www.offers.com Open in urlscan Pro
104.16.177.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.offers.com/stores/adp/
Submission: On November 09 via api (November 9th 2021, 8:01:46 am UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 26 domains to perform 115 HTTP transactions. The main IP is 104.16.177.182, located in and belongs to CLOUDFLARENET, US. The main domain is www.offers.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	104.16.177.182 104.16.177.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 6	2.16.186.144 2.16.186.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2606:4700::68... 2606:4700::6812:9e32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:9d32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.88 143.204.98.88	16509 (AMAZON-02) (AMAZON-02)
2	104.111.244.187 104.111.244.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	54.221.113.126 54.221.113.126	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	54.82.206.153 54.82.206.153	14618 (AMAZON-AES) (AMAZON-AES)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.208.45.198 18.208.45.198	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	51.89.21.31 51.89.21.31	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	52.18.143.209 52.18.143.209	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	34.228.50.94 34.228.50.94	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
115	41

22 104.16.177.182 (None, )

ASN13335 (CLOUDFLARENET, US)

www.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:bb32 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.ziffstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.186.144 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-144.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdstatic.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:9e32 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi2.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sgi.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9d32 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi1.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-88.fra50.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.113.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-113-126.compute-1.amazonaws.com

preferences.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.206.153 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-206-153.compute-1.amazonaws.com

gurgle.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ziffdavis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.45.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-45-198.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.31 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p22.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.143.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.50.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-50-94.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	offers.com 2 redirects www.offers.com zdstatic.offers.com gurgle.offers.com	720 KB
17	googlesyndication.com 8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	99 KB
13	offerscdn.net sgi2.offerscdn.net sgi.offerscdn.net sgi1.offerscdn.net	47 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	179 KB
9	zdbb.net 1 redirects cdn.static.zdbb.net gurgle.zdbb.net zdbb.net jogger.zdbb.net	28 KB
6	ziffstatic.com cdn.ziffstatic.com	187 KB
4	amazon-adsystem.com c.amazon-adsystem.com	5 KB
4	evidon.com c.evidon.com l.evidon.com	2 KB
3	google.com www.google.com adservice.google.com	2 KB
3	bing.com bat.bing.com	11 KB
3	openx.net 1 redirects ziffdavis-d.openx.net eu-u.openx.net us-u.openx.net	1 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	criteo.net static.criteo.net	54 KB
2	google.de www.google.de adservice.google.de	1 KB
2	id5-sync.com cdn.id5-sync.com id5-sync.com	11 KB
2	googletagmanager.com www.googletagmanager.com	114 KB
2	criteo.com bidder.criteo.com gum.criteo.com	777 B
2	truste.com privacy-policy.truste.com preferences.truste.com	12 KB
1	bluekai.com stags.bluekai.com	338 B
1	krxd.net cdn.krxd.net	392 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	2mdn.net s0.2mdn.net	112 KB
1	googletagservices.com www.googletagservices.com	38 KB
1	casalemedia.com htlb.casalemedia.com	330 B
1	rubiconproject.com fastlane.rubiconproject.com	904 B
1	googleapis.com ajax.googleapis.com	34 KB
115	26

	Domain	Requested by
22	www.offers.com	www.offers.com ajax.googleapis.com
9	pagead2.googlesyndication.com	8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
8	sgi.offerscdn.net	www.offers.com
6	tpc.googlesyndication.com	8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
6	cdn.ziffstatic.com	www.offers.com zdstatic.offers.com cdn.ziffstatic.com
4	c.amazon-adsystem.com	cdn.ziffstatic.com
4	cdn.static.zdbb.net	1 redirects www.offers.com cdn.static.zdbb.net
4	securepubads.g.doubleclick.net	www.offers.com securepubads.g.doubleclick.net
3	zdbb.net	www.offers.com cdn.static.zdbb.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.offers.com
3	www.google-analytics.com	www.offers.com www.google-analytics.com www.googletagmanager.com
3	sgi2.offerscdn.net	www.offers.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	googleads.g.doubleclick.net	8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com www.offers.com
2	static.criteo.net	cdn.ziffstatic.com static.criteo.net
2	8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.com	www.offers.com tpc.googlesyndication.com
2	l.evidon.com	www.offers.com
2	www.googletagmanager.com	www.offers.com www.googletagmanager.com
2	zdstatic.offers.com	1 redirects www.offers.com
2	c.evidon.com	www.offers.com zdstatic.offers.com
2	sgi1.offerscdn.net	www.offers.com
1	us-u.openx.net
1	cm.g.doubleclick.net	1 redirects
1	eu-u.openx.net	1 redirects
1	stags.bluekai.com	tags.bkrtx.com
1	cdn.krxd.net	cdn.static.zdbb.net
1	gum.criteo.com	static.criteo.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	www.google.de	www.offers.com
1	cdn.id5-sync.com	www.offers.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	htlb.casalemedia.com	cdn.ziffstatic.com
1	ziffdavis-d.openx.net	cdn.ziffstatic.com
1	bidder.criteo.com	cdn.ziffstatic.com
1	fastlane.rubiconproject.com	cdn.ziffstatic.com
1	gurgle.zdbb.net	www.offers.com
1	gurgle.offers.com	1 redirects
1	preferences.truste.com	www.offers.com
1	ajax.googleapis.com	www.offers.com
1	privacy-policy.truste.com	www.offers.com
115	47

This site contains links to these domains. Also see Links.

Domain
www.creditcardsexplained.com
www.ziffdavis.com
www.facebook.com
pinterest.com
twitter.com
www.instagram.com
flipboard.com
privacy.truste.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2021-03-03` - `2022-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
cdn.id5-sync.com R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
zdbb.net Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.zdbb.net Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.offers.com/stores/adp/
Frame ID: 2EBE67B305943C6DE046618C48414623
Requests: 92 HTTP requests in this frame

Frame: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0466E83CCE4E19FDF11F8CDD99750D14
Requests: 1 HTTP requests in this frame

Frame: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0610EB1684AB2D304ACBE02B011A6C8B
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPC-rQIQtprG0QIYvJW_uQEwAQ&v=APEucNV14OQLQm4dX4AlqDO7DwrgphCKOVpt1V9EV3VGQzVkXr4PT0aPSzUGGJegCSdnKkIHpH81PPY3obl6EE49XGp6iW6_ui5wsvFvTifFQfqmpIzII-GiJ9VDTnnJ0yUjIEcSXtpvxbDriHXvNvedpgcLFziDa-Gy6ySM2A5Z4XCKbWGB9PIjUstVi82Xib2VmzQhQDi7yztwyUa46RJ932GBjGnRlPc4mLt0ziGL6fDyeFndqcNZMwj8igHSwM-VJr2jE3IpMzO6p_AS_oixEYXNhlVUh3AHPor-TLNgCUVxQy1eb3g6rQ0cbA_RlqPauYz3jyR4ICHTauwzmseDEtpgr9riz-gxAs8fDhdZc6G7wdvrQ4yR8vf-ULSwBytFZSHIy62dhOqeozhnaNvUjcoWYE0t3ZILKQOVhEAmp1u7Fei83bVHC_Arv-uGkYC3bR0fB0YK1HXL6sNixJIDraWbsLxo1nTZ3-lZroFIsaxig4ab92NTpxRc9PqnIJpnBJKVHJENvtj81FOQvq4DVZmK8leH4Tnme5No1Qnqa0GZq_E0ITVkYBOUq0DAOiv5W-lDw2dqNnVdddoXIbM-J3JNDbxULAloP-R1O-qDxwVRG8s7yr4
Frame ID: ED5130301FE832A241117A8E17CB1F33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0332D13CCAA649ABBC242324B28F5FBC
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.offers.com&gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA
Frame ID: E733D4C78D107016E6F511274A91F935
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 684AFC1BDCB964D6A65265CD4B45EA94
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE060C9FBE0219205671B9AE08631DEA
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=offersbrand%3Dstores&phint=bbseg%3D900263&phint=bbseg%3D900331&phint=bbseg%3D900365&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D900374&phint=__bk_t%3DADP%20Promo%20Codes%20%26%20Coupons%202021&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=__bk_v%3D3.1.10&limit=10&r=36894134
Frame ID: 1486C97D989A216F0C8B4711F93A5A51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADP Promo Codes & Coupons 2021

Page Statistics

115
Requests

97 %
HTTPS

49 %
IPv6

26
Domains

47
Subdomains

41
IPs

8
Countries

1694 kB
Transfer

4041 kB
Size

19
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.creditcardsexplained.com/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/terms-of-use
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.creditcardsexplained.com/articles
Title: Credit Card Blog

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/accessibility
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: http://www.facebook.com/OffersDOTcom

Search URL Search Domain Scan URL

URL: http://pinterest.com/Offerscom/

Search URL Search Domain Scan URL

URL: https://twitter.com/offers

Search URL Search Domain Scan URL

URL: https://www.instagram.com/offerscom/

Search URL Search Domain Scan URL

URL: https://flipboard.com/@offersdotcom

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 25

https://zdstatic.offers.com/jst/zdconsent.js HTTP 302
https://zdstatic.offers.com/jst/eu/zdconsent.js

Request Chain 41

https://gurgle.offers.com/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fp=1 HTTP 302
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1

Request Chain 114

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBSSNEsgQGgQ918ltU1GuoA&google_cver=1&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA

115 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.offers.com/stores/adp/ 37 KB
8 KB 337ms
311ms Document
text/html 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e6732fbbd326ab5763a6d6a1d6cda86ad27ddc9d53827e2c4524eb1982d4b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6ab583b01a4ed6c9-FRA
content-encoding: gzip

GET
H2 200 vendor.css
www.offers.com/assets/v1634679975/ 48 KB
10 KB 25ms
23ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/vendor.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764774
cf-polished: origSize=48922
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:30 GMT
server: cloudflare
etag: W/"61647a92-bf1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6ab583b23d0fd6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 base.css
www.offers.com/assets/v1634679975/ 136 KB
27 KB 48ms
46ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ff7c66b66c944275642b55491e432a38242f8ab90574c92db16265b176aae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764774
cf-polished: origSize=139160
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:55 GMT
server: cloudflare
etag: W/"61647aab-21f98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6ab583b23d11d6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 base-async.css
www.offers.com/assets/v1634679975/ 4 KB
1 KB 55ms
54ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base-async.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764774
cf-polished: origSize=3838
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:59 GMT
server: cloudflare
etag: W/"61647aaf-efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6ab583b23d12d6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 merchant.css
www.offers.com/assets/v1634679975/ 19 KB
4 KB 32ms
31ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/merchant.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9084b24863c91948a8a44b2143b64cd4d9c72ac1f796f1f3243f9e1aca80b1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1104616
cf-polished: origSize=19335
cf-bgj: minify
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 21:46:52 GMT
server: cloudflare
etag: W/"616f3ccc-4b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6ab583b23d14d6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 offers.js Show response
cdn.ziffstatic.com/pg/ 34 KB
13 KB 76ms
14ms Script
application/javascript 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/pg/offers.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 883263abd92e9a94e5d2a961fc4e1e5419b399b106e1b7dbfd14cb544264be54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: mkRjMmIqb2XdYHSLQdUv6qy.TrBEOOV0
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 17:51:20 GMT
x-amz-request-id: 9FFB9MDY7JFS32C2
etag: "eba1c038581b8e4b7265e90341d8fad1"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=3600
date: Tue, 09 Nov 2021 08:01:40 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 12852
x-amz-id-2: d+lSFWFssIB6pyZN7HpZLPWMvwyTpMEKsBe2kRhZJtxkT9vRi+kIqsdpxSNDNBv9x3ivJbFOFGs=
expires: Tue, 09 Nov 2021 09:01:40 GMT

GET
H2 200 offers.prebid.js Show response
cdn.ziffstatic.com/pg/ 440 KB
130 KB 79ms
15ms Script
application/javascript 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4afdd62268fbd733c37ba28eca7c52d66fdabc1afe917cdf153cba10e5e78917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: lEZgzmQYfc60X8_qnlR5TKpRk26cMEku
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 18:02:30 GMT
x-amz-request-id: 7BD1Z5PY02TA3GBD
etag: "bb0693e5dfb463161e804085c8b8c389"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=67540
date: Tue, 09 Nov 2021 08:01:40 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 132042
x-amz-id-2: ZaShx1yP09ixVMFO1EllFpPRL8rXHVviIRcmUKqh+U1RQ+jW2h6/4GHM7/JhyFBc1XjPQcIxOOA=
expires: Wed, 10 Nov 2021 02:47:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 49ms
23ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 721 of 1000 / last-modified: 1636412720"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27059
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 08:01:40 GMT

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

88 KB
25 KB

14ms
13ms

Script
application/javascript

2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 22f7779c76cf9ae072762bb39b9b8387ad3998d5aac01494fed7e7067d5ac1b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: x5kbl41kPheyLB7A50D5R9Q4Ce5UDXdf
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 18:14:47 GMT
x-amz-request-id: ND7DBT22VTXMK1A4
date: Tue, 09 Nov 2021 08:01:40 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25163
x-amz-id-2: uHK2FgdGgDqG6HuihJjxfdy61nrvW5zd5yXtRlTctidIGrd2Re5VEVpkUl4ZHryL+5TOAMzLV8g=
expires: Wed, 10 Nov 2021 08:01:40 GMT

Redirect headers

location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
date: Tue, 09 Nov 2021 08:01:40 GMT
cache-control: max-age=86400
core-eu: Yes
content-length: 0
expires: Wed, 10 Nov 2021 08:01:40 GMT

GET
H2 200 logo.svg
www.offers.com/images/v1634679975/ 12 KB
4 KB 52ms
51ms Image
image/svg+xml 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1634679975/logo.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2961e633fb39fe8c91ac7abd6ec011933478e58dff1e944924568f9cdddec7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 15:09:29 GMT
server: cloudflare
age: 1764710
etag: W/"60e71529-2e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
strict-transport-security: max-age=31536000
cf-ray: 6ab583b23d20d6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 604.v123.png
sgi2.offerscdn.net/i/production/published/5/topnav_image/ 2 KB
3 KB 76ms
15ms Image
image/webp 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/5/topnav_image/604.v123.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54770fd1905812ea13a16abc2bb89af06ead2097a4c48539db49fed73b8d095e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
vary: Accept
cf-cache-status: HIT
age: 47070
cf-polished: origFmt=png, origSize=3561
content-disposition: inline; filename="604.webp"
content-length: 2296
last-modified: Mon, 08 Nov 2021 18:57:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Wed, 09 Nov 2022 08:01:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2991c1752-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 428.v1163.png
sgi2.offerscdn.net/i/production/published/5/topnav_image/ 1 KB
1 KB 77ms
18ms Image
image/webp 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/5/topnav_image/428.v1163.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce7e9282df3c08bfa6a7e62a17f338dae0495eb9aeac22b52759997521a19c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
vary: Accept
cf-cache-status: HIT
age: 42116
cf-polished: origFmt=png, origSize=2334
content-disposition: inline; filename="428.webp"
content-length: 1380
last-modified: Mon, 08 Nov 2021 20:19:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Wed, 09 Nov 2022 08:01:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2991e1752-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 023WOEB8HmIjus0qt9cQuqx.h90.w170.flpad.v28.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 14 KB
14 KB 383ms
325ms Image
image/png 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/023WOEB8HmIjus0qt9cQuqx.h90.w170.flpad.v28.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca70d63095e7c4605d868283368aaea6edf6f6a984509029636bc792494212bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 08:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6ab583b29ede4eb5-FRA
content-length: 14165
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 1087871.h80.w140.flpad.v15.bffffff.jpg
sgi1.offerscdn.net/i/production/published/4/image/ 2 KB
2 KB 378ms
319ms Image
image/jpeg 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi1.offerscdn.net/i/production/published/4/image/1087871.h80.w140.flpad.v15.bffffff.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3847b1c31663d53c1518509c0eac2d5902f4b20ecd2cc64b63416a009b8a2937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 08:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6ab583b29b5d05e9-FRA
content-length: 1984
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 61.h60.w60.flim.v1.jpg
sgi1.offerscdn.net/i/production/published/141/image/ 1 KB
2 KB 75ms
16ms Image
image/jpeg 2606:4700::6812:9d32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi1.offerscdn.net/i/production/published/141/image/61.h60.w60.flim.v1.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9d32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00fc1c53cf52673aaf10bc0d0702a92a71aa5a5a56377c096be5f9191da3772

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 416368
cf-polished: status=not_needed
content-length: 1320
last-modified: Thu, 04 Nov 2021 12:22:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
expires: Wed, 09 Nov 2022 08:01:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b29b6005e9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 48.h60.w60.flim.v1.jpg
sgi2.offerscdn.net/i/production/published/141/image/ 2 KB
2 KB 85ms
26ms Image
image/jpeg 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/141/image/48.h60.w60.flim.v1.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb288f2d943c13ad207761ea04a93e006a96258ec34a378cae81788ea851e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 974278
cf-polished: status=not_needed
content-length: 1542
last-modified: Fri, 29 Oct 2021 01:23:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
expires: Wed, 09 Nov 2022 08:01:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2991f1752-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 02r13VaP3HsZe2Xgxcgango.h90.w134.flpad.v260.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
3 KB 70ms
13ms Image
image/webp 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02r13VaP3HsZe2Xgxcgango.h90.w134.flpad.v260.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65aae457eea154a8824bf40c7051a4d712c0c73bb570f8fc0e9c9be03b5b63b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
vary: Accept
cf-cache-status: HIT
age: 943071
cf-polished: origFmt=png, origSize=3683
content-disposition: inline; filename="02r13VaP3HsZe2Xgxcgango.webp"
content-length: 2528
last-modified: Fri, 29 Oct 2021 10:03:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Wed, 09 Nov 2022 08:01:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b29edf4eb5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 01Z9Y1nEbhzHVHVugGY8cJZ.h90.w134.flpad.v116.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 3 KB
4 KB 74ms
17ms Image
image/webp 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/01Z9Y1nEbhzHVHVugGY8cJZ.h90.w134.flpad.v116.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d64d95a0fb2d3628a4ced061ae1771200463d73f39085840ef7d06605ffc3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
vary: Accept
cf-cache-status: HIT
age: 256260
cf-polished: origFmt=png, origSize=5486
content-disposition: inline; filename="01Z9Y1nEbhzHVHVugGY8cJZ.webp"
content-length: 3502
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Wed, 09 Nov 2022 08:01:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b29ee14eb5-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 02Owc5Scp8XPPxwXylqqI3J.h90.w134.flpad.v138.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 3 KB
3 KB 355ms
316ms Image
image/png 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02Owc5Scp8XPPxwXylqqI3J.h90.w134.flpad.v138.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc42f2f5ac3e38fe0f34ef2f7527b3b15e36597d9538253a5ae885541fecd98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 08:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6ab583b29ee54eb5-FRA
content-length: 2609
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 01cvmMLT9dy242wSb8auX2H.h90.w134.flpad.v53.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 354ms
348ms Image
image/png 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/01cvmMLT9dy242wSb8auX2H.h90.w134.flpad.v53.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7217dd7bb4ee20316074b91a71a46f16641df9364cc89373389c2f28fbe7fd69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 08:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6ab583b29ee74eb5-FRA
content-length: 2121
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 03fd4hd63sRglytbFvf2pSZ.h90.w134.flpad.v12.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 5 KB
5 KB 347ms
342ms Image
image/png 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/03fd4hd63sRglytbFvf2pSZ.h90.w134.flpad.v12.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b07dfcfc6cf6316125602e1a5fd2b8c3152d84214c22a49480a998a561f3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 08:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6ab583b29ee94eb5-FRA
content-length: 4706
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 073LZ4sVmApkG8dOJjb3hTj.h90.w134.flpad.v70.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 4 KB
4 KB 323ms
318ms Image
image/png 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/073LZ4sVmApkG8dOJjb3hTj.h90.w134.flpad.v70.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04d26958916afa20fd0f761c080aa2e10cf589469e22969e3039d04503a381c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 08:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6ab583b29eeb4eb5-FRA
content-length: 4070
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 05Vna0u5ROfQ5XgDugnuP3E.h90.w134.flpad.v17.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 4 KB
4 KB 357ms
352ms Image
image/png 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/05Vna0u5ROfQ5XgDugnuP3E.h90.w134.flpad.v17.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6fc7b00f23c65bd792ef01e6adf3002fa8ad5e18abeae38c6aebeef644393c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
cf-cache-status: MISS
last-modified: Tue, 09 Nov 2021 08:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6ab583b29eed4eb5-FRA
content-length: 3891
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 logo-teal.svg
www.offers.com/images/v1634679975/ 12 KB
4 KB 41ms
40ms Image
image/svg+xml 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1634679975/logo-teal.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1ca10f6b7666e93d493bfb6a6748f380addb42602ee797994469c077c24837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 15:09:29 GMT
server: cloudflare
age: 1764710
etag: W/"60e71529-2e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
strict-transport-security: max-age=31536000
cf-ray: 6ab583b24d2bd6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 11 KB
11 KB 52ms
9ms Image
image/svg+xml 143.204.98.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.88 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-88.fra50.r.cloudfront.net

Software

TXS /

Resource Hash

4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 08 Nov 2021 06:55:49 GMT
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 90351
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10781
X-Xss-Protection: 1; mode=block, 1; mode=block
Server: TXS
ETag: W/"10781-1594834140000"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=0
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 3cSbj01O_awPQixxfrljMIWnsJ_-1UKwVvCIvCxDUfzSu4_Z4nqTpg==

GET
H2 200 icong1.png
c.evidon.com/pub/ 600 B
907 B 60ms
6ms Image
image/png 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/icong1.png
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 16:14:21 GMT
server: AkamaiNetStorage
etag: "d08da9f445b63100a56646de99043059:1558455261"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 623

GET
H2

200

zdconsent.js Show response
zdstatic.offers.com/jst/eu/
Redirect Chain

https://zdstatic.offers.com/jst/zdconsent.js
https://zdstatic.offers.com/jst/eu/zdconsent.js

32 KB
12 KB

19ms
18ms

Script
application/javascript

2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://zdstatic.offers.com/jst/eu/zdconsent.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8eb8fa5598a41dae8756a3628fb36f944e7b26331912096d79502d4e2bd2f80f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: XI4MRnW8fEvSZSMRNn0rpRsZzmRxhIgp
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 14:10:42 GMT
x-amz-request-id: VBQRXVQJQ77KCDKE
etag: "e6782b472f914d84b8e243f5477ff372"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 09 Nov 2021 08:01:40 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 11475
x-amz-id-2: GTAqh5PTjOlf6ldSYuInf61cpWyzXQXX6lICvBilOSFzibOeSAISRE1w1XcQPlJxwxPQHtn3Pxs=
expires: Wed, 10 Nov 2021 08:01:40 GMT

Redirect headers

location: https://zdstatic.offers.com/jst/eu/zdconsent.js
date: Tue, 09 Nov 2021 08:01:40 GMT
cache-control: max-age=86400
content-length: 0
expires: Wed, 10 Nov 2021 08:01:40 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 55ms
0ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 02 Nov 2022 21:08:41 GMT

GET
H2 200 js Show response
preferences.truste.com/webservices/ 3 KB
1 KB 316ms
99ms Script
text/javascript 54.221.113.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences.truste.com/webservices/js?&domain=ziffdavis.com&type=ziffdavis&js=2
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.221.113.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-221-113-126.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
server: Apache/2.4.7 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1106
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vendor.js Show response
www.offers.com/assets/v1634679975/ 177 KB
54 KB 30ms
29ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/vendor.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f150dfeb4a0e6537529a23567ac44f32145446404e72f11e30c3114fc9bbf5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764774
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:34 GMT
server: cloudflare
etag: W/"61647a96-2c290"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6ab583b23d17d6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 base.js Show response
www.offers.com/assets/v1634679975/ 45 KB
11 KB 44ms
43ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da5523987f1aa265f170cf27232c760db70775bb65e604ce85a4b1ab2ce74dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1764773
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:56 GMT
server: cloudflare
etag: W/"61647aac-b333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6ab583b23d1ad6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 merchant.js Show response
www.offers.com/assets/v1634679975/ 13 KB
4 KB 44ms
43ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/merchant.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e605a47de2cf6e48e1c1e748eede1219d27129ab3d898db9231c37ad05363d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 974477
cf-bgj: minify
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 21:46:53 GMT
server: cloudflare
etag: W/"616f3ccd-334f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6ab583b23d1bd6c9-FRA
expires: Fri, 07 Nov 2031 08:01:40 GMT

GET
H2 200 ga.js Show response
www.offers.com/scripts/ 477 B
443 B 37ms
36ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/scripts/ga.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78604b53d740442b5b8a5d692567f70f46f6e284118ab6db94a46641672f3954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7018
cf-polished: origSize=536
vary: Accept-Encoding
last-modified: Tue, 06 Jul 2021 19:22:06 GMT
server: cloudflare
etag: W/"60e4ad5e-218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
expires: Wed, 09 Nov 2022 08:01:40 GMT
cache-control: public, max-age=31536000
cf-ray: 6ab583b23d1ed6c9-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
10ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 34
date: Tue, 09 Nov 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Nov 2021 10:01:06 GMT

GET
H2 200 bullet-black.png
www.offers.com/images/ 94 B
317 B 51ms
50ms Image
image/webp 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/bullet-black.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/assets/v1634679975/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 474270
cf-polished: origFmt=png, origSize=149
content-disposition: inline; filename="bullet-black.webp"
vary: Accept
content-length: 94
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
expires: Fri, 07 Nov 2031 08:01:40 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6ab583b2bdced6c9-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fa-solid-900.woff2
www.offers.com/fonts/ 115 KB
115 KB 46ms
46ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-solid-900.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7018
vary: Accept-Encoding
content-length: 117516
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-1cb0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2bdcfd6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 fa-regular-400.woff2
www.offers.com/fonts/ 142 KB
142 KB 27ms
26ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-regular-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7018
vary: Accept-Encoding
content-length: 145072
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-236b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2cde4d6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 Gilroy-Bold.otf
www.offers.com/fonts/ 54 KB
54 KB 35ms
33ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Bold.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5337
vary: Accept-Encoding
content-length: 55376
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2cde5d6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 Gilroy-Regular.otf
www.offers.com/fonts/ 53 KB
53 KB 31ms
29ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Regular.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5337
vary: Accept-Encoding
content-length: 53840
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2cde6d6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 Gilroy-Medium.otf
www.offers.com/fonts/ 54 KB
54 KB 23ms
21ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Medium.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5337
vary: Accept-Encoding
content-length: 54972
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d6bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2cde7d6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 fa-brands-400.woff2
www.offers.com/fonts/ 70 KB
71 KB 33ms
30ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-brands-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7018
vary: Accept-Encoding
content-length: 72148
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-119d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b2cdead6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 200 OpenSans-Bold.woff2
www.offers.com/fonts/ 46 KB
46 KB 20ms
19ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Bold.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7018
vary: Accept-Encoding
content-length: 46676
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b31e4bd6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2

200

info Show response
gurgle.zdbb.net/
Redirect Chain

https://gurgle.offers.com/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fp=1
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1

256 B
457 B

846ms
108ms

XHR
application/json

54.82.206.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 54.82.206.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-206-153.compute-1.amazonaws.com
Software: /
Resource Hash: 29dda18f6261f5a6ff937b91d987339bce7e0b278ecd2a9efe55d9dd6ce46d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: null
date: Tue, 09 Nov 2021 08:01:41 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 256
access-control-allow-methods: GET, OPTIONS
content-type: application/json

Redirect headers

date: Tue, 09 Nov 2021 08:01:40 GMT
location: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 0

GET
H2 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 18ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 08:01:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
104 B 33ms
16ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

fb6a19dc762d76e22c743e22acced2cd38c0eb9852f4765df8de2e75aefb30e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Tue, 09 Nov 2021 08:01:40 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
732 B 134ms
106ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3158&u=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:39 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: Dh-o6rRrUl3ayrlPZQ5_-COW9aPY6-dRI9SJsYTUfR0r80N2cLzb6g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 36ms
8ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 4346
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Tue, 09 Nov 2021 07:51:16 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: A9YAn1fEvsdqtLDjbaXjz3N7vHtt9qs9vLaef95xfAPKZljvsJ6DBQ==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 449 B
904 B 207ms
125ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=200194&zone_id=986094&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA&us_privacy=1---&rf=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&kw=offers.com%2C%20offers%2C%20organiccomm%2C%20merchant&tg_i.page=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&tg_i.domain=offers.com&tg_i.name=offers.com&tg_i.mobile=1&tg_i.privacypolicy=1&tg_i.site=offers.com&tg_i.adunit=organiccomm&tg_i.pbadslot=sidebar-1&tk_flint=pbjs_lite_v5.20.0&x_source.tid=1806e7b0-af9e-4280-846d-2b960f753b4b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2202724760137722
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ebe3af23c2776006b0c2c10b497d43476b6904013cbcbeb4d1247bb72ef16d3c

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 08:01:40 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.offers.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 449
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 45ms
12ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=91771531791
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.offers.com
date: Tue, 09 Nov 2021 08:01:39 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
ziffdavis-d.openx.net/w/1.0/ 236 B
611 B 165ms
132ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ziffdavis-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1806e7b0-af9e-4280-846d-2b960f753b4b&nocache=1636444900485&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA&gdpr=1&us_privacy=1---&aus=300x250%2C300x600&divids=sidebar-1&aucs=sidebar-1&auid=540322687
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 5151512e41d928efb1bf655781fe03a7e38c19ca1e47cbe2a32f846fc30f0b93

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.offers.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 217
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
330 B 116ms
92ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=429282&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2279074cc3c2c924%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F%22%2C%22ref%22%3A%22%22%2C%22domain%22%3A%22offers.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22offers.com%22%7D%2C%22name%22%3A%22offers.com%22%2C%22mobile%22%3A1%2C%22privacypolicy%22%3A1%2C%22keywords%22%3A%22offers.com%2C%20offers%2C%20organiccomm%2C%20merchant%22%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22title%22%3A%22ADP%20Promo%20Codes%20%26%20Coupons%202021%22%2C%22context%22%3A5%2C%22data%22%3A%5B%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22site%22%3A%22offers.com%22%2C%22adunit%22%3A%22organiccomm%22%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228dc4f3f752f4b7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A429282%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A429282%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22BO3ulHHO3ulQVASABAENDWAAAAAyOAAA%22%7D%7D%7D
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c34257191578413053e873d1fa797b8efc2338cfa1d6f82212e81826ab9cdff6

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.87], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.offers.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 09 Nov 2021 08:01:40 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 39ms
39ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3158&u=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&pid=2hneOhPBjY8c5&cb=0&ws=1600x1200&v=7.69.01&t=750&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4585%2Fns.offers%2Forganiccomm%22%7D%5D&gdpre=1&gdprc=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA&gdprl=%7B%22status%22%3A%22cmp-success%22%7D

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: P84BJ8PPX1N39B2RBYM6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: rcW7SiuM-WWVVUjsqR9BMJGMgu12nmq8O3WWKAy5wqx3dw782SnE_A==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
732 B 96ms
96ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3158&u=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:39 GMT
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: -DUB8pb1TYB0FtbMmna8qzlOabqyxVxunxUNZcRxIClh4Ysw8e3vvQ==

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 6ms
6ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 evidon-sitenotice-bundle.js Show response
cdn.ziffstatic.com/sitenotice/ 251 KB
24 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1b7e10f6dbcacd83aaa2d83e2f890559da16170b08b02326f525cb1ff037b21d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: xyH6wrWAmwAbrZyBIsYGX6EylfU596.D
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 21:00:57 GMT
x-amz-request-id: W56Y45SCWE0ZN7HF
etag: "5211c5ba68164df407ab8387a0ce6918"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 09 Nov 2021 08:01:40 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 24216
x-amz-id-2: vLwXe+5rog21SGFZHCmdfZuWEVyTR48ble7r9D5G5csTxWNwEKlU/2tex68jgMRRxIAmwLm5gok=
expires: Wed, 10 Nov 2021 08:01:40 GMT

GET
H2 200 settings.js Show response
cdn.ziffstatic.com/sitenotice/660/offers/ 17 KB
4 KB 125ms
125ms Script
application/javascript 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/offers/settings.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e0dbca8e9a50d07acf3470a6677d1926501779109c33e0fe7d1ff90c10b63f34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 36RaEjHuyF.bjfyTQgdHDtJPaXtg8Z3F
content-encoding: gzip
last-modified: Sat, 16 Oct 2021 14:17:09 GMT
x-amz-request-id: WAMSED14Z7P2P91H
etag: "65966125d74eef546d3df6c42dab17d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 09 Nov 2021 08:01:40 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 3692
x-amz-id-2: gOV1nZTUKqffTjjBo0scqMK4GeTHbiwwErs32zQNCuYxI+0tzpi4kaUsEJMd668rnJKbdYbEEQs=
expires: Wed, 10 Nov 2021 08:01:40 GMT

GET
H2 200 en.js Show response
cdn.ziffstatic.com/sitenotice/660/translations/ 319 KB
13 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/translations/en.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ceb037bf695a81081fcbdd36b6a30a16d0b58e32559e51887f041637361e35fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: vW.1ugLfYzU_jNRUkB3qmXdMCra5CnpZ
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 12:00:07 GMT
x-amz-request-id: PGA0FATSY80TASCZ
etag: "e6bc20bf0564148eff940422a380934a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 09 Nov 2021 08:01:40 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 12409
x-amz-id-2: PHAXJ91IRSONAH9CGzZjYT4msnF/MHm5PgVhYJDCsOhwYpLb9ORH/9+SdYvsEcQZeWpFJNEvP/s=
expires: Wed, 10 Nov 2021 08:01:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
55 KB 42ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59325233d4da0df44b74193780f56b1c0e18574bdf2234e4fd668301f1bdfd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55953
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Nov 2021 08:01:40 GMT

GET
H2 200 offer-tile-placeholder.png
www.offers.com/images/ 72 B
213 B 30ms
30ms Image
image/webp 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/offer-tile-placeholder.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 469381
cf-polished: origFmt=png, origSize=162
content-disposition: inline; filename="offer-tile-placeholder.webp"
vary: Accept
content-length: 72
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
expires: Fri, 07 Nov 2031 08:01:40 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6ab583b44840d6c9-FRA
cf-bgj: imgq:100,h2pri

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2099154202&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ul=en-us&de=UTF-8&dt=ADP%20Promo%20Codes%20%26%20Coupons%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEABEAAAAC~&jid=65263646&gjid=2053627656&cid=220342062.1636444901&tid=UA-7272868-1&_gid=2106630830.1636444901&_r=1&_slc=1&cd7=023WOEB8HmIjus0qt9cQuqx&z=1809970262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.offers.com/core/merchant/impressions/ 0
175 B 144ms
143ms XHR
text/html 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/core/merchant/impressions/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.offers.com/stores/adp/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6ab583b47898d6c9-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7272868-1&cid=220342062.1636444901&jid=65263646&gjid=2053627656&_gid=2106630830.1636444901&_u=KGBAAEAAEAAAAC~&z=385451999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Nov 2021 08:01:40 GMT
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 35 KB
10 KB 54ms
14ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Tue, 09 Nov 2021 07:31:43 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10053
x-request-id: 22544636

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 159 KB
58 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H8B8R34YCC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1706d01dbd84a55dd4207b31a852e40505d043e93aa665036dd646f105ed1e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59797
x-xss-protection: 0
expires: Tue, 09 Nov 2021 08:01:40 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
10 KB 53ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79BB6EB0C21C4A1A970F239D38EA82A2 Ref B: FRAEDGE1516 Ref C: 2021-11-09T08:01:40Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

GET
H2 200 evidon-barrier.js Show response
cdn.ziffstatic.com/sitenotice/ 14 KB
4 KB 9ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/evidon-barrier.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb32 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: UwfIzJ_dN6pFPHJXFmUK5RPJDR2lkMRs
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 07:00:03 GMT
x-amz-request-id: 2DZ3X2N4B27KF1GW
etag: "282d0aad6323c983709c8ba8921e53b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 09 Nov 2021 08:01:40 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 3930
x-amz-id-2: MVl7z13SlGDgnlDSC1OZC8899vLPScDcesUgar/IR2eWeGmZ/P/ESBYKZFCoNSZ9oNFl7rDfr30=
expires: Wed, 10 Nov 2021 08:01:40 GMT

GET
H2 204 18610
l.evidon.com/site/v3/660/147/3/1/3/2/ 0
121 B 959ms
94ms Image
text/plain 18.208.45.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/660/147/3/1/3/2/18610?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.45.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-45-198.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 42ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7272868-1&cid=220342062.1636444901&jid=65263646&_u=KGBAAEAAEAAAAC~&z=1149276240

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 40ms
17ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7272868-1&cid=220342062.1636444901&jid=65263646&_u=KGBAAEAAEAAAAC~&z=1149276240

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 OpenSans-Regular.woff2
www.offers.com/fonts/ 46 KB
46 KB 19ms
19ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Regular.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7008
vary: Accept-Encoding
content-length: 47016
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab583b4f974d6c9-FRA
expires: Wed, 09 Nov 2022 08:01:40 GMT

GET
H2 204 18610
l.evidon.com/site/v3/660/147/3/5/3/2/ 0
120 B 941ms
94ms Image
text/plain 18.208.45.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/660/147/3/5/3/2/18610?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.45.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-45-198.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 13ms
13ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H8B8R34YCC&gtm=2oeb80&_p=2099154202&sr=1600x1200&ul=en-us&cid=220342062.1636444901&_s=1&dl=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&dt=ADP%20Promo%20Codes%20%26%20Coupons%202021&sid=1636444900&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H8B8R34YCC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 848.json Show response
id5-sync.com/g/v2/ 213 B
532 B 817ms
9ms XHR
application/json 51.89.21.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/848.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.31 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p22.id5-sync.com

Software

Resource Hash

de63a48285f41e3f8dbb973a3dcb565970373cf19ba675b58df27037442732da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.offers.com
Date: Tue, 09 Nov 2021 08:01:33 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 28000255.js Show response
bat.bing.com/p/action/ 0
93 B 32ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/28000255.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 08:01:40 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 492D0DBB36C84AA6BC0AADE4D06D7875 Ref B: FRAEDGE1516 Ref C: 2021-11-09T08:01:40Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
149 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=28000255&tm=gtm002&Ver=2&mid=164455c7-9a8e-4907-a7d5-124591465f41&sid=45826fb0413311ec94f1c74dea512d79&vid=45827ef0413311ecbe4d4364403979d4&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ADP%20Promo%20Codes%20%26%20Coupons%202021&p=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&r=&lt=719&evt=pageLoad&msclkid=N&sv=1&rn=797056
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1874D198249B470E87B5C5B1A74A3A69 Ref B: FRAEDGE1516 Ref C: 2021-11-09T08:01:40Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 796ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 796ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
8 KB 421ms
420ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2138722009280648&correlator=3758812764428605&output=ldjh&impl=fifs&eid=31063213%2C31063281%2C31063405%2C31060033&vrg=2021110401&ptt=17&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=4585%2Cns.offers%2Corganiccomm&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=rfr%3Dfalse%26pos%3D1%26ppos%3D1%2Catf%26npos%3D1%26pogo%3Dsidebar%26divid%3Dsidebar-1%26amznbid%3D2%26amznp%3D2&eri=5&cust_params=template%3Dmerchant%26category%3Dorganiccomm%26OOF%3Dfalse%26ref%3D%26zdid%3D3108b989e6483f7dc184ad6abf5c8b68%26pageviewid%3Dda9c3c79-cc13-4f58-814b-cf1faf2bb607%26gdpr%3D0%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1636444900716&dlt=1636444900171&idt=392&frm=20&biw=1600&bih=1200&oid=2&adxs=188&adys=920&adks=1989942666&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=307x1952&msz=307x0&ga_vid=220342062.1636444901&ga_sid=1636444901&ga_hid=2099154202&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

6272ec49897dd66adffcd4d8aab3a7085ecc2f9964adc4863cb0189af5a122bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8225
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0466 6 KB
4 KB 53ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:01:41 GMT
expires: Wed, 09 Nov 2022 08:01:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 296ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:01:41 GMT

GET
H2 200 container.html Show response
8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0610 6 KB
3 KB 38ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 08:01:41 GMT
expires: Wed, 09 Nov 2022 08:01:41 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 70ms
25ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:01:41 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ED51 0
674 B 41ms
18ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPC-rQIQtprG0QIYvJW_uQEwAQ&v=APEucNV14OQLQm4dX4AlqDO7DwrgphCKOVpt1V9EV3VGQzVkXr4PT0aPSzUGGJegCSdnKkIHpH81PPY3obl6EE49XGp6iW6_ui5wsvFvTifFQfqmpIzII-GiJ9VDTnnJ0yUjIEcSXtpvxbDriHXvNvedpgcLFziDa-Gy6ySM2A5Z4XCKbWGB9PIjUstVi82Xib2VmzQhQDi7yztwyUa46RJ932GBjGnRlPc4mLt0ziGL6fDyeFndqcNZMwj8igHSwM-VJr2jE3IpMzO6p_AS_oixEYXNhlVUh3AHPor-TLNgCUVxQy1eb3g6rQ0cbA_RlqPauYz3jyR4ICHTauwzmseDEtpgr9riz-gxAs8fDhdZc6G7wdvrQ4yR8vf-ULSwBytFZSHIy62dhOqeozhnaNvUjcoWYE0t3ZILKQOVhEAmp1u7Fei83bVHC_Arv-uGkYC3bR0fB0YK1HXL6sNixJIDraWbsLxo1nTZ3-lZroFIsaxig4ab92NTpxRc9PqnIJpnBJKVHJENvtj81FOQvq4DVZmK8leH4Tnme5No1Qnqa0GZq_E0ITVkYBOUq0DAOiv5W-lDw2dqNnVdddoXIbM-J3JNDbxULAloP-R1O-qDxwVRG8s7yr4

Requested by

Host: 8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com
URL: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 09 Nov 2021 08:01:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 09 Nov 2021 08:01:41 GMT
cache-control: private

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0610 52 KB
25 KB 61ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C96yAI2aSjKczpW6P6lvkSY4DdwOjSDSKN_K-GemQRH8KMrso4x-wZZwxEPNL-LY1iUSEQRpR0uB2JUarzmS9yQZSe6aCRf-_YoqjPdJ8gfJEfuDQx1rPN_mX9E1SGO6D-mCg4GYQrmMTwl-DQl2VANtF5eA&dbm_d=AKAmf-AtgPVraHCL_0YXdehfN6cyn73ckf12LgjTgFGZ17K91X6GxlDcIHUGDyrsBLBkaEbn1u5Farp0FmBG15SpuQ7NUKIOPbOwNenDtUHnhcsVSrFl6LNhN-xM_izUB4b4wLKljzHtIzvb4sF1lmXHEjWI9gIDCGhTkoexxIu0gW5U1Cp8m2umxf1YSvHy2rEVlIFQIszTuK8UIvoWxgF1xBaZiWpNrf1WfkHwoJxoBXvVF127LPlvfdEFL72zWWeWrxqW7nFYrVfngJ0295-UimzN25f3CJYE2Ik9FMEeT_-HtpiDvmzLX2InHuapdGc2x57cFbdQ9LezfF_oQx8RycmwPEJuIyvDf4JFXWZCUczmMr3d8pOEmjFDkQZOflop_rMg3Fr-F3MHW9aaGVjCg3018iOyDXC8maT8W60zZFnSgoAtlwCjpZ_dY42aJbbmCHKIbu3Uh-gx2uy3_1P0IEgMPM3wZng6ctbgSERTWTIrO47mQ3x5WnCptQKc4RJofrwguZcVr_xBWVgL4jaA4rs51t1ln4_pB0KXIn6-hWVpHAAuKdAhYhldpklkOti37qSaGSdeGA0TESAMcv5OOlMTGM1jFx7YQ_oJNNP7e8InIilFthLUGbR00lFVOGId2v7MiJoGoLFeY459rysgOoQCymAllAwitMTIduHxLtKUw8bUD-79HCwTUJrkIlC9ZyjJYI2akUkCpgD1fZAqCGKzPw65VL_dzzd_Y6X_AC8JiDppKjujC1oW_kK3RjBL-3dgLdNQnF9D4LOMwzTBPMX0GQmiBZvwQTaVlKMEpFOkWeXT8X1MnxRXvUL3sTA5CXtR4EOc8KtLgpHL8yqSRsQpvgTO-4TGQTpgkS9hyvsSeNAVRmQ4NvycB3-Ll0HCmbSCt5JNmrK0ZszehA263CxO4FMoEVD25hQvCioHtl_-o9xw2YDJunLPdtWU_315tbE1WUJVrqn9oX9_ukUjdz13EigemVEJ0cJAtNpuY4aXKDK3keFPjTSVVfPRpUcI4WwyURvFQPyBmqcE3u9mKeXM7ZdNKHNQvy0ir8iLQ-EiB9_kSyVX_4vFFzY3TyldgyQqByUUUOXGBre1EMi0qn474Y1Hg5RLgcumJf2FBbOKHVY7ybmCv9o-hpt5guQluvEEJvG28JUlgGh50ZAhwgXoP9SPUbfi_fZxcEgKEXZqpc7b31tyQwqFwWd9ZUOtcbbUYnb9Wgc_rBhd0Z_EzBSM2d--WvCQ5O-1_-zGtjPIvhSS65xT1oXr_ToeGzlHsKJSJPQ4nxhmYV3co6FZ9volB4-FJpLKyu-IS0qpjKgc3BG0wjJ38NUcIOkvztxbb55lfUrr7ohadtz422xKDe0dQtwUXK5WSZ6wYBLZwppQllJ0X1_3nQ5_8j2b19wOQC3MPYa2O4zHdeAlVJvdIQM09HVlpHB4EJlzcov32HBedr0TG0audtCG_1k7xlHYbt6HQ9UHW9ZLIwYz9EPPd8kllvhlhS5mUrT1IQYY7dnbTurU5B1AOd7p350YgwaHRTPYUXuWq1LqbZGizEjex_eB_-ZhzU8FTK5ZbFqaEkMMzhEqN15d6GYWIRmbHQxEQ2zzi-O6Pi_9OIh7SUEYyquyyn-aUEi0ppCfPWfn-XJXM38CsFXCoPS33YnGTL7A2nJ8Omg6sFW9byeJFWFsVVopeCFw9X64010CPbHWoQAzmjY3oIm5bL9lHdaH-ryPa8AYg8l-R9utccmYISaxIordHqTzXgw0EYYirm3soMBRW8qnUZqjg5YOOiDY-QBEv-qL99oxUBXttzEC24WnraNQ75nVUszr_QBA0OGCye7vtdUbEqiwHNO0QAvG8ZGKbBQuidmeW3bH8tAxnW__2f-jydFrCc8M4sgElpeH01HivWpaSoJl7I5YwdIiYfEQ4BCc3Lpv3EiHY7yiPMsBDQOCd2MYLXkslZfGKsD3QIRch_Ri2eswBffjRIjJg5vyK73dePtDgw_kf9DkJuiGpUz1YdahuGXwBCkhOvyjVYm3pLzJ9VkCdVjTJba4PEJfuKyeuit1UcBbE4FbQJ7LEY6j-7d3TVNrDXeKbon_kawGT35kY8fV3UQz6j9jOz1PSIdTZe8bNq8TZ7-NS2KJ0Gi77lTrkzcMV7YWeQPPOq8DnFqHgCf5wUINsbV0vTdq5jBfjOgJ3nNMaCzRS1Q8gvnkkVmpNeH0Q3cnUeOc5_07HzVToXMdq6pA23jah_Y9TDPp6s4cwZwdxaiqBH2pvJtJBy3Wj67807rzgEI7hGGF_y3VdFAQ-bbUmDJmplBSGbmmADJgYFCJqdsjsq7maZe6r2OXc9CgQcO-VEad7nk8x0GQI3PhTkDBOE1IMH7Hm_fv3MGC9qwXxCUZ8RMjJqDwNTKLBcPnLM4Gwkv_yq2uBCd4LfxexgQ8bKWF5bBuoHpTs-3hGI66ubfPX9_8-quJ0SlYyQ8hFzxrpppA1Cle_ygqViEd8qLcRXHfOQuETcc7nH799gdCodUnYPzCfuJdWoipISWCi-ytcB-G9zxNoFghVZ3MvWhRr_PSN19rYxXdrRTfXIdKB88PRPmG9iD31wxpzb6DqL_cZK-ImB9MjU7Ugfhp9p5qoiilVTS8oEyG08NpyZHbGtHj-0RDYW0BbeNMiIR7kE4SdWxFiiqBCvYrXPZZaheZqMBnNr9EpWH5aZc3uzKakrotMdhgUNpkD8FtYZZthkew1FeSPQkQQoebXgcM2szCpFYP8RfUaok7tYTml2ihUCYW3H5IJ7hVy8sEYk8PompA9e5upgUU8K_qRIHQn_bdyyTTFE218wNkdYKTM2LXsn4cAepgr3G72epF6Z6pzZ6uDNQ8aC4VAdolMorkr1_e-Fbj7ysMtL3TdK0S3byY5T07hJzQkSTmZMbhYWHFFF2UjoEpxix7iAdAb4jt1bc1u6KCsB_sP-E8QZzCPndgvqk1LMiYc4qyYeAZFi-do5Uq3A8AnWQaUWv7-g9WWtYOxlIK6PoUaQ6EEw2moGLiqA0RaI-L4Waf1hmcLshEKr6EsYFkKYNZ_VkRhehPv5JL9PGghRUdkFCvwQFbxP0rtbUKFumpBhIhcXkUQAUbYlmRf6qS13OZHWdDLrV_sFM_TtiMeZvbcrujcIRvkvAgaf6EoernoOnjBffUN657ewCtvv6Q4eIQYyingmXbaxzlw6tZYAIC2_BTNNDTVdXDkwCxn1LbNOjBv0ai0Ver7R7ac7HCiQE9uhecllzQO35qHblJbng8IQ4ih6Y1aN3sZ_s6Kw7wsJZInJOmio_anbycGzVAfwp5w8roX2c5iaMBHWHC0CgYyi5pdhR4p0i-cRrnP3gpFuJ0zsnAE_3f4gBbQM3TPNoh5iyFJZ5xKOVSK_IR7TNP5yrxQuXXkAa3gzjQIgpxBo2jokCPjK3t0x44ULeRyFVCISEKaR9N_ORI48vTUBtr_xzHp7Go1xqkhhmG3pmcKNk-7lsTU7hYnaV1FLomkIYO9fnoev3TFmtOBLoz4Y_LGnLloC5OgKH4HPGOrv5FEh_11-SxHEPRT0qabSAOK64F9uJIcPJI20JRQ7D7C4veVIOsYjk9c8vBC4OWv2aKflDebYKy3DCtf725Sq0nbvScX4P_qwy46LF6GpmjU6z6UENSHchnHzcQOg5ih9PZiHYhDwSrLQ&cid=CAASPeRoeC7AsHCHzTDDUnyv2QV3jlPotRDVruwU8qkzt-hqarhFfoZ0Mejbk7qcB6aeiR1Yf8qFGTrLaxu8CrE&rfl=1%2Chttps%253A%252F%252Fwww.offers.com%252F%240

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2f76a7d66919fa3aaf5f756c14aa9d23a18293af4a335451a6658aed9de81d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25460
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0610 42 B
494 B 65ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dse1ebN5JI7GAYsAuN8cvjsJm-H615quAoMzSogI-ie94_qcp2pdqDxgO0_64FaB8WCPRtB0yygysVQjvpqBeeAOfUsxy3YCmASMPCNlbNgyFfl0Q

Requested by

Host: 8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com
URL: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0610 3 KB
2 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com
URL: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 07:58:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0610 121 KB
38 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com
URL: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 08:01:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 0610 15 KB
7 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com
URL: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 07:59:27 GMT

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
109 B 105ms
31ms Image
image/gif 52.18.143.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=da9c3c79-cc13-4f58-814b-cf1faf2bb607&zd_location=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.143.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-length: 43
content-type: image/gif

GET
H2 200 eAAAAAAAAAAAAAAAAAAAAA
zdbb.net/n/ 43 B
108 B 111ms
37ms Image
image/gif 52.18.143.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/n/eAAAAAAAAAAAAAAAAAAAAA?tp=ofpweeaflkwerkldfksklwk&tpc=1715936847415608363&zd_pageview_id=da9c3c79-cc13-4f58-814b-cf1faf2bb607&zd_location=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.143.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-length: 43
content-type: image/gif

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 0610 24 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C96yAI2aSjKczpW6P6lvkSY4DdwOjSDSKN_K-GemQRH8KMrso4x-wZZwxEPNL-LY1iUSEQRpR0uB2JUarzmS9yQZSe6aCRf-_YoqjPdJ8gfJEfuDQx1rPN_mX9E1SGO6D-mCg4GYQrmMTwl-DQl2VANtF5eA&dbm_d=AKAmf-AtgPVraHCL_0YXdehfN6cyn73ckf12LgjTgFGZ17K91X6GxlDcIHUGDyrsBLBkaEbn1u5Farp0FmBG15SpuQ7NUKIOPbOwNenDtUHnhcsVSrFl6LNhN-xM_izUB4b4wLKljzHtIzvb4sF1lmXHEjWI9gIDCGhTkoexxIu0gW5U1Cp8m2umxf1YSvHy2rEVlIFQIszTuK8UIvoWxgF1xBaZiWpNrf1WfkHwoJxoBXvVF127LPlvfdEFL72zWWeWrxqW7nFYrVfngJ0295-UimzN25f3CJYE2Ik9FMEeT_-HtpiDvmzLX2InHuapdGc2x57cFbdQ9LezfF_oQx8RycmwPEJuIyvDf4JFXWZCUczmMr3d8pOEmjFDkQZOflop_rMg3Fr-F3MHW9aaGVjCg3018iOyDXC8maT8W60zZFnSgoAtlwCjpZ_dY42aJbbmCHKIbu3Uh-gx2uy3_1P0IEgMPM3wZng6ctbgSERTWTIrO47mQ3x5WnCptQKc4RJofrwguZcVr_xBWVgL4jaA4rs51t1ln4_pB0KXIn6-hWVpHAAuKdAhYhldpklkOti37qSaGSdeGA0TESAMcv5OOlMTGM1jFx7YQ_oJNNP7e8InIilFthLUGbR00lFVOGId2v7MiJoGoLFeY459rysgOoQCymAllAwitMTIduHxLtKUw8bUD-79HCwTUJrkIlC9ZyjJYI2akUkCpgD1fZAqCGKzPw65VL_dzzd_Y6X_AC8JiDppKjujC1oW_kK3RjBL-3dgLdNQnF9D4LOMwzTBPMX0GQmiBZvwQTaVlKMEpFOkWeXT8X1MnxRXvUL3sTA5CXtR4EOc8KtLgpHL8yqSRsQpvgTO-4TGQTpgkS9hyvsSeNAVRmQ4NvycB3-Ll0HCmbSCt5JNmrK0ZszehA263CxO4FMoEVD25hQvCioHtl_-o9xw2YDJunLPdtWU_315tbE1WUJVrqn9oX9_ukUjdz13EigemVEJ0cJAtNpuY4aXKDK3keFPjTSVVfPRpUcI4WwyURvFQPyBmqcE3u9mKeXM7ZdNKHNQvy0ir8iLQ-EiB9_kSyVX_4vFFzY3TyldgyQqByUUUOXGBre1EMi0qn474Y1Hg5RLgcumJf2FBbOKHVY7ybmCv9o-hpt5guQluvEEJvG28JUlgGh50ZAhwgXoP9SPUbfi_fZxcEgKEXZqpc7b31tyQwqFwWd9ZUOtcbbUYnb9Wgc_rBhd0Z_EzBSM2d--WvCQ5O-1_-zGtjPIvhSS65xT1oXr_ToeGzlHsKJSJPQ4nxhmYV3co6FZ9volB4-FJpLKyu-IS0qpjKgc3BG0wjJ38NUcIOkvztxbb55lfUrr7ohadtz422xKDe0dQtwUXK5WSZ6wYBLZwppQllJ0X1_3nQ5_8j2b19wOQC3MPYa2O4zHdeAlVJvdIQM09HVlpHB4EJlzcov32HBedr0TG0audtCG_1k7xlHYbt6HQ9UHW9ZLIwYz9EPPd8kllvhlhS5mUrT1IQYY7dnbTurU5B1AOd7p350YgwaHRTPYUXuWq1LqbZGizEjex_eB_-ZhzU8FTK5ZbFqaEkMMzhEqN15d6GYWIRmbHQxEQ2zzi-O6Pi_9OIh7SUEYyquyyn-aUEi0ppCfPWfn-XJXM38CsFXCoPS33YnGTL7A2nJ8Omg6sFW9byeJFWFsVVopeCFw9X64010CPbHWoQAzmjY3oIm5bL9lHdaH-ryPa8AYg8l-R9utccmYISaxIordHqTzXgw0EYYirm3soMBRW8qnUZqjg5YOOiDY-QBEv-qL99oxUBXttzEC24WnraNQ75nVUszr_QBA0OGCye7vtdUbEqiwHNO0QAvG8ZGKbBQuidmeW3bH8tAxnW__2f-jydFrCc8M4sgElpeH01HivWpaSoJl7I5YwdIiYfEQ4BCc3Lpv3EiHY7yiPMsBDQOCd2MYLXkslZfGKsD3QIRch_Ri2eswBffjRIjJg5vyK73dePtDgw_kf9DkJuiGpUz1YdahuGXwBCkhOvyjVYm3pLzJ9VkCdVjTJba4PEJfuKyeuit1UcBbE4FbQJ7LEY6j-7d3TVNrDXeKbon_kawGT35kY8fV3UQz6j9jOz1PSIdTZe8bNq8TZ7-NS2KJ0Gi77lTrkzcMV7YWeQPPOq8DnFqHgCf5wUINsbV0vTdq5jBfjOgJ3nNMaCzRS1Q8gvnkkVmpNeH0Q3cnUeOc5_07HzVToXMdq6pA23jah_Y9TDPp6s4cwZwdxaiqBH2pvJtJBy3Wj67807rzgEI7hGGF_y3VdFAQ-bbUmDJmplBSGbmmADJgYFCJqdsjsq7maZe6r2OXc9CgQcO-VEad7nk8x0GQI3PhTkDBOE1IMH7Hm_fv3MGC9qwXxCUZ8RMjJqDwNTKLBcPnLM4Gwkv_yq2uBCd4LfxexgQ8bKWF5bBuoHpTs-3hGI66ubfPX9_8-quJ0SlYyQ8hFzxrpppA1Cle_ygqViEd8qLcRXHfOQuETcc7nH799gdCodUnYPzCfuJdWoipISWCi-ytcB-G9zxNoFghVZ3MvWhRr_PSN19rYxXdrRTfXIdKB88PRPmG9iD31wxpzb6DqL_cZK-ImB9MjU7Ugfhp9p5qoiilVTS8oEyG08NpyZHbGtHj-0RDYW0BbeNMiIR7kE4SdWxFiiqBCvYrXPZZaheZqMBnNr9EpWH5aZc3uzKakrotMdhgUNpkD8FtYZZthkew1FeSPQkQQoebXgcM2szCpFYP8RfUaok7tYTml2ihUCYW3H5IJ7hVy8sEYk8PompA9e5upgUU8K_qRIHQn_bdyyTTFE218wNkdYKTM2LXsn4cAepgr3G72epF6Z6pzZ6uDNQ8aC4VAdolMorkr1_e-Fbj7ysMtL3TdK0S3byY5T07hJzQkSTmZMbhYWHFFF2UjoEpxix7iAdAb4jt1bc1u6KCsB_sP-E8QZzCPndgvqk1LMiYc4qyYeAZFi-do5Uq3A8AnWQaUWv7-g9WWtYOxlIK6PoUaQ6EEw2moGLiqA0RaI-L4Waf1hmcLshEKr6EsYFkKYNZ_VkRhehPv5JL9PGghRUdkFCvwQFbxP0rtbUKFumpBhIhcXkUQAUbYlmRf6qS13OZHWdDLrV_sFM_TtiMeZvbcrujcIRvkvAgaf6EoernoOnjBffUN657ewCtvv6Q4eIQYyingmXbaxzlw6tZYAIC2_BTNNDTVdXDkwCxn1LbNOjBv0ai0Ver7R7ac7HCiQE9uhecllzQO35qHblJbng8IQ4ih6Y1aN3sZ_s6Kw7wsJZInJOmio_anbycGzVAfwp5w8roX2c5iaMBHWHC0CgYyi5pdhR4p0i-cRrnP3gpFuJ0zsnAE_3f4gBbQM3TPNoh5iyFJZ5xKOVSK_IR7TNP5yrxQuXXkAa3gzjQIgpxBo2jokCPjK3t0x44ULeRyFVCISEKaR9N_ORI48vTUBtr_xzHp7Go1xqkhhmG3pmcKNk-7lsTU7hYnaV1FLomkIYO9fnoev3TFmtOBLoz4Y_LGnLloC5OgKH4HPGOrv5FEh_11-SxHEPRT0qabSAOK64F9uJIcPJI20JRQ7D7C4veVIOsYjk9c8vBC4OWv2aKflDebYKy3DCtf725Sq0nbvScX4P_qwy46LF6GpmjU6z6UENSHchnHzcQOg5ih9PZiHYhDwSrLQ&cid=CAASPeRoeC7AsHCHzTDDUnyv2QV3jlPotRDVruwU8qkzt-hqarhFfoZ0Mejbk7qcB6aeiR1Yf8qFGTrLaxu8CrE&rfl=1%2Chttps%253A%252F%252Fwww.offers.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 07:52:38 GMT

GET
H2 200 11484_Upfield_halfpage_GIF_coffee-crumble-cake_300x600.gif
s0.2mdn.net/10903719/ Frame 0610 112 KB
112 KB 69ms
8ms Image
image/gif 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10903719/11484_Upfield_halfpage_GIF_coffee-crumble-cake_300x600.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ca1e3c4438d0c5d2d7b5f408aa97bf7c85355d8b8f9600cf07e51a60c79c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 15:58:29 GMT
x-content-type-options: nosniff
age: 57792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114328
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:30:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 15:58:29 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 0610 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 07:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 07:57:47 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0610 0
571 B 86ms
50ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjste-6S_B9q2MSh2ShBIjnCF4dQLIVCznCnzTdzmYNSJYHOVmUDfrJuDlw_NtVgXU7Wy6QHpRtmo8-fU4vWEPmIMcofkfWH9c6T3F-ce1BcEiepEIrJk4Evza8mZOHz4Eb3FoNyGLFw_n_5rX8h2XKHal9E_o48UXkaYXJzyN2By1VDb090v6Ib6WKpkh_RtGnJxsCZYh46NF0Vxtu5r7ycgEmuZcjXhGtQ5TGV0evbd278xD5APfbZFgBCr8BQiGofXfuifb9u1933ZnJHLZV-AJHNtj_ftDoQgRR8NGxjFIDw0hOqfdTok-VrJSz2UjpdIVN98oxWkCSyPWVe6jbdoD6NTDQF0tQQtpORiTbIQJsevKvmRfktD7kvAieWwRgd2_eZaFXoCcp-kAkwefdZq19N4Tdni8clZPcF9SL2DfrX0uQGmyjLbNpwMhjTdC-NPrlbNoKLamPIq0EzbrhL71oAOkHvBJBCwL9xVHoAGAMGIGvyyV06AF72sko-FALhl9x8E98RSmcDEKZv2lPjSoJIQabaMf7h5Sjy_dOMkVtYQvVmyd5LIJTDoY6UqLJrNXnTxSjjqNWQstUMz7Npz_6ALYVKPyEXW36W62H3v792RqYB019CJY49o-Ozfx2FsBkUs_q9_PB4LJacz58f_AD_0JgTdTxWgU9IdWZvBfgAHKzKC26qPkAM2mwo813orqo_YWTt_9Egan7PURDLDppP8JdyHewbckrtRaG19Ni-DnU3m_x0tHbgltyfVryfVBcIZvqW03-eU8qO_PhHB-3iKdGH5Ql7odLiTNxn6adN_FkWPaov3IBRdoujRsOCiL8gUX_MJUYb9rUE1rY-GtduZabQ-W00UhI7gg7KoD_aLtWVL69wCHr71t91Lf4XRr8WjnWq_lUpNWgcbFKvag3Gzog_rnybrsLhzNZsY6lnjmdI6rwM0XHaQ6NzSPGO5kFNbzadXMuK8YB-27bzSCT-C0d0q6Go5lhHcoygXb7cgyxs3u2uZ3j51pASEIiU2Y5JDr3vMn4DoKgdfFLIflM3uWUDzzpf-JYtoXKoGqw7rsITeCEauI8AHacCRmb_OcLEIAMVQfwwP06AoC23NZ6kOji2As7IRpDNngZYzh_3JcrKaufL17VeY8WCOZHi0eWo66sCR2kPLp2IJrw&sai=AMfl-YS_E1paD-Iv2i1NIYWEH3Gi7tP2tF4MQ5PKAczrQGNU6GvNk6691nPiZX8Z445OR9NJU2a68zAJ9-dhQIhhdlJxthGZT6FFQW5SKYn-ywZ6irEI07tQs_tRUrS4IFCKW3wVNvktYNUqwz9oroxi894vMOZmuPHrU-yfENr-tmdc1H1NQ1Dbt6u-NRLalkZhozJu9jwJfDnRSkn0w6ko1-Vhtn3ztsWdIFdGHN171w&sig=Cg0ArKJSzDmpiOkcpLB0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211103.27676&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 09 Nov 2021 08:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0610 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 08 Nov 2022 11:10:41 GMT

GET
DATA 200
OK truncated
/ Frame 0610 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70cdce0ef9d3c5674c7229e54fbb0fb7a26857b8619d583fe2bba190eb88e896

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0332 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 08 Nov 2021 11:10:41 GMT
expires: Tue, 08 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 75060
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0332 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:02:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0610 0
23 B 58ms
44ms Ping
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:01:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
231 B 299ms
99ms XHR
text/plain 34.228.50.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.50.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-50-94.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=88919
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
1 KB 7ms
7ms Script
application/javascript 2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: kxx4E1UVMKR1EugdGNILwuU8gT7MpU6Z
last-modified: Mon, 08 Nov 2021 18:14:46 GMT
x-amz-request-id: ND7ASZQ60YBX0SX1
date: Tue, 09 Nov 2021 08:01:41 GMT
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 844
x-amz-id-2: FDCBIboY41mvnLBJL+vVtIdArlajpx8YFDK4BqIR+7/IqFiotz2EamL42pE5HuP94C+c9h7EK78=
expires: Tue, 16 Nov 2021 08:01:41 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 198ms
6ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 09 Nov 2021 08:01:41 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Tue, 16 Nov 2021 08:01:41 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
629 B 6ms
6ms Script
application/javascript 2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6rOAaEDRkMsguQOGJmT3isCtI_cwQNwX
last-modified: Mon, 08 Nov 2021 18:14:40 GMT
x-amz-request-id: ND7C5NTQSJEDW5SJ
date: Tue, 09 Nov 2021 08:01:41 GMT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 335
x-amz-id-2: EOsTiSXEGQ2sMpGQxoUJ1cwR/AXaxx4ojnMPJE6z3qKMLDMkIeHJMLeShCf4ACAsEtqzxYA4EW8=
expires: Wed, 10 Nov 2021 08:01:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 54ms
33ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0692cf2d06338575d2c7f4375bce51f2969829c1845988412bd824ae977b5a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9214
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E733 291 B
590 B 201ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.offers.com&gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 508
date: Tue, 09 Nov 2021 08:01:41 GMT
content-length: 321

GET
H2 200 spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 2 B
392 B 179ms
6ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 09 Nov 2021 08:01:41 GMT
via: 1.1 varnish, 1.1 varnish
age: 66
x-cache: MISS, HIT, HIT
x-app-cache: MISS
x-age: 0
content-encoding: gzip
content-length: 22
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5154-BWI, cache-fra19136-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1636444902.951071,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 3, 5

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 08:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 08:01:41 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 684A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 08 Nov 2021 19:53:47 GMT
expires: Tue, 08 Nov 2022 19:53:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AE06 783 B
967 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c5fb0a9cdd018403ad04b17778a3c4cc5c99ab90554a1a89fc48efd848889fb4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gU82ZxO+OIm/vlgFxaJ2mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 08:01:41 GMT
date: Tue, 09 Nov 2021 08:01:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-gU82ZxO+OIm/vlgFxaJ2mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 30629 Show response
stags.bluekai.com/site/ Frame 1486 71 B
338 B 192ms
162ms Document
text/html 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=offersbrand%3Dstores&phint=bbseg%3D900263&phint=bbseg%3D900331&phint=bbseg%3D900365&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D900374&phint=__bk_t%3DADP%20Promo%20Codes%20%26%20Coupons%202021&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=__bk_v%3D3.1.10&limit=10&r=36894134
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 4d8b
Date: Tue, 09 Nov 2021 08:01:42 GMT
Connection: keep-alive
X-N: S

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 684A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:02:04 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AE06 0
0 59ms
59ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=2138722009280648&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0332 0
58 B 43ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8KZ15SqKYZOnJMn87_UP7eekoAIAAAAAOAHgBAI&bg=!QUKlQgbNAAYH3anuB907ACkAdvg8Wi1E8xKuDUSlLnEHtVdlTXpltV6kI89otFz9kie728oJvK1u6wIAAADlUgAAABVoAQeZAx4TjFh3a6jJC3-ay3KbaiBHlowuV5JwQC-m-6Zzrz2Eteu4qNMkVmhk1jdWcTNZ0kzZ7jtu34k5BdJO4HZaVjkvhgd2t0gV7EBen5y7OLCq9PRHwYtqjMghFkIJuXjR245GSNiU-KuGFG15EFYniLKEg877jajIFCk9KXOKYd_p9TIAk9WW6s5Mzb-mX3sgxf5NfIiXEyrN8mAoFXg66LGeCArRC5EGDYxkcxYlokmcuYwuLoZMYLka7yFWECVui84rWvFQj5vUBd8vzcT8wZFfEDMskmhOrA69bX29OxtaT2cpsnI3VUSi8qKvOTKTKDGuGbrRZLk2Mm2NBqrItGG46o1o9JfnwhuAURBRcUXOPgRrIFku6Pjv1XnmLuRqj8Ybj0u3GGFKwOxe4ua0Im571OIQQs9p3JHaL3lghCDpQqb1x7VsT7wijv18rPnwHWrt7LlfXDV6eKVRw_TRzloWcyozQQhwUEzGwakmNYfri6zmBOShRWF6-u4UEagCFu8WfV5qOIx-T--altLcnavn0A9vHaWiVMKdYE6Z5Em_LkkMwCJGeYTWHmfcDskCxkfhCp546VEk04sAa4pt_Z7wJ1LllIPzMORuBfDuslLdaH9UsX2LitAmTDXkPhfhiSzDH96ZfWoPNiKRnpGLuwkJ9K6wdevoGPxtu-2mYC3GLFlxOvOp_5b9ijOP2VJF14JyNAJCY0kX7EhCcMaV9EMQ9AA9i0EAIS7EguMq6_V7-rq75FoQIJiAlwitX0wBDm7XWet9b3gHhIB0HP9tCAu-JnDR0gIVMc67xdkmjthClegHJ7VPWBTTTmEGaSqB-d8JEuid3GXRCYOLGLjO7FmRxH6eleH6ikITyX9RRVpNtYpI1Qzrt59Y9b7aV2ImfNJmjCLwNGQPq1dO6O0wIII94sCMZ99llLOSRbyS8SnkYNEJ4XowfVNpfbA-JeFi_ednTgr3oKFsVy_F-fJGpURu_VKaGd1cPOgX0_GdSFQZNeBfkh7JZjxV8-Az4MBrpe69kQ7fYh-MqPKInL-rvtD-1cyzjt_WrpK4rKGiTug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=2138722009280648&bg=!PzylPHjNAAYH3anuB907ACkAdvg8Wg5U9uP2t0LOLKcgDHe7IrSidsK2yJOHwEJHVSSkbA07_OzDhQIAAABcUgAAAAtoAQeZArfbWnb-RElPc7u6_laOzapU6cdh15EBmfDFXDwyDw9CZAyETcVRKyrGkb-0ol_OUu6AkRxl2UsWYRxEryBc-9R85Cw9STvOxdFzpdxshz3XOjkrdp_XlHdq5Ydt-yMq7Wx2Ck-eooj1WK3cHKe61UyzbhXWQ4-LHsLD-XOO8QXV3YiZ0Hmfj0rroulZjGBU9eZ4M_hkSZ7XC8TuHzdsoIQuCnSW7471BSJotqz0B2QxZmbKtQf9rnqaMTq2oBqyATdSG6831Ooy1jbIpowGvey76gYK7hrFjbfeoCiDN-sK17R3RGNO2SuKKGfsv7FMiXU81SzYCnxctb1ZqRUtWzK2NCSa7e1-gm9QtmSvq4-buLlatCRCnJZJqowAEUdfFQhuCJ-TAEKMrq4uO_N4B-Sw4k3Dx0hSzUwPPREYX_5-07Vq_-KgJXYuQ-CiM3hlV5wlDKFvRmyBVLXDY1nZVGBINUj0Hq9x_mYli6DqbSigk6lU1ckR7rNGp0Ux__vZHofkqqYgEJ3XxY9ADlSJcx28YfildT3BfX3gx8huy6nnZtfAUFNNmZfjTUM7ASVjtcX2QApwcEsuDATt_ZdFpUblavkqVEXPnpxjl1DXfiO1oEzQpxbbknUupRr3620xlZ2vDNmI57Z29hAQ7B5rK3sqiQTzrbN9lO0CI6mxdCCnaFxwaBN9AA7F1ueUoBfgs212MNCEmsOqRHxdUaODTpllDi62SORdwzKdnbwFuBn3eQzqYLs9XGs6IMN_2K2phwDP0PQ6WCKFCNVA_JVfJ2eeh60lLkdAGSWZarvE8uaFdxNknGArERxCUubq-4oEmAGwEBR-WyEjCqj2q0PsC8LGgkmeOAE5MF1sibR6uVZZU7gElwC4a4jkLfJ_glVC1wzZyvCkQXv948vqHkEaGNXK7EuRZ81wEw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check_c Show response
zdbb.net/ 0
230 B 29ms
29ms XHR
text/plain 52.18.143.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zdbb.net/check_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.143.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:42 GMT
server: Ziff Davis BuyerBase
p3p: CP="ALL DSP COR NID"
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 0
expires: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBSSNEsgQGgQ918ltU1GuoA&google_cver=1&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA

43 B
114 B

19ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBSSNEsgQGgQ918ltU1GuoA&google_cver=1&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:44 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 08:01:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBSSNEsgQGgQ918ltU1GuoA&google_cver=1&gdpr=1&gdpr_consent=BO3ulHHO3ulQVASABAENDWAAAAAyOAAA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.offers.com/	1969-12-31 23:59:59	Name: psid Value: e8fa86d5933bac270b9cac65c70460cf202ab269
www.offers.com/	1970-01-20 15:21:57	Name: ovt Value: 1636444899%7C1636444899%7C1636444899
.www.offers.com/	1970-01-20 15:22:01	Name: ouid Value: 1715936847415608363%26c100df12da319d43800097152e1cc901de6729bddfd1a8653f22b818f868f792
.www.offers.com/	1970-01-19 22:34:08	Name: osvt Value: 1715936847417705517%2C%2C1636448499%269aebddae60af843a614618d19a03348afd15c63fea8fd19639c33b9e9ce83ba7
.offers.com/	1970-01-19 22:34:06	Name: __cf_bm Value: YanGqTlyrY7tnjPQ56hXqO6LjEX83GJp_n_YVtAUNJo-1636444900-0-ASMgqREYId7hTbunZoqPQLJ0bMTcOOVm0GpAWzpJGK/ZWe5VNenFXXqSLpqmvpaA8quf7WxA8BTD/CWZBXe2Svw=
www.offers.com/	1970-01-19 23:17:16	Name: fu Value: 1
.offers.com/	1970-01-19 22:35:31	Name: _gid Value: GA1.2.2106630830.1636444901
.offers.com/	1970-01-19 22:34:04	Name: _gat Value: 1
.openx.net/	1970-01-20 07:19:40	Name: i Value: b2293410-5e8a-0d59-0156-94e27748abfd\|1636444900
.bing.com/	1970-01-20 07:55:40	Name: MUID Value: 1AC0D1C263B067491DD6C12862DB66FD
.offers.com/	1970-01-20 16:05:16	Name: _ga_H8B8R34YCC Value: GS1.1.1636444900.1.0.1636444900.0
.offers.com/	1970-01-20 16:05:16	Name: _ga Value: GA1.1.220342062.1636444901
.offers.com/	1970-01-19 22:35:31	Name: _uetsid Value: 45826fb0413311ec94f1c74dea512d79
.offers.com/	1970-01-20 07:55:40	Name: _uetvid Value: 45827ef0413311ecbe4d4364403979d4
.offers.com/	1970-01-20 07:55:40	Name: __gads Value: ID=4982bdd7c7b937f6-2280416d3dcb00e0:T=1636444900:S=ALNI_MZch3zG3FpNtiQ0VkPPvAaHbS2B8w
www.offers.com/	1970-01-20 02:53:16	Name: h_zdbb Value:
.doubleclick.net/	1970-01-20 07:55:40	Name: IDE Value: AHWqTUmTRLFAdUvvsEffwIVar0winRJWMTfHBUTQQF4l-Rc9kQFHtyuWr4moiQ0G4v8
.offers.com/	1970-01-19 23:17:16	Name: zdbb_swap_ofrs_id Value: 1
.openx.net/	1970-01-19 22:55:40	Name: pd Value: v2\|1636444904\|gu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8d6f59e7001c1b99e2d2e4e9ca0b0d7d.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bat.bing.com
bidder.criteo.com
c.amazon-adsystem.com
c.evidon.com
cdn.id5-sync.com
cdn.krxd.net
cdn.static.zdbb.net
cdn.ziffstatic.com
cm.g.doubleclick.net
eu-u.openx.net
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
gurgle.offers.com
gurgle.zdbb.net
htlb.casalemedia.com
id5-sync.com
jogger.zdbb.net
l.evidon.com
pagead2.googlesyndication.com
preferences.truste.com
privacy-policy.truste.com
s0.2mdn.net
securepubads.g.doubleclick.net
sgi.offerscdn.net
sgi1.offerscdn.net
sgi2.offerscdn.net
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
tags.bkrtx.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.offers.com
zdbb.net
zdstatic.offers.com
ziffdavis-d.openx.net
104.111.215.191
104.111.228.137
104.111.244.187
104.16.177.182
142.250.184.194
142.250.186.130
142.250.186.98
143.204.95.188
143.204.98.88
151.101.66.133
178.250.2.131
18.208.45.198
2.16.186.144
2.21.111.28
2602:803:c003:200::61
2606:4700::6812:9d32
2606:4700::6812:9e32
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:801::2006
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:400c:c06::9b
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00::210:bb32
34.228.50.94
35.244.159.8
46.105.202.126
51.89.21.31
52.18.143.209
54.221.113.126
54.82.206.153
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
04d26958916afa20fd0f761c080aa2e10cf589469e22969e3039d04503a381c2
0692cf2d06338575d2c7f4375bce51f2969829c1845988412bd824ae977b5a7b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
1706d01dbd84a55dd4207b31a852e40505d043e93aa665036dd646f105ed1e25
19ff7c66b66c944275642b55491e432a38242f8ab90574c92db16265b176aae8
1b7e10f6dbcacd83aaa2d83e2f890559da16170b08b02326f525cb1ff037b21d
22f7779c76cf9ae072762bb39b9b8387ad3998d5aac01494fed7e7067d5ac1b2
23b07dfcfc6cf6316125602e1a5fd2b8c3152d84214c22a49480a998a561f3a8
2961e633fb39fe8c91ac7abd6ec011933478e58dff1e944924568f9cdddec7ec
29dda18f6261f5a6ff937b91d987339bce7e0b278ecd2a9efe55d9dd6ce46d08
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c
3847b1c31663d53c1518509c0eac2d5902f4b20ecd2cc64b63416a009b8a2937
3d1ca10f6b7666e93d493bfb6a6748f380addb42602ee797994469c077c24837
400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4afdd62268fbd733c37ba28eca7c52d66fdabc1afe917cdf153cba10e5e78917
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07
4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5151512e41d928efb1bf655781fe03a7e38c19ca1e47cbe2a32f846fc30f0b93
51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
54770fd1905812ea13a16abc2bb89af06ead2097a4c48539db49fed73b8d095e
54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766
59325233d4da0df44b74193780f56b1c0e18574bdf2234e4fd668301f1bdfd88
5cb288f2d943c13ad207761ea04a93e006a96258ec34a378cae81788ea851e30
5e6732fbbd326ab5763a6d6a1d6cda86ad27ddc9d53827e2c4524eb1982d4b29
606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6272ec49897dd66adffcd4d8aab3a7085ecc2f9964adc4863cb0189af5a122bf
65aae457eea154a8824bf40c7051a4d712c0c73bb570f8fc0e9c9be03b5b63b6
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6
70cdce0ef9d3c5674c7229e54fbb0fb7a26857b8619d583fe2bba190eb88e896
7217dd7bb4ee20316074b91a71a46f16641df9364cc89373389c2f28fbe7fd69
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78604b53d740442b5b8a5d692567f70f46f6e284118ab6db94a46641672f3954
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
883263abd92e9a94e5d2a961fc4e1e5419b399b106e1b7dbfd14cb544264be54
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8d64d95a0fb2d3628a4ced061ae1771200463d73f39085840ef7d06605ffc3e6
8eb8fa5598a41dae8756a3628fb36f944e7b26331912096d79502d4e2bd2f80f
9084b24863c91948a8a44b2143b64cd4d9c72ac1f796f1f3243f9e1aca80b1d7
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9fc42f2f5ac3e38fe0f34ef2f7527b3b15e36597d9538253a5ae885541fecd98
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9e605a47de2cf6e48e1c1e748eede1219d27129ab3d898db9231c37ad05363d
ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c34257191578413053e873d1fa797b8efc2338cfa1d6f82212e81826ab9cdff6
c5fb0a9cdd018403ad04b17778a3c4cc5c99ab90554a1a89fc48efd848889fb4
c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258
ca70d63095e7c4605d868283368aaea6edf6f6a984509029636bc792494212bc
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
ce7e9282df3c08bfa6a7e62a17f338dae0495eb9aeac22b52759997521a19c3e
ceb037bf695a81081fcbdd36b6a30a16d0b58e32559e51887f041637361e35fe
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d2f76a7d66919fa3aaf5f756c14aa9d23a18293af4a335451a6658aed9de81d9
d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457
da5523987f1aa265f170cf27232c760db70775bb65e604ce85a4b1ab2ce74dad
dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245
de63a48285f41e3f8dbb973a3dcb565970373cf19ba675b58df27037442732da
de6fc7b00f23c65bd792ef01e6adf3002fa8ad5e18abeae38c6aebeef644393c
e0dbca8e9a50d07acf3470a6677d1926501779109c33e0fe7d1ff90c10b63f34
e1ca1e3c4438d0c5d2d7b5f408aa97bf7c85355d8b8f9600cf07e51a60c79c93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ebe3af23c2776006b0c2c10b497d43476b6904013cbcbeb4d1247bb72ef16d3c
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00fc1c53cf52673aaf10bc0d0702a92a71aa5a5a56377c096be5f9191da3772
f150dfeb4a0e6537529a23567ac44f32145446404e72f11e30c3114fc9bbf5be
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fb6a19dc762d76e22c743e22acced2cd38c0eb9852f4765df8de2e75aefb30e7
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

www.offers.com Open in urlscan Pro 104.16.177.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

115 Requests

97 %HTTPS

49 %IPv6

26 Domains

47 Subdomains

41 IPs

8 Countries

1694 kBTransfer

4041 kBSize

19 Cookies

11 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.offers.com Open in urlscan Pro
104.16.177.182 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

97 %
HTTPS

49 %
IPv6

26
Domains

47
Subdomains

41
IPs

8
Countries

1694 kB
Transfer

4041 kB
Size

19
Cookies

115 HTTP transactions
1 data transactions