58Z
access-control-allow-origin: *
etag: "0682da95fdd51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7461

GET
H2 200 OpenSans-Regular.woff2
www.offers.com/fonts/ 46 KB
46 KB 33ms
32ms Font
application/octet-stream 104.16.175.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Regular.woff2

Requested by

Host: static.ziffdavis.com
URL: https://static.ziffdavis.com/sitenotice/evidon-barrier.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.175.182 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1585772904/base.css
Origin: https://www.offers.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5341
status: 200
vary: Accept-Encoding
content-length: 47016
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 57dd4e17eb0bfa88-AMS
expires: Fri, 02 Apr 2021 20:29:58 GMT

GET
H2 204 18610
l.betrad.com/site/v3/660/147/3/5/3/2/ 0
120 B 261ms
95ms Image
text/plain 34.232.243.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/660/147/3/5/3/2/18610?consent=0
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.243.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-243-86.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express
vary: Accept-Encoding

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=458930289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812&ul=en-us&de=UTF-8&dt=20%25%20off%20CVS%20Coupons%20%26%20Promo%20Codes%20%2B%20Free%20Shipping%202020&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&cid=97410509.1585859398&tid=UA-7272868-1&_gid=652730718.1585859398&gtm=2wg3p15FXTVV&z=1525912689

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 05:59:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6186620
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=28000255&Ver=2&mid=2a7c1927-b428-f5f1-d7d3-ed056c22c300&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=20%25%20off%20CVS%20Coupons%20%26%20Promo%20Codes%20%2B%20Free%20Shipping%202020&p=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&r=&lt=1293&evt=pageLoad&msclkid=N&rn=359328
Requested by: Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Thu, 02 Apr 2020 20:29:58 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 4FFAA15AD1BB46A7A59B9BA47A81D1C2 Ref B: FRAEDGE1119 Ref C: 2020-04-02T20:29:58Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
231 B 292ms
94ms XHR
text/plain 54.172.13.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.13.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-13-155.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Origin: https://www.offers.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:29:58 GMT
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=376757
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
1 KB 14ms
14ms Script
application/javascript 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: hAmeIekEb6Ecr1Y3BVODXg1wSL4Z9kJV
last-modified: Thu, 26 Mar 2020 12:26:37 GMT
x-amz-request-id: 2ACA66C31375708B
date: Thu, 02 Apr 2020 20:29:58 GMT
content-type: application/javascript
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 844
x-amz-id-2: VjFC57B///FCt8l6HFr/cw0/GvhzSkUFKktnHWKm0rCh3+XjFnO4hGUSN8qLCD+b0nmxLFn13qE=
expires: Thu, 09 Apr 2020 20:29:58 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 30 KB
11 KB 52ms
18ms Script
text/javascript 23.62.118.129
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bkrtx.com/js/bk-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.62.118.129 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-118-129.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7b8cd61f9d36175fe1b2fc50dfd1585716b9e55a87a82e8ec3c5d9739d6fb939

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 20:29:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Mar 2020 16:24:16 GMT
Server: Apache
ETag: "31600f9-7850-5a009da075833"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10546
Expires: Thu, 09 Apr 2020 20:29:58 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
628 B 15ms
14ms Script
application/javascript 104.85.253.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.85.253.54 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-253-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: VSGKc1zK9xadIQJbfr8TyJO_v_Yn7zCt
last-modified: Thu, 26 Mar 2020 12:26:19 GMT
x-amz-request-id: A6D87051F25B5772
date: Thu, 02 Apr 2020 20:29:58 GMT
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 335
x-amz-id-2: Uv37uoPx+xfIwrZAqX6TlBvRUE6qNB7RLLSto8ykRFJwCx6wuDx3OELsSZDJ4FVP1n5R3jPt6O8=
expires: Thu, 02 Apr 2020 21:29:58 GMT

GET
H2 200 spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 2 B
383 B 24ms
7ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 02 Apr 2020 20:29:58 GMT
content-encoding: gzip
age: 98
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: MISS
x-age: 0
content-length: 22
x-served-by: config-service-a001-ash-prod.krxd.net, cache-bwi5148-BWI, cache-fra19165-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1585859399.681552,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 5

GET
H/1.1 200
OK 30629
stags.bluekai.com/site/ Frame 6047 0
0 181ms
161ms Document
text/html 23.45.237.36
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&phint=offersbrand%3Dcvs&phint=bbseg%3D900160&phint=bbseg%3D900164&phint=bbseg%3D900169&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D800021&phint=bbseg%3D800022&phint=bbseg%3D900159&phint=__bk_t%3D20%25%20off%20CVS%20Coupons%20%26%20Promo%20Codes%20%2B%20Free%20Shipping%202020&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&phint=__bk_v%3D3.1.4&limit=10&r=3409924
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.237.36 , United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-237-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 9f39
Date: Thu, 02 Apr 2020 20:29:58 GMT
Connection: keep-alive
X-N: S

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 579ms
578ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=236546553915622&correlator=850536909682093&output=ldjh&impl=fifs&adsid=NT&eid=21065392&vrg=2020032302&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200402&iu_parts=4585%2Cns.offers%2Corganiccomm&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&prev_scp=ad_group%3Dad_opt%26rfr%3Dfalse%26OOF%3Dfalse%26ppos%3Datf%26pos%3Datf&eri=4&cust_params=zcp%3D00afdeeb35083bbce9a6f%26cpid%3D118368f66441caa1800f24bcbe8b54a1%26url%3D%252Fcvs%252F%26ref%3D%26gdpr%3D0%26zdid%3D118368f66441caa1800f24bcbe8b54a1%26s%3D%26p2%3D900160%252C900164%252C900169%252C900111%252C900115%252C800021%252C800022%252C900159%26zdbb%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1585859401&dt=1585859401055&dlt=1585859397887&idt=411&frm=20&biw=1585&bih=1200&oid=3&adxs=180&adys=871&adks=3272018914&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&dssz=34&icsg=2158494704&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x4101&msz=308x600&ga_vid=97410509.1585859398&ga_sid=1585859401&ga_hid=458930289&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

c83b7ca393a634875fcd306b541c181fc93e7217be159eb059518aa9625ac194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Origin: https://www.offers.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2086
x-xss-protection: 0
google-lineitem-id: 4462571996
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138214938174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020032302.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
25 KB 351ms
350ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 23 Mar 2020 17:22:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 25234
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FEF 0
0 19ms
18ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswmW0Olb6n82D52T1kDPPXezJa-dvMyQVLQsIvIG5_cA7l11dDRprn-RFFY_ZR950eAxG_fSV7rVOcOKSCx5DZTKTzY-WgQtFoU-yqoLZOcLIWzV2K8jp3N5sTS2btbiec0yS2-REqk9nORa20EHZH69X79VmEb6apMxyijbAJgwOFuc4yzPVqIbzkgnIv8d1y-hyacTbjF4FgP1l6ZhRRvJjJTdY5t3H9AHxtzZ3hDxy1rvf8z4ZexNJpYMGWE0BJRj7_2D6iOMg&sai=AMfl-YTN5kTNlbQvFAzl9ShZcRhO-GkKEmYlAmwaEJp8R6vdzInspqaF2D-JTPglZ5kkYkdvBmkijVG9W6iDkTkif7EiM4tpKwVYmSnrKAM0&sig=Cg0ArKJSzD6c8GZ_hrL_EAE&urlfix=1&adurl=

Requested by

Host: www.offers.com
URL: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Thu, 02 Apr 2020 20:30:01 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7FEF 107 KB
38 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39159
x-xss-protection: 0
server: cafe
etag: 14040473416781760607
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FEF 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7485b48525748adc0ca3a0cf9c6f9dd0bf5d01f0e6ee6b7cd0e2acf1fb0b9b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585759507325766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28224
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585759507325766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27920
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020032302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b51f8982f6184bdd343425cf14d3b4052c4cee384731f8ec49a78944e7e1de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Origin: https://www.offers.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5102
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7FEF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78f80992dc22d9fae9191d0eb411572542d78b31e28a4e6bd5fa77f4de30d708

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020032302.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame C6C4 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 02 Apr 2020 20:05:01 GMT
expires: Fri, 02 Apr 2021 20:05:01 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1500
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7FEF 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.offers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7FEF 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/ Frame 7FEF 215 KB
81 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82822
x-xss-protection: 0
server: cafe
etag: 1643823074256303265
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/ Frame 78B1 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200401/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlzt61E2nNDT-AqJYdXs_eXFTvRqUtPh7dFIF7l1CkGVuNFR7vqn9Swq_aC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 01 Apr 2020 15:50:02 GMT
expires: Wed, 15 Apr 2020 15:50:02 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 103199
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
49 B 25ms
25ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020032302&jk=236546553915622&bg=!AgGlARlYaFympUCGRoACAAAANFIAAAAJmQFahKxrISJD0q5ryrC1JsL1aGa_n_-77h-UZ7vCHQppNeX26bTNAlWHXe9bYzoQIgWbbvUbhdGrWbrKmmqpDr8fUdALse6K8T0snP4vnpKL_7Sl5qEk21C7CVV4iKb3cSz2nkkHRdZY6NxoajGRqWsyyiFUGTst73XRFiMiUpPmP9FP5L4Zv6VKrn5XHlnrRcBz7aqNDZylZ97l4S5uNGz-bcDb_ubldi6k3AjHoAl0C9NLTgykHR5stPtpOiPFO7BxZQy2pD_Alk4W2QfbXxO8z5YOLMXx5EcFLt2OtYcTwEWrYcW39RBnGU641sf0aP62NxYcA6nseYRMTP5T8gf4jMYoshST2CJbUO5N3i4vjSAM2i-tmUIMsxIztTakD4SP7sIQ2LXWZ55047PjUnoKCHhvuXV0pjIlF5RAfZHPjT5sdUhL5XXmdPKGqrWiGzjJ9Dxsyd-aIzVP3g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 20:30:01 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 81AC 0
0 357ms
357ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046729&w=300&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&ea=0&flash=0&wgl=1&adsid=NT&dt=1585859401731&bpp=13&bdt=74&fdt=130&idt=131&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&correlator=3521890963431&frm=23&ife=4&pv=2&ga_vid=97410509.1585859398&ga_sid=1585859402&ga_hid=1408887582&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=180&ady=871&biw=1585&bih=1200&isw=300&ish=250&ifk=2585373043&scr_x=0&scr_y=0&eid=21065532%2C44713363&oid=3&pvsid=3750254826903468&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.dw8xzqlw8wxw&fsb=1&dtd=143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046729&w=300&psa=0&npa=1&guci=1.2.0.0.2.1.0.0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812%23group%3D&ea=0&flash=0&wgl=1&adsid=NT&dt=1585859401731&bpp=13&bdt=74&fdt=130&idt=131&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&correlator=3521890963431&frm=23&ife=4&pv=2&ga_vid=97410509.1585859398&ga_sid=1585859402&ga_hid=1408887582&ga_fc=0&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=180&ady=871&biw=1585&bih=1200&isw=300&ish=250&ifk=2585373043&scr_x=0&scr_y=0&eid=21065532%2C44713363&oid=3&pvsid=3750254826903468&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.dw8xzqlw8wxw&fsb=1&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlzt61E2nNDT-AqJYdXs_eXFTvRqUtPh7dFIF7l1CkGVuNFR7vqn9Swq_aC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Apr 2020 20:30:02 GMT
server: cafe
content-length: 20746
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FEF 74 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585759507325766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27920
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:30:01 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7FEF 7 KB
5 KB 19ms
18ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200401&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47ec6b9771114e8e2b99c848334dceef1faf053331cc50aa374ef6ee5d682dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
Origin: https://www.offers.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Apr 2020 20:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5146
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7FEF 14 KB
5 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 20:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:30:02 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 6D0D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 02 Apr 2020 20:05:01 GMT
expires: Fri, 02 Apr 2021 20:05:01 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1501
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FEF 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200401&jk=3750254826903468&bg=!xMelx99Yc7LigSS431YCAAAAMVIAAAAJmQFgB7DXZ8xFkiFaVwBMq16oUmOd83M4jjt4ruxilJXq3BBuWS_TwQ74QXJ7tdMZ8Bcuk0wmT5Wq3DfVF2su6XGAzgKyLErHn6iqgBS48KCYV4UGyhoUTdwpKst7svJab3YwAbKVSEQ77iodgzXqSVzrY2k-bynix_BNNjgdQ8IZYlFEqJhYB3Ximn4ii1AUqnj5Qi-5wMoPB033njSXYmY49WEU3Ip6gJ3mS7kB_CL1-ldOCq2JiY3Noigq8PsRlqP6MNF4kaL2hEeF37Rq3znT-Zz_illr86iZn-vS2ZElhDpytU56aUXeBmNX6xGtwdNTC5RfgnjEP17JsyZrAgDCnwoJxQ8JsDagw5c4wiyIFB1iWXtFI9l7GrOAPQ5Zk59wbkTRyOf_ueAi41q6opOVYXVuo02V0hKRu00RLtAilA-SBqmgReq7Dp3qf-fYHBGKaq2RU24CAw_cN6YVI4Caaw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 20:30:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7FEF 42 B
110 B 17ms
15ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-Jx9ubtUnXX2zlVe-Uv1lFwkE0kjIEfoE5Dl1kfl907KVa5CFHyKQvmHOHkRlvk8G-ewwdQ-CIjNjKsw6t3PyWm3G3v67mrYk0GPLh3Q&sig=Cg0ArKJSzENdzWJBdAnPEAE&adk=3272018914&tt=-1&bs=1585%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=871,180,1121,480&mcvt=1008&rs=0&ht=0&tfs=217&tls=1225&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1585859401662&dlt&rpt=121&isd=0&msd=0&ext&xdi=0&ps=1585%2C6550&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-13-4-12-12-0-0-0&tvt=1223&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.offers.com%2Fcvs%2F%3Fsd_id%3D33%26s%3Doffer-alerts%26d%3D20200402%26u%3D31033812%26email_id%3D3376%26member_id%3D31033812&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.offers.com/cvs/?sd_id=33&s=offer-alerts&d=20200402&u=31033812&email_id=3376&member_id=31033812
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 20:30:02 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: https
URL: https://https//cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.offers.com/	1970-01-20 02:02:11	Name: _ga Value: GA1.2.97410509.1585859398
.offers.com/	1970-01-19 09:14:18	Name: zdbb_swap_ofrs_id Value: 1
www.offers.com/	1970-01-19 12:50:11	Name: h_zdbb Value:
.offers.com/	1970-01-19 08:32:25	Name: _gid Value: GA1.2.652730718.1585859398
www.offers.com/	1970-01-19 09:14:11	Name: fu Value: 1
.www.offers.com/	1969-12-31 23:59:59	Name: psid Value: fd29e47a22fc9b48bbfa2471c7979f67833bc47a
.www.offers.com/	1970-01-20 01:19:02	Name: ouid Value: 1662894103701357857%26b0e5b9b9b21443ad3b2c8cbbdad56ac80a8fcfbe682f57c087cca2c27dae2dee
www.offers.com/	1970-01-19 08:31:13	Name: geoCC Value: DE
.www.offers.com/	1970-01-19 08:31:02	Name: osvt Value: 1662894103704503586%2Cs%3Doffer-alerts%2C1585862997%26342dc0f6fb728c8151623b94564ba774c774c85cd7647d5cbd97f4f1f898e543
www.offers.com/	1970-01-20 01:18:03	Name: ovt Value: 1585859397%7C1585859397%7C1585859397
.offers.com/	1970-01-19 09:14:11	Name: __cfduid Value: d812ac0c46a62fc417b1b7dfc45e770e31585859397

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static.ziffdavis.com/sitenotice/evidon-sitenotice-bundle.js(Line 1) Message: dom not ready, setting event
console-api	log	URL: https://static.ziffdavis.com/sitenotice/evidon-sitenotice-bundle.js(Line 1) Message: dom not ready, setting event
console-api	log	URL: https://static.ziffdavis.com/sitenotice/evidon-sitenotice-bundle.js(Line 1) Message: dom ready, triggering load
console-api	log	URL: https://static.ziffdavis.com/sitenotice/evidon-sitenotice-bundle.js(Line 1) Message: dom ready, triggering load
console-api	log	URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5(Line 1) Message: ZD Core :: Outbound Link Tracking Initialized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bat.bing.com
c.evidon.com
cdn.krxd.net
cdn.nsstatic.net
cdn.static.zdbb.net
g.pcmag.com
googleads.g.doubleclick.net
gurgle.zdbb.net
https
jogger.zdbb.net
l.betrad.com
pagead2.googlesyndication.com
preferences.truste.com
privacy-policy.truste.com
s3.amazonaws.com
securepubads.g.doubleclick.net
sgi.offerscdn.net
sgi2.offerscdn.net
stags.bluekai.com
static.ziffdavis.com
tags.bkrtx.com
tpc.googlesyndication.com
trk.cp20.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.offers.com
zdbb.net
zdstatic.offers.com
https
104.16.175.182
104.85.253.54
104.86.38.8
13.225.78.122
151.101.14.133
172.217.22.98
216.24.224.100
23.45.237.36
23.61.242.16
23.62.118.129
2606:4700::6812:9d32
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:808::2002
2a00:1450:4001:815::200a
2a00:1450:4001:817::200e
2a00:1450:4001:819::2002
2a00:1450:4001:821::2001
2a02:26f0:eb:1ac::13b2
34.232.243.86
52.208.18.218
52.216.20.125
54.152.157.17
54.172.13.155
004826e89804ce85513edf2a8a806359be29ad6d12e229ef7adbe580dc6edba2
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04e452d23b82ec18aa9ebac8bfb884fe56d30b87ea9db54427bd38b745f9f011
0ac4052001a535f609af1900ffdd0a90d5d6eafbc1ff0bf42c2157290540b659
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
2470d29d5a2f2a5f0c7728af1270c584bcd13f9be2b9e7f3bb4dc34caec2f6dd
26c57443d4bd5ede09faae76ac60ebab5990ab78f950608288edb0c8c6013e3c
26fd020a6c1f169eab6b6232014e6e6d067788f63a8995b682ee77d6f41b56cd
2904a9687b59e1138b03f660e35f6fd2537dc9a6dae039b012f9b72c3c275683
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46675519a5eaaa256607e76684e863a6e153311e8f1572c890e21f763cf1139a
47ec6b9771114e8e2b99c848334dceef1faf053331cc50aa374ef6ee5d682dbf
480d30338783c813282382f880f4c7133a60a92f2e83066c5b39def3fde484c1
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07
4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4ea7ec4b4a33bc63388fb688e541c925fe73cdc9eb57e60ddc8164e90b047f67
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
5069775aa84e8d2b688a62d315bc9325d17c6086b73885a06d50df1482c38051
51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad
54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766
5b51f8982f6184bdd343425cf14d3b4052c4cee384731f8ec49a78944e7e1de9
606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a
60d34dcfd46cf6328488f5eea4dddf42f7fe2109ce977c166105c06734126781
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6a4a13facc8c43a3050bf006af334c09fd12c0ae986f75fb927096a78f705f76
6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6
6fc62e4e9fde38552593904aba8452bd03cc2fb868123c9ef8cf268451098582
7300ee12606bf498da2b1aaa166c138d12de28acb108f3b3d5dabdde9728ded4
7485b48525748adc0ca3a0cf9c6f9dd0bf5d01f0e6ee6b7cd0e2acf1fb0b9b8c
769ecb296b202221a4264e041052747fc6a77a1ae01bb4a5878f822462876826
78f80992dc22d9fae9191d0eb411572542d78b31e28a4e6bd5fa77f4de30d708
79c6e6d06e63ab90bf213a518fafe208a5a037dd490c9e2469d5aea9504f4092
7b8cd61f9d36175fe1b2fc50dfd1585716b9e55a87a82e8ec3c5d9739d6fb939
7bc60b4bbc72c7e823d78f410385320b812510f90bd2e758c481ec2e24c3e929
813bd2e632fc6e4bd10f709d4e2cad25e513776bb9d6824302ee42ceaf77edc3
822866553ccabb539e28b51fdb22575834e2af463980b3d6c23425bff7141925
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86bbfe2ecc3387c3090426839f808b343b47adae385cc4b1e72f6516d39887c9
86decae1c8fb2910fa26e36d75768e1eee8143ac7973bde2fede8fbd5b234a1b
892600ef021cc884d4d3eeca64a5a7b9a6d824de7f87086703a9d6e1a10b9d3c
8f36fd49ebfd14edd81b5c3ced8c2b30eb020f666dd1ea8ddd91810af6d751fc
963b8de7f03501dbce44cb686d583bd7813ddb2591c5eb37c89d20e2cf63676b
99ecb14ec0a4e706ee386f1bde1a4684119fa8e100f24821f71f7fa75ccd481d
9e335ccd63b4eed2e2d5303085c5126e9c5e76c587cc519ab5a4a2ab7a518a5e
a07183e063a79a699b732e200a3accdf4716cbc6e8bf8a6a709b9adba07d998d
a36cabb6964322068de62e75c707bbf5b4e09fd05c1f6d9820842618c022c62a
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a507ed4a6cd3541861524231136caba9f7e3ffae8100fc41852d7360914a7afd
a57af7489b4c0191725b77e4c9fc82908fe9d93e8e58c6af95b59ab60c4c7207
ac5a522529b28261f073aa89efa1092dac3420197110b6c9c550771a00d15cb9
acfdf951d75b585fa94257105c7df56e1083ad44385419a7cd92e230f34ec2fa
ad7c30707a14d999dec26924ef945a2589f0499f8812195b67bd3d6f431d1a91
ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6ff3aba6c1c8e343bc7bfa1ed86ad04cd8715b381c3bdc2c252a25672b668c7
b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f
c83b7ca393a634875fcd306b541c181fc93e7217be159eb059518aa9625ac194
c9503defd63b30d7252bbda341bc77fc4f83f4ccb6b97c4d87f97ea71f7ca7cc
cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228
d087e00637f786aa999d4f3cb4b7957e1ef6974bdcdd14522d29c902b72542bf
d2153f0023fa2012a606b9af8e16698ed0b71697e26ca4a61342b690f9c86e82
d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457
d88ed713f139ba266cf436d153f77748c3f36d35060ff7080a5b610d145215e3
dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245
e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50b8394b43465a02966faf6782945ddfbea79558c7a044bcef7bb55ac22872d
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f040de03767057b9e5e423c27cd9d30c6883fe5ef0747595b3386cdcc2f8b8b5
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

www.offers.com Open in urlscan Pro 104.16.175.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

99 %HTTPS

38 %IPv6

24 Domains

32 Subdomains

24 IPs

6 Countries

1385 kBTransfer

2927 kBSize

11 Cookies

9 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.offers.com Open in urlscan Pro
104.16.175.182 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

99 %
HTTPS

38 %
IPv6

24
Domains

32
Subdomains

24
IPs

6
Countries

1385 kB
Transfer

2927 kB
Size

11
Cookies

97 HTTP transactions
1 data transactions