www.offers.com Open in urlscan Pro
104.16.177.182 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.offers.com/stores/adp/
Submission: On November 06 via api (November 6th 2021, 4:50:32 pm UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 27 domains to perform 133 HTTP transactions. The main IP is 104.16.177.182, located in and belongs to CLOUDFLARENET, US. The main domain is www.offers.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	104.16.177.182 104.16.177.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 6	2.16.186.144 2.16.186.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:9e32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:9f32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:a032	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.98.113 143.204.98.113	16509 (AMAZON-02) (AMAZON-02)
2	104.111.244.187 104.111.244.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	184.73.53.228 184.73.53.228	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 1	34.228.209.86 34.228.209.86	14618 (AMAZON-AES) (AMAZON-AES)
1	54.82.206.153 54.82.206.153	14618 (AMAZON-AES) (AMAZON-AES)
1	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	18.208.45.198 18.208.45.198	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	51.195.5.45 51.195.5.45	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c02::9b	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	34.194.37.39 34.194.37.39	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.228.137 104.111.228.137	16625 (AKAMAI-AS) (AKAMAI-AS)
3	52.18.143.209 52.18.143.209	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
133	41

22 104.16.177.182 (None, )

ASN13335 (CLOUDFLARENET, US)

www.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00::210:bb40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.ziffstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.16.186.144 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-144.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdstatic.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:9e32 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi2.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9f32 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi3.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sgi1.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:a032 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.244.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-244-187.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.73.53.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-53-228.compute-1.amazonaws.com

preferences.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.209.86 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-209-86.compute-1.amazonaws.com

gurgle.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.206.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-206-153.compute-1.amazonaws.com

gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ziffdavis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.208.45.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-45-198.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d63d482ff40ce45a6128b14383d511b1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.45 (France)

ASN16276 (OVH, FR)
PTR: p39.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.37.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-37-39.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.18.143.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	offers.com 2 redirects www.offers.com zdstatic.offers.com gurgle.offers.com	720 KB
23	googlesyndication.com d63d482ff40ce45a6128b14383d511b1.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	280 KB
13	offerscdn.net sgi2.offerscdn.net sgi3.offerscdn.net sgi.offerscdn.net sgi1.offerscdn.net	37 KB
10	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	185 KB
9	zdbb.net 1 redirects cdn.static.zdbb.net gurgle.zdbb.net jogger.zdbb.net zdbb.net	27 KB
6	google.com adservice.google.com www.google.com	3 KB
6	ziffstatic.com cdn.ziffstatic.com	187 KB
5	evidon.com c.evidon.com l.evidon.com	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	59 KB
4	amazon-adsystem.com c.amazon-adsystem.com	5 KB
3	google.de adservice.google.de www.google.de	1 KB
3	bing.com bat.bing.com	11 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	criteo.net static.criteo.net	54 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	id5-sync.com cdn.id5-sync.com id5-sync.com	11 KB
2	googletagmanager.com www.googletagmanager.com	113 KB
2	openx.net ziffdavis-d.openx.net u.openx.net	479 B
2	criteo.com bidder.criteo.com gum.criteo.com	777 B
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	35 KB
2	truste.com privacy-policy.truste.com preferences.truste.com	12 KB
1	googleadservices.com partner.googleadservices.com	247 B
1	bluekai.com stags.bluekai.com	337 B
1	krxd.net cdn.krxd.net	393 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	casalemedia.com htlb.casalemedia.com	372 B
1	rubiconproject.com fastlane.rubiconproject.com	904 B
133	27

	Domain	Requested by
22	www.offers.com	www.offers.com ajax.googleapis.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net
8	sgi.offerscdn.net	www.offers.com
6	securepubads.g.doubleclick.net	www.offers.com securepubads.g.doubleclick.net www.googletagservices.com
6	cdn.ziffstatic.com	www.offers.com zdstatic.offers.com cdn.ziffstatic.com
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
4	c.amazon-adsystem.com	cdn.ziffstatic.com
4	cdn.static.zdbb.net	1 redirects www.offers.com cdn.static.zdbb.net
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	zdbb.net	cdn.static.zdbb.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.offers.com
3	l.evidon.com	www.offers.com
3	www.google-analytics.com	www.offers.com www.google-analytics.com www.googletagmanager.com
3	sgi2.offerscdn.net	www.offers.com
2	static.criteo.net	cdn.ziffstatic.com static.criteo.net
2	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.googletagmanager.com	www.offers.com www.googletagmanager.com
2	zdstatic.offers.com	1 redirects www.offers.com
2	c.evidon.com	www.offers.com zdstatic.offers.com
1	u.openx.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	gum.criteo.com	static.criteo.net
1	stags.bluekai.com	tags.bkrtx.com
1	cdn.krxd.net	cdn.static.zdbb.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	d63d482ff40ce45a6128b14383d511b1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	www.offers.com
1	htlb.casalemedia.com	cdn.ziffstatic.com
1	ziffdavis-d.openx.net	cdn.ziffstatic.com
1	bidder.criteo.com	cdn.ziffstatic.com
1	fastlane.rubiconproject.com	cdn.ziffstatic.com
1	gurgle.zdbb.net	www.offers.com
1	gurgle.offers.com	1 redirects
1	preferences.truste.com	www.offers.com
1	ajax.googleapis.com	www.offers.com
1	privacy-policy.truste.com	www.offers.com
1	sgi1.offerscdn.net	www.offers.com
1	sgi3.offerscdn.net	www.offers.com
133	48

This site contains links to these domains. Also see Links.

Domain
www.creditcardsexplained.com
www.ziffdavis.com
www.facebook.com
pinterest.com
twitter.com
www.instagram.com
flipboard.com
privacy.truste.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2021-03-03` - `2022-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
cdn.id5-sync.com R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.zdbb.net Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
zdbb.net Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.offers.com/stores/adp/
Frame ID: 40460B38B20F0C4300B30947C3410490
Requests: 93 HTTP requests in this frame

Frame: https://d63d482ff40ce45a6128b14383d511b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5753C3D889C1BEE1A069164A59B9F668
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DA146893785F1C1D171581ADE931E98B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E67DF3DB4B83AD137EE331CE5481D03B
Requests: 2 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=offersbrand%3Dstores&phint=bbseg%3D900263&phint=bbseg%3D900331&phint=bbseg%3D900365&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D900374&phint=__bk_t%3DADP%20Promo%20Codes%20%26%20Coupons%202021&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=__bk_v%3D3.1.10&limit=10&r=58321939
Frame ID: E6073F52F89C1797F9917ECC7008A4BC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspFiXMAYngcgcw0Eq9WrQiZNh1jVlH20toZ5JnCpM_AhYpXYR5SGBQzYbDbivdNz1z0e6wMcfMYqf5woiACwYFGYFgLk2I593ZJqYK3mjXqETNxoDDjAeaF_LR1pB6W69duugtP-8QQVNrLc6Js39O5_AlP-SZjKGJUfsEupwdtJec9Qrb6IfGO8-FIGOB3y-jvYc5keU7gB36zh0ksjGxXRoZDIH0hZdZ8zHbjQqo7PUznjFIen4uD2Mf5gmLPu1BXLDp9ieBv5h_A_fidDQn0cemXmwi2nu-ayHG0GEhHuCXAECxMTyKVN3LzQ&sai=AMfl-YSRBHwaRUx9IAvklC1dBuDW7OFn7Q8nZ43CIdUzaFa5qrmOvyT_FtaN14dwP-RFMR_GRimmUh89vSYn3HujYaj4Vhcm2v9rHyn9GnKdl9vAEy-7xUAYpovykmLm-OU&sig=Cg0ArKJSzGNEpG5t_RVfEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BD42A8C98DB2F5995CCFF026EFB1BC2D
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.offers.com&gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA
Frame ID: 81E5C1C4F87340ADA2FE6F5BC226A0FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: B05EB810BACA1013DFAE6D5E5DB3AE53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046727&pi=t.ma~as.9214123897&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636217427869&bpp=4&bdt=213&idt=134&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&cookie=ID%3D3b675e7634e539ad-226d626937cb00f9%3AT%3D1636217427%3AS%3DALNI_MYq-KqzwWdXVZA6Q7L6HhKzidY0pQ&correlator=7129260672748&frm=23&ife=4&pv=2&ga_vid=859801229.1636217427&ga_sid=1636217428&ga_hid=1392140432&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=188&ady=920&biw=1600&bih=1200&isw=300&ish=250&ifk=3833888290&scr_x=0&scr_y=0&eid=31063393%2C31063395%2C44753743%2C31060566&oid=2&pvsid=884351712176583&pem=662&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.giobachsdphc&fsb=1&dtd=169
Frame ID: 62701F3FE7E322EF576A0E257D83F04B
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 10258EA63A6F247274BB141F648C16BD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 088DDDCF53120044EAF09D1EA8629A19
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js
Frame ID: DA1222A5729846C80D566CF5D48F2E23
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADP Promo Codes & Coupons 2021

Page Statistics

133
Requests

98 %
HTTPS

51 %
IPv6

27
Domains

48
Subdomains

41
IPs

7
Countries

1855 kB
Transfer

4598 kB
Size

17
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.creditcardsexplained.com/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/terms-of-use
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.creditcardsexplained.com/articles
Title: Credit Card Blog

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/accessibility
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: http://www.facebook.com/OffersDOTcom

Search URL Search Domain Scan URL

URL: http://pinterest.com/Offerscom/

Search URL Search Domain Scan URL

URL: https://twitter.com/offers

Search URL Search Domain Scan URL

URL: https://www.instagram.com/offerscom/

Search URL Search Domain Scan URL

URL: https://flipboard.com/@offersdotcom

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 25

https://zdstatic.offers.com/jst/zdconsent.js HTTP 302
https://zdstatic.offers.com/jst/eu/zdconsent.js

Request Chain 41

https://gurgle.offers.com/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fp=1 HTTP 302
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1

133 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.offers.com/stores/adp/ 37 KB
8 KB 396ms
367ms Document
text/html 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323b59663dd6ccea0e6a32d20f69ef92f9065ce104651ab2712e286c6c49958c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6a9fd223fe592bad-FRA
content-encoding: gzip

GET
H2 200 vendor.css
www.offers.com/assets/v1634679975/ 48 KB
10 KB 19ms
19ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/vendor.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1537300
cf-polished: origSize=48922
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:30 GMT
server: cloudflare
etag: W/"61647a92-bf1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6a9fd2267a952bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 base.css
www.offers.com/assets/v1634679975/ 136 KB
27 KB 27ms
26ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ff7c66b66c944275642b55491e432a38242f8ab90574c92db16265b176aae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1537300
cf-polished: origSize=139160
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:55 GMT
server: cloudflare
etag: W/"61647aab-21f98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6a9fd2267a992bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 base-async.css
www.offers.com/assets/v1634679975/ 4 KB
1 KB 20ms
19ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base-async.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1537300
cf-polished: origSize=3838
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:59 GMT
server: cloudflare
etag: W/"61647aaf-efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6a9fd2267a9b2bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 merchant.css
www.offers.com/assets/v1634679975/ 19 KB
4 KB 19ms
18ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/merchant.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9084b24863c91948a8a44b2143b64cd4d9c72ac1f796f1f3243f9e1aca80b1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 877142
cf-polished: origSize=19335
cf-bgj: minify
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 21:46:52 GMT
server: cloudflare
etag: W/"616f3ccc-4b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6a9fd2267a9f2bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 offers.js Show response
cdn.ziffstatic.com/pg/ 34 KB
13 KB 60ms
19ms Script
application/javascript 2a02:26f0:6c00::210:bb40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/pg/offers.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 883263abd92e9a94e5d2a961fc4e1e5419b399b106e1b7dbfd14cb544264be54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: mkRjMmIqb2XdYHSLQdUv6qy.TrBEOOV0
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 17:51:20 GMT
x-amz-request-id: 9FFB9MDY7JFS32C2
etag: "eba1c038581b8e4b7265e90341d8fad1"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=3600
date: Sat, 06 Nov 2021 16:50:26 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 12852
x-amz-id-2: d+lSFWFssIB6pyZN7HpZLPWMvwyTpMEKsBe2kRhZJtxkT9vRi+kIqsdpxSNDNBv9x3ivJbFOFGs=
expires: Sat, 06 Nov 2021 17:50:26 GMT

GET
H2 200 offers.prebid.js Show response
cdn.ziffstatic.com/pg/ 440 KB
130 KB 52ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4afdd62268fbd733c37ba28eca7c52d66fdabc1afe917cdf153cba10e5e78917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: lEZgzmQYfc60X8_qnlR5TKpRk26cMEku
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 18:02:30 GMT
x-amz-request-id: 7BD1Z5PY02TA3GBD
etag: "bb0693e5dfb463161e804085c8b8c389"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58398
date: Sat, 06 Nov 2021 16:50:26 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 132042
x-amz-id-2: ZaShx1yP09ixVMFO1EllFpPRL8rXHVviIRcmUKqh+U1RQ+jW2h6/4GHM7/JhyFBc1XjPQcIxOOA=
expires: Sun, 07 Nov 2021 09:03:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 50ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1035 / 297 of 1000 / last-modified: 1636149938"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27044
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 16:50:26 GMT

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

87 KB
25 KB

7ms
7ms

Script
application/javascript

2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c82d3097f5cfa264b952d228a0ce41fe977cb4a03e10c6e664ef306448b84cfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: sU2ZvtY4IoJV3c6_FS8rj1iFOg.x.k4j
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 15:05:49 GMT
x-amz-request-id: 4ZA8KQKN9XFZNBYX
date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24982
x-amz-id-2: UPw2cYG/huL3oFRoXkmqvcwn01PeKxXdR7o0nZ6+NnIIWusg+JKhakAkdUtWFjGQVPuVdu3BAaU=
expires: Sun, 07 Nov 2021 16:50:27 GMT

Redirect headers

location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
date: Sat, 06 Nov 2021 16:50:26 GMT
cache-control: max-age=86400
core-eu: Yes
content-length: 0
expires: Sun, 07 Nov 2021 16:50:26 GMT

GET
H2 200 logo.svg
www.offers.com/images/v1634679975/ 12 KB
4 KB 37ms
34ms Image
image/svg+xml 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1634679975/logo.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2961e633fb39fe8c91ac7abd6ec011933478e58dff1e944924568f9cdddec7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 15:09:29 GMT
server: cloudflare
age: 1537236
etag: W/"60e71529-2e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
strict-transport-security: max-age=31536000
cf-ray: 6a9fd2268ac62bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 604.v123.png
sgi2.offerscdn.net/i/production/published/5/topnav_image/ 2 KB
3 KB 47ms
18ms Image
image/webp 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/5/topnav_image/604.v123.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54770fd1905812ea13a16abc2bb89af06ead2097a4c48539db49fed73b8d095e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
vary: Accept
cf-cache-status: HIT
age: 81009
cf-polished: origFmt=png, origSize=3561
content-disposition: inline; filename="604.webp"
content-length: 2296
last-modified: Fri, 05 Nov 2021 18:20:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226ad0805bf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 606.v121.png
sgi3.offerscdn.net/i/production/published/5/topnav_image/ 2 KB
2 KB 50ms
16ms Image
image/webp 2606:4700::6812:9f32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi3.offerscdn.net/i/production/published/5/topnav_image/606.v121.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9f32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa2961dca0fae46e77063185d3e1da5507e47055a9fd1922d99bed618877d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 78046
cf-polished: origFmt=png, origSize=3608
content-disposition: inline; filename="606.webp"
content-length: 2104
last-modified: Fri, 05 Nov 2021 19:09:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226bdc60621-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 023WOEB8HmIjus0qt9cQuqx.h90.w170.flpad.v28.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 10 KB
10 KB 69ms
30ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/023WOEB8HmIjus0qt9cQuqx.h90.w170.flpad.v28.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

096dd5f3c64ba1a39f37efbca3dd8f7e39a1f6810538d378d2e5035d9d342fa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 28787
cf-polished: origFmt=png, origSize=14165
content-disposition: inline; filename="023WOEB8HmIjus0qt9cQuqx.webp"
content-length: 10106
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226badf5c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 1087871.h80.w140.flpad.v15.bffffff.jpg
sgi1.offerscdn.net/i/production/published/4/image/ 2 KB
2 KB 50ms
19ms Image
image/jpeg 2606:4700::6812:9f32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi1.offerscdn.net/i/production/published/4/image/1087871.h80.w140.flpad.v15.bffffff.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9f32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3847b1c31663d53c1518509c0eac2d5902f4b20ecd2cc64b63416a009b8a2937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 28786
cf-polished: status=not_needed
content-length: 1984
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226a9fc074a-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 48.h60.w60.flim.v1.jpg
sgi2.offerscdn.net/i/production/published/141/image/ 2 KB
2 KB 48ms
19ms Image
image/jpeg 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/141/image/48.h60.w60.flim.v1.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cb288f2d943c13ad207761ea04a93e006a96258ec34a378cae81788ea851e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 746804
cf-polished: status=not_needed
content-length: 1542
last-modified: Fri, 29 Oct 2021 01:23:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
expires: Sun, 06 Nov 2022 16:50:26 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226ad0b05bf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 36.h60.w60.flim.v1.jpg
sgi2.offerscdn.net/i/production/published/141/image/ 1 KB
2 KB 51ms
22ms Image
image/jpeg 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/141/image/36.h60.w60.flim.v1.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7999a7f666379585be32c7a0d461b6bf438e9f36dde0fd5c20422bb874c6c4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 200682
cf-polished: status=not_needed
content-length: 1494
last-modified: Thu, 04 Nov 2021 09:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226ad0c05bf-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 02r13VaP3HsZe2Xgxcgango.h90.w134.flpad.v260.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
3 KB 56ms
18ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02r13VaP3HsZe2Xgxcgango.h90.w134.flpad.v260.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65aae457eea154a8824bf40c7051a4d712c0c73bb570f8fc0e9c9be03b5b63b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 715598
cf-polished: origFmt=png, origSize=3683
content-disposition: inline; filename="02r13VaP3HsZe2Xgxcgango.webp"
content-length: 2528
last-modified: Fri, 29 Oct 2021 10:03:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226bae65c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 01Z9Y1nEbhzHVHVugGY8cJZ.h90.w134.flpad.v116.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 3 KB
4 KB 57ms
19ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/01Z9Y1nEbhzHVHVugGY8cJZ.h90.w134.flpad.v116.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d64d95a0fb2d3628a4ced061ae1771200463d73f39085840ef7d06605ffc3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 28787
cf-polished: origFmt=png, origSize=5486
content-disposition: inline; filename="01Z9Y1nEbhzHVHVugGY8cJZ.webp"
content-length: 3502
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226bae85c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 02Owc5Scp8XPPxwXylqqI3J.h90.w134.flpad.v138.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 1 KB
2 KB 48ms
23ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02Owc5Scp8XPPxwXylqqI3J.h90.w134.flpad.v138.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04d0a516e29de19b229e7a14a0039d2c9559d4773b7bba32f98f7129be046795

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 28787
cf-polished: origFmt=png, origSize=2609
content-disposition: inline; filename="02Owc5Scp8XPPxwXylqqI3J.webp"
content-length: 1482
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226baec5c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 01cvmMLT9dy242wSb8auX2H.h90.w134.flpad.v52.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 1 KB
2 KB 15ms
15ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/01cvmMLT9dy242wSb8auX2H.h90.w134.flpad.v52.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de38c204cb76dba1df84122c0a6724a4d4566d3d2e6f29ee27bb0bdbc8714d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 28787
cf-polished: origFmt=png, origSize=2121
content-disposition: inline; filename="01cvmMLT9dy242wSb8auX2H.webp"
content-length: 1210
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226baee5c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 03fd4hd63sRglytbFvf2pSZ.h90.w134.flpad.v12.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 3 KB
3 KB 28ms
27ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/03fd4hd63sRglytbFvf2pSZ.h90.w134.flpad.v12.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2ce0657e9c7590d4e98ad2135679abc7d433d198ac1f7fab35357c7bd5c55b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 28787
cf-polished: origFmt=png, origSize=4706
content-disposition: inline; filename="03fd4hd63sRglytbFvf2pSZ.webp"
content-length: 2596
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226baef5c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 073LZ4sVmApkG8dOJjb3hTj.h90.w134.flpad.v70.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 20ms
19ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/073LZ4sVmApkG8dOJjb3hTj.h90.w134.flpad.v70.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be8087685c8b551246e730cbc2a2578dbb3f827ef2cf301bb905ea2f243e4cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 28787
cf-polished: origFmt=png, origSize=4070
content-disposition: inline; filename="073LZ4sVmApkG8dOJjb3hTj.webp"
content-length: 2228
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226baf15c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 05Vna0u5ROfQ5XgDugnuP3E.h90.w134.flpad.v17.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 18ms
18ms Image
image/webp 2606:4700::6812:a032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/05Vna0u5ROfQ5XgDugnuP3E.h90.w134.flpad.v17.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:a032 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8293f341723abb87f312d3f3f323cc1bfe181c9e0548e6a036658e5c24ce02fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept
cf-cache-status: HIT
age: 28787
cf-polished: origFmt=png, origSize=3891
content-disposition: inline; filename="05Vna0u5ROfQ5XgDugnuP3E.webp"
content-length: 1710
last-modified: Sat, 06 Nov 2021 08:50:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226baf35c26-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 logo-teal.svg
www.offers.com/images/v1634679975/ 12 KB
4 KB 59ms
58ms Image
image/svg+xml 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1634679975/logo-teal.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1ca10f6b7666e93d493bfb6a6748f380addb42602ee797994469c077c24837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 15:09:29 GMT
server: cloudflare
age: 1537236
etag: W/"60e71529-2e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
strict-transport-security: max-age=31536000
cf-ray: 6a9fd2268ac72bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 11 KB
11 KB 48ms
9ms Image
image/svg+xml 143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-113.fra50.r.cloudfront.net

Software

TXS /

Resource Hash

4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 01:26:31 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 141835
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10781
X-Xss-Protection: 1; mode=block, 1; mode=block
Server: TXS
ETag: W/"10781-1594834140000"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=0
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: RC89ktmmdw_tzoOcgjicjD3Af_REX0f13vz62tQNsi1wdFDw0rXPZw==

GET
H2 200 icong1.png
c.evidon.com/pub/ 600 B
907 B 36ms
6ms Image
image/png 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/icong1.png
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 16:14:21 GMT
server: AkamaiNetStorage
etag: "d08da9f445b63100a56646de99043059:1558455261"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 623

GET
H2

200

zdconsent.js Show response
zdstatic.offers.com/jst/eu/
Redirect Chain

https://zdstatic.offers.com/jst/zdconsent.js
https://zdstatic.offers.com/jst/eu/zdconsent.js

32 KB
12 KB

7ms
6ms

Script
application/javascript

2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://zdstatic.offers.com/jst/eu/zdconsent.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8eb8fa5598a41dae8756a3628fb36f944e7b26331912096d79502d4e2bd2f80f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: XI4MRnW8fEvSZSMRNn0rpRsZzmRxhIgp
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 14:10:42 GMT
x-amz-request-id: VBQRXVQJQ77KCDKE
etag: "e6782b472f914d84b8e243f5477ff372"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Sat, 06 Nov 2021 16:50:27 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 11475
x-amz-id-2: GTAqh5PTjOlf6ldSYuInf61cpWyzXQXX6lICvBilOSFzibOeSAISRE1w1XcQPlJxwxPQHtn3Pxs=
expires: Sun, 07 Nov 2021 16:50:27 GMT

Redirect headers

location: https://zdstatic.offers.com/jst/eu/zdconsent.js
date: Sat, 06 Nov 2021 16:50:27 GMT
cache-control: max-age=86400
content-length: 0
expires: Sun, 07 Nov 2021 16:50:27 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 21:08:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 02 Nov 2022 21:08:41 GMT

GET
H2 200 js Show response
preferences.truste.com/webservices/ 3 KB
1 KB 325ms
102ms Script
text/javascript 184.73.53.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences.truste.com/webservices/js?&domain=ziffdavis.com&type=ziffdavis&js=2
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.73.53.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-73-53-228.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
server: Apache/2.4.7 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1106
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vendor.js Show response
www.offers.com/assets/v1634679975/ 177 KB
54 KB 34ms
31ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/vendor.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f150dfeb4a0e6537529a23567ac44f32145446404e72f11e30c3114fc9bbf5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1537300
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:34 GMT
server: cloudflare
etag: W/"61647a96-2c290"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6a9fd2268ac02bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 base.js Show response
www.offers.com/assets/v1634679975/ 45 KB
11 KB 25ms
21ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da5523987f1aa265f170cf27232c760db70775bb65e604ce85a4b1ab2ce74dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1537299
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:56 GMT
server: cloudflare
etag: W/"61647aac-b333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6a9fd2268ac12bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 merchant.js Show response
www.offers.com/assets/v1634679975/ 13 KB
4 KB 30ms
27ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/merchant.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e605a47de2cf6e48e1c1e748eede1219d27129ab3d898db9231c37ad05363d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 747003
cf-bgj: minify
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 21:46:53 GMT
server: cloudflare
etag: W/"616f3ccd-334f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6a9fd2268ac22bad-FRA
expires: Tue, 04 Nov 2031 16:50:26 GMT

GET
H2 200 ga.js Show response
www.offers.com/scripts/ 477 B
443 B 26ms
23ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/scripts/ga.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78604b53d740442b5b8a5d692567f70f46f6e284118ab6db94a46641672f3954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
cf-polished: origSize=536
vary: Accept-Encoding
last-modified: Tue, 06 Jul 2021 19:22:06 GMT
server: cloudflare
etag: W/"60e4ad5e-218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
expires: Sun, 06 Nov 2022 16:50:26 GMT
cache-control: public, max-age=31536000
cf-ray: 6a9fd2268ac42bad-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2961
date: Sat, 06 Nov 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 06 Nov 2021 18:01:06 GMT

GET
H2 200 bullet-black.png
www.offers.com/images/ 94 B
331 B 21ms
20ms Image
image/webp 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/bullet-black.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/assets/v1634679975/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 246797
cf-polished: origFmt=png, origSize=149
content-disposition: inline; filename="bullet-black.webp"
vary: Accept
content-length: 94
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
expires: Tue, 04 Nov 2031 16:50:27 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6a9fd226bb212bad-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fa-solid-900.woff2
www.offers.com/fonts/ 115 KB
115 KB 22ms
22ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-solid-900.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
vary: Accept-Encoding
content-length: 117516
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-1cb0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226bb232bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2 200 fa-regular-400.woff2
www.offers.com/fonts/ 142 KB
142 KB 32ms
31ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-regular-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
vary: Accept-Encoding
content-length: 145072
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-236b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226cb272bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2 200 Gilroy-Bold.otf
www.offers.com/fonts/ 54 KB
54 KB 29ms
28ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Bold.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
vary: Accept-Encoding
content-length: 55376
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226cb282bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2 200 Gilroy-Regular.otf
www.offers.com/fonts/ 53 KB
53 KB 30ms
29ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Regular.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
vary: Accept-Encoding
content-length: 53840
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226cb2a2bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2 200 Gilroy-Medium.otf
www.offers.com/fonts/ 54 KB
54 KB 26ms
26ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Medium.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4077
vary: Accept-Encoding
content-length: 54972
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d6bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226cb2b2bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2 200 fa-brands-400.woff2
www.offers.com/fonts/ 70 KB
71 KB 23ms
22ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-brands-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
vary: Accept-Encoding
content-length: 72148
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-119d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226cb2e2bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2 200 OpenSans-Bold.woff2
www.offers.com/fonts/ 46 KB
46 KB 19ms
19ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Bold.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
vary: Accept-Encoding
content-length: 46676
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd226fb872bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2

200

info Show response
gurgle.zdbb.net/
Redirect Chain

https://gurgle.offers.com/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fp=1
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1

216 B
417 B

308ms
104ms

XHR
application/json

54.82.206.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 54.82.206.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-206-153.compute-1.amazonaws.com
Software: /
Resource Hash: 98857b3332fbf0bbe1d066eee0bac45b49385b24bcc5fed4fdf68d844ffef3c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: null
date: Sat, 06 Nov 2021 16:50:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 216
access-control-allow-methods: GET, OPTIONS
content-type: application/json

Redirect headers

date: Sat, 06 Nov 2021 16:50:27 GMT
location: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 0

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 8ms
8ms Script
application/x-javascript 104.111.244.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.244.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-244-187.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 evidon-sitenotice-bundle.js Show response
cdn.ziffstatic.com/sitenotice/ 251 KB
24 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1b7e10f6dbcacd83aaa2d83e2f890559da16170b08b02326f525cb1ff037b21d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: xyH6wrWAmwAbrZyBIsYGX6EylfU596.D
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 21:00:57 GMT
x-amz-request-id: W56Y45SCWE0ZN7HF
etag: "5211c5ba68164df407ab8387a0ce6918"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Sat, 06 Nov 2021 16:50:27 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 24216
x-amz-id-2: vLwXe+5rog21SGFZHCmdfZuWEVyTR48ble7r9D5G5csTxWNwEKlU/2tex68jgMRRxIAmwLm5gok=
expires: Sun, 07 Nov 2021 16:50:27 GMT

GET
H2 200 settings.js Show response
cdn.ziffstatic.com/sitenotice/660/offers/ 17 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/offers/settings.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e0dbca8e9a50d07acf3470a6677d1926501779109c33e0fe7d1ff90c10b63f34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 36RaEjHuyF.bjfyTQgdHDtJPaXtg8Z3F
content-encoding: gzip
last-modified: Sat, 16 Oct 2021 14:17:09 GMT
x-amz-request-id: WAMSED14Z7P2P91H
etag: "65966125d74eef546d3df6c42dab17d7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Sat, 06 Nov 2021 16:50:27 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 3692
x-amz-id-2: gOV1nZTUKqffTjjBo0scqMK4GeTHbiwwErs32zQNCuYxI+0tzpi4kaUsEJMd668rnJKbdYbEEQs=
expires: Sun, 07 Nov 2021 16:50:27 GMT

GET
H2 200 pubads_impl_2021110201.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 17ms
16ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118932
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 08:34:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 16:50:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
104 B 31ms
16ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fb6a19dc762d76e22c743e22acced2cd38c0eb9852f4765df8de2e75aefb30e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Sat, 06 Nov 2021 16:50:27 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 449 B
904 B 206ms
109ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=200194&zone_id=986094&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&us_privacy=1---&rf=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&kw=offers.com%2C%20offers%2C%20organiccomm%2C%20merchant&tg_i.page=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&tg_i.domain=offers.com&tg_i.name=offers.com&tg_i.mobile=1&tg_i.privacypolicy=1&tg_i.site=offers.com&tg_i.adunit=organiccomm&tg_i.pbadslot=sidebar-1&tk_flint=pbjs_lite_v5.20.0&x_source.tid=ebc4ac66-8585-4669-a236-9d259a4646f6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.09941211989416932
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: bd0176f14d9b73455d3bc2eb77280659cce167a4f5d6d641085ef75ce3c7d016

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 16:50:27 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.offers.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 449
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
187 B 52ms
13ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=4692894250
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.offers.com
date: Sat, 06 Nov 2021 16:50:27 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 arj Show response
ziffdavis-d.openx.net/w/1.0/ 74 B
348 B 105ms
51ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ziffdavis-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ebc4ac66-8585-4669-a236-9d259a4646f6&nocache=1636217426947&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&aus=300x250%2C300x600&divids=sidebar-1&aucs=sidebar-1&auid=540322687
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: d1e556c22380347a89299ce0a42a9f7d5278bd96f138f0b44e7e414825b8601f

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.offers.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 80
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
372 B 88ms
56ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=429282&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227c147cba02f944%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F%22%2C%22ref%22%3A%22%22%2C%22domain%22%3A%22offers.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22offers.com%22%7D%2C%22name%22%3A%22offers.com%22%2C%22mobile%22%3A1%2C%22privacypolicy%22%3A1%2C%22keywords%22%3A%22offers.com%2C%20offers%2C%20organiccomm%2C%20merchant%22%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22title%22%3A%22ADP%20Promo%20Codes%20%26%20Coupons%202021%22%2C%22context%22%3A5%2C%22data%22%3A%5B%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22site%22%3A%22offers.com%22%2C%22adunit%22%3A%22organiccomm%22%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22895d63372ef477%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A429282%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A429282%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA%22%7D%7D%7D
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d13e85d64e8fb8bac23025ce2c1977b69ba27737e44da3a350711f869d3247da

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.80], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.offers.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Sat, 06 Nov 2021 16:50:27 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
732 B 147ms
103ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3158&u=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: dzROP_7La9b_jaqrfR5Mt6GyrhohO-iM6UfEZUfepRQ10K7p14Gq3Q==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 80ms
42ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3158&u=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&pid=XkVTbm7r7wTQF&cb=0&ws=1600x1200&v=7.69.01&t=750&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4585%2Fns.offers%2Forganiccomm%22%7D%5D&gdpre=1&gdprc=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 5YT88ZD2MQFB08X9H2HZ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ecFygSLiwfJYbN8FPeBfVl0F4u3100X-cl5yfQosJitenFd3xlR30g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
735 B 141ms
103ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3158&u=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:26 GMT
via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: DPlf2yHn8HnAmjWbHCaDJ9irNmKFaC9GYKhplzAXj0ZweWzOpvrBgQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 46ms
8ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 45881
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Sat, 06 Nov 2021 04:05:47 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: q_-F95MzmjCK8YsH-zhXpIhYasmokyDkmNtq5NTWDH1vuSTNG32lPw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
55 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f68016f64d078966d202b3b9aaed1c22cef515e96971aabeff6d99e6a40a27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55794
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Nov 2021 16:50:27 GMT

GET
H2 200 offer-tile-placeholder.png
www.offers.com/images/ 72 B
232 B 33ms
32ms Image
image/webp 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/offer-tile-placeholder.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 241908
cf-polished: origFmt=png, origSize=162
content-disposition: inline; filename="offer-tile-placeholder.webp"
vary: Accept
content-length: 72
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
expires: Tue, 04 Nov 2031 16:50:27 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6a9fd228def82bad-FRA
cf-bgj: imgq:100,h2pri

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
94 B 316ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1180534327&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ul=en-us&de=UTF-8&dt=ADP%20Promo%20Codes%20%26%20Coupons%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEABEAAAAC~&jid=671211036&gjid=142756814&cid=859801229.1636217427&tid=UA-7272868-1&_gid=1859679162.1636217427&_r=1&_slc=1&cd7=023WOEB8HmIjus0qt9cQuqx&z=659259082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.offers.com/core/merchant/impressions/ 0
175 B 328ms
328ms XHR
text/html 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/core/merchant/impressions/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.offers.com/stores/adp/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6a9fd2290f662bad-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 en.js Show response
cdn.ziffstatic.com/sitenotice/660/translations/ 319 KB
13 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00::210:bb40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/translations/en.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ceb037bf695a81081fcbdd36b6a30a16d0b58e32559e51887f041637361e35fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: vW.1ugLfYzU_jNRUkB3qmXdMCra5CnpZ
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 12:00:07 GMT
x-amz-request-id: PGA0FATSY80TASCZ
etag: "e6bc20bf0564148eff940422a380934a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Sat, 06 Nov 2021 16:50:27 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 12409
x-amz-id-2: PHAXJ91IRSONAH9CGzZjYT4msnF/MHm5PgVhYJDCsOhwYpLb9ORH/9+SdYvsEcQZeWpFJNEvP/s=
expires: Sun, 07 Nov 2021 16:50:27 GMT

GET
H2 200 evidon-barrier.js Show response
cdn.ziffstatic.com/sitenotice/ 14 KB
4 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00::210:bb40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/evidon-barrier.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bb40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: UwfIzJ_dN6pFPHJXFmUK5RPJDR2lkMRs
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 07:00:03 GMT
x-amz-request-id: 2DZ3X2N4B27KF1GW
etag: "282d0aad6323c983709c8ba8921e53b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Sat, 06 Nov 2021 16:50:27 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 3930
x-amz-id-2: MVl7z13SlGDgnlDSC1OZC8899vLPScDcesUgar/IR2eWeGmZ/P/ESBYKZFCoNSZ9oNFl7rDfr30=
expires: Sun, 07 Nov 2021 16:50:27 GMT

GET
H2 204 2
l.evidon.com/site/v3/660/147/3/1/3/ 0
121 B 321ms
102ms Image
text/plain 18.208.45.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/660/147/3/1/3/2?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.45.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-45-198.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 OpenSans-Regular.woff2
www.offers.com/fonts/ 46 KB
46 KB 23ms
23ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Regular.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4071
vary: Accept-Encoding
content-length: 47016
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9fd2293fbe2bad-FRA
expires: Sun, 06 Nov 2022 16:50:27 GMT

GET
H2 204 18610
l.evidon.com/site/v3/660/147/3/5/3/2/ 0
120 B 247ms
102ms Image
text/plain 18.208.45.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/660/147/3/5/3/2/18610?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.45.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-45-198.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 18610
l.evidon.com/site/v3/660/147/3/1/3/2/ 0
120 B 247ms
102ms Image
text/plain 18.208.45.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/660/147/3/1/3/2/18610?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.208.45.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-208-45-198.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 157 KB
58 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H8B8R34YCC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

242aed0ffde1f133fde405651ead78edb7c9f392e1eb647eeef4c075280af10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59611
x-xss-protection: 0
expires: Sat, 06 Nov 2021 16:50:27 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
10 KB 59ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B1371BF69E143DB935CCBC092C45EFB Ref B: FRAEDGE1420 Ref C: 2021-11-06T16:50:27Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 35 KB
10 KB 47ms
9ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Sat, 06 Nov 2021 16:30:24 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10053
x-request-id: 1064370467

POST
H2 204 collect
www.google-analytics.com/g/ 0
161 B 139ms
14ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H8B8R34YCC&gtm=2oeb31&_p=1180534327&sr=1600x1200&ul=en-us&cid=859801229.1636217427&_s=1&dl=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&dt=ADP%20Promo%20Codes%20%26%20Coupons%202021&sid=1636217427&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H8B8R34YCC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 440ms
440ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2361641679324608&correlator=3499464711970167&output=ldjh&impl=fifs&eid=31063281%2C44754276&vrg=2021110201&ptt=17&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&npa=1&sc=1&sfv=1-0-38&ecs=20211106&iu_parts=4585%2Cns.offers%2Corganiccomm&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=rfr%3Dfalse%26pos%3D1%26ppos%3D1%2Catf%26npos%3D1%26pogo%3Dsidebar%26divid%3Dsidebar-1%26amznbid%3D2%26amznp%3D2&eri=5&cust_params=pageviewid%3Dcb882595-dc23-4948-94aa-676a0aedf997%26template%3Dmerchant%26category%3Dorganiccomm%26OOF%3Dfalse%26ref%3D%26zdid%3D3108b989e6483f7dc184ad6abf5c8b68%26gdpr%3D0%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1636217427196&dlt=1636217426569&idt=482&frm=20&biw=1600&bih=1200&oid=2&adxs=188&adys=920&adks=1989942666&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=307x1952&msz=307x0&ga_vid=859801229.1636217427&ga_sid=1636217427&ga_hid=1180534327&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

20252e94fff75f8c269c3a97b0c9a1f006a854f7c768fc2fc65efd0b579b0072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8303
x-xss-protection: 0
google-lineitem-id: 4462571996
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138216348753
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d63d482ff40ce45a6128b14383d511b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5753 6 KB
4 KB 65ms
15ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d63d482ff40ce45a6128b14383d511b1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 06 Nov 2021 16:50:27 GMT
expires: Sun, 06 Nov 2022 16:50:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200 848.json Show response
id5-sync.com/g/v2/ 212 B
531 B 35ms
8ms XHR
application/json 51.195.5.45
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/848.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.45 , France, ASN16276 (OVH, FR),

Reverse DNS

p39.id5-sync.com

Software

Resource Hash

f71cfce63919bdba0e16eee386250478bac6af934dc6338be723f400dd559c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.offers.com
Date: Sat, 06 Nov 2021 16:50:27 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 28000255.js Show response
bat.bing.com/p/action/ 0
94 B 31ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/28000255.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Nov 2021 16:50:27 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5B2CEDFB46A4FBBBBF4280664548B4A Ref B: FRAEDGE1420 Ref C: 2021-11-06T16:50:27Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=28000255&tm=gtm002&Ver=2&mid=733b5413-6a66-4c7e-8c37-f42f00715f4b&sid=a4c0f6503f2111ecb997b91a16578721&vid=a4c11bd03f2111eca3d4ab1050a66042&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ADP%20Promo%20Codes%20%26%20Coupons%202021&p=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&r=&lt=840&evt=pageLoad&msclkid=N&sv=1&rn=213805
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E018AA8F8AB4439BEECEA65DA1902EE Ref B: FRAEDGE1420 Ref C: 2021-11-06T16:50:27Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 47ms
15ms XHR
text/plain 2a00:1450:400c:c02::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-7272868-1&cid=859801229.1636217427&jid=671211036&gjid=142756814&_gid=1859679162.1636217427&_u=KGBAAEAAEAAAAC~&z=1659424132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 16:50:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 44ms
22ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb36af960148f544dbb012d562ea38b2ab9ef841c0f3a0b213cf0f5bbe1c66c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9222
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 53ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-7272868-1&cid=859801229.1636217427&jid=671211036&_u=KGBAAEAAEAAAAC~&z=2071183137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 52ms
29ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-7272868-1&cid=859801229.1636217427&jid=671211036&_u=KGBAAEAAEAAAAC~&z=2071183137

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 16:50:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DA14 12 KB
5 KB 307ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 06 Nov 2021 16:42:55 GMT
expires: Sun, 06 Nov 2022 16:42:55 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E67D 783 B
972 B 16ms
15ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba78b36929926cae878d49333554b05fbce0aa3d3224a571e248743618e54048

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tWV/qGBFIz15XRD0XG/nFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 06 Nov 2021 16:50:27 GMT
date: Sat, 06 Nov 2021 16:50:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tWV/qGBFIz15XRD0XG/nFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E67D 0
0 379ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110201&jk=2361641679324608&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
232 B 383ms
124ms XHR
text/plain 34.194.37.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.37.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-37-39.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=316393
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
778 B 7ms
7ms Script
application/javascript 2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: _jYIqJ2NFQhdeIBhTq8o8WP0pHHc8a8n
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 15:05:48 GMT
x-amz-request-id: 9J9WBRBYKGRSNYC7
date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 464
x-amz-id-2: xCZPtE9VxIJr6vszIJvPHi4Jth20T6Yz+bWZNdfx3kbDh2sgTnmmRwFI/5Z3cqhCIFuIno8Xazo=
expires: Sat, 13 Nov 2021 16:50:27 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 22ms
7ms Script
application/javascript 104.111.228.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.228.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Sat, 06 Nov 2021 16:50:27 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Sat, 13 Nov 2021 16:50:27 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
569 B 7ms
6ms Script
application/javascript 2.16.186.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: LUTHKtFp1_UmO8DFTlLLqVbCwYHjvMaW
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 15:05:47 GMT
x-amz-request-id: 9J9HR419WY3F68Y8
date: Sat, 06 Nov 2021 16:50:27 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 255
x-amz-id-2: GmBaOdxW3nDw7PG/hpW4W8YjuQc1gNATX5qMwGzJpieT4bikS6cB9YIVysYRUR3WCpQxnjB3TXk=
expires: Sun, 07 Nov 2021 16:50:27 GMT

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
109 B 108ms
32ms Image
image/gif 52.18.143.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=cb882595-dc23-4948-94aa-676a0aedf997&zd_location=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&evidon_consent=undefined&third_party_consent=&fu=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.143.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-length: 43
content-type: image/gif

GET
H2 200 eAAAAAAAAAAAAAAAAAAAAA
zdbb.net/n/ 43 B
108 B 108ms
32ms Image
image/gif 52.18.143.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/n/eAAAAAAAAAAAAAAAAAAAAA?tp=ofpweeaflkwerkldfksklwk&tpc=1715698324388317031&zd_pageview_id=cb882595-dc23-4948-94aa-676a0aedf997&zd_location=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&evidon_consent=undefined&third_party_consent=&fu=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.143.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:27 GMT
content-length: 43
content-type: image/gif

GET
H2 200 spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 2 B
393 B 35ms
6ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sat, 06 Nov 2021 16:50:27 GMT
via: 1.1 varnish, 1.1 varnish
age: 601
x-cache: MISS, HIT, HIT
x-app-cache: MISS
x-age: 0
content-encoding: gzip
content-length: 22
x-served-by: config-service-a003-ash-prod.krxd.net, cache-bwi5147-BWI, cache-fra19132-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1636217428.932361,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 3, 38

GET
H/1.1 200
OK 30629 Show response
stags.bluekai.com/site/ Frame E607 71 B
337 B 159ms
145ms Document
text/html 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=offersbrand%3Dstores&phint=bbseg%3D900263&phint=bbseg%3D900331&phint=bbseg%3D900365&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D900374&phint=__bk_t%3DADP%20Promo%20Codes%20%26%20Coupons%202021&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=__bk_v%3D3.1.10&limit=10&r=58321939
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 44e
Date: Sat, 06 Nov 2021 16:50:28 GMT
Connection: keep-alive
X-N: S

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD42 0
0 43ms
42ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspFiXMAYngcgcw0Eq9WrQiZNh1jVlH20toZ5JnCpM_AhYpXYR5SGBQzYbDbivdNz1z0e6wMcfMYqf5woiACwYFGYFgLk2I593ZJqYK3mjXqETNxoDDjAeaF_LR1pB6W69duugtP-8QQVNrLc6Js39O5_AlP-SZjKGJUfsEupwdtJec9Qrb6IfGO8-FIGOB3y-jvYc5keU7gB36zh0ksjGxXRoZDIH0hZdZ8zHbjQqo7PUznjFIen4uD2Mf5gmLPu1BXLDp9ieBv5h_A_fidDQn0cemXmwi2nu-ayHG0GEhHuCXAECxMTyKVN3LzQ&sai=AMfl-YSRBHwaRUx9IAvklC1dBuDW7OFn7Q8nZ43CIdUzaFa5qrmOvyT_FtaN14dwP-RFMR_GRimmUh89vSYn3HujYaj4Vhcm2v9rHyn9GnKdl9vAEy-7xUAYpovykmLm-OU&sig=Cg0ArKJSzGNEpG5t_RVfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 16:50:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BD42 144 KB
51 KB 161ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f22b225cf858534bde4dfbda02d87a5e9dbbb8f862e11f3f9249caf02bbbb9eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51378
x-xss-protection: 0
server: cafe
etag: 6058257749111571909
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 16:50:28 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD42 120 KB
37 KB 62ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 16:50:28 GMT

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 74ms
25ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 07 Nov 2021 16:50:28 GMT

GET
DATA 200
OK truncated
/ Frame BD42 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 006097fc15162bc32be79d98287c6ef647f77b0df75ef06ac9f9485a66b6aee4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame DA14 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:32:24 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 81E5 291 B
590 B 68ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.offers.com&gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 581
date: Sat, 06 Nov 2021 16:50:27 GMT
content-length: 321

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 93ms
46ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 07 Nov 2021 16:50:28 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/ Frame BD42 268 KB
96 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1671236619984773&plah=www.offers.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f98081076194f6885070d6ff9f5b86eb631716f88436a9e787850e6bb110acad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98224
x-xss-protection: 0
server: cafe
etag: 9040437908421206644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 16:50:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame B05E 11 KB
5 KB 31ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Nov 2021 18:38:54 GMT
expires: Fri, 19 Nov 2021 18:38:54 GMT
content-type: text/html; charset=UTF-8
etag: 2948287274155451234
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4905
x-xss-protection: 0
age: 79894
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BD42 0
0 43ms
43ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsvZi5K66HIY4bHjZhQ_KoB0Ex1li_CoUJ24INCZGiSgSO4Ai9lEmA2__TBKSCECKN2_uTjusb16uQPYWeJISRg2CN5wzALvsNxAxwajiThVMMfBhqT_yCGv9VaGUz1H5fbvY_OKAdFpdZY11q5MN0_9hztmH9F8zLzFDzu27wZ19cgvNC03e5Jqoze2kkYknZqRJi9dV_1GicAs17gdP9b-m6ghTDfg5-yyKHULFLa7Jae1Yy9OrOpOU3Tsj9eo4tq56g3IMySksfAoGEY-KdT1HdxRyhIOesslFJIkEApvP1hgdPbpKGcugtEvxg&sai=AMfl-YSDW3EDOUwGN8ca9hGVDl-TlqrPZSE7s86a4T19cLXnKas2efVZfT2kd-Z1HvsCyoENp01BgbfwxZwj6FP-S1Y7rNYtnPFWyd0reWC1S02Au9ZkPHg5FjlruNjvPd4&sig=Cg0ArKJSzJpTTqaTxOvQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 06 Nov 2021 16:50:28 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame BD42 12 B
247 B 16ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.offers.com&callback=_gfp_s_&client=ca-pub-1671236619984773&cookie=ID%3D3b675e7634e539ad-226d626937cb00f9%3AT%3D1636217427%3AS%3DALNI_MYq-KqzwWdXVZA6Q7L6HhKzidY0pQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1671236619984773&plah=www.offers.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame BD42 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.offers.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BD42 107 B
165 B 19ms
19ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offers.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6270 82 KB
28 KB 350ms
350ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046727&pi=t.ma~as.9214123897&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636217427869&bpp=4&bdt=213&idt=134&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&cookie=ID%3D3b675e7634e539ad-226d626937cb00f9%3AT%3D1636217427%3AS%3DALNI_MYq-KqzwWdXVZA6Q7L6HhKzidY0pQ&correlator=7129260672748&frm=23&ife=4&pv=2&ga_vid=859801229.1636217427&ga_sid=1636217428&ga_hid=1392140432&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=188&ady=920&biw=1600&bih=1200&isw=300&ish=250&ifk=3833888290&scr_x=0&scr_y=0&eid=31063393%2C31063395%2C44753743%2C31060566&oid=2&pvsid=884351712176583&pem=662&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.giobachsdphc&fsb=1&dtd=169

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18b5459fb2e87d81174ea522a9ec9564799b35382f7e5d52e54e83385dacf1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 16:50:28 GMT
server: cafe
content-length: 28439
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BD42 12 KB
9 KB 23ms
22ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71e1d4f92dfd5d85db8e5b232e576740425b39224f9451ffe582840f86baf722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9278
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 43ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110201&jk=2361641679324608&bg=!z8ylzIjNAAYH3anuB907ACkAdvg8WvguzfxnFHMW7FzV1h5Om4K2wC4Up9B9oYx5928AQWbEyX6qvgIAAAChUgAAADloAQeZAsR_kmmyLzNV5VsCSo_5e2s0oyTr4pxRMLVQaPZ6gw2-EYqZK6IusSzQb5mCf081dmRWpTyAKrMihzF3Ou8XvRzspjV1rcNrLrzt9oninuF2DuqmrRheFzC0zRU2X8mTCJ-O2jFnXpu0z50JWMGoFPodwmQrPGnuQ7vB6GSzCDdLfyxshPgE8b-NEoGK82vQug2_xufcEnn6SE-PmF0eafVPyWCobFauhYYDJxPFrrXNKqTZqkD5SJCj8EzrcOxoYI5A93Az7wvI0cCbzAq9XWCrxVrpu_ZRCv9_S1PIvKQSKKSiJS3EshFz6MZ11iyDbQ6OI406tquAz3-YhNqfTu4OaMGAea1BDBCmczz8eXG835Az1VMWhTLFK4qmF-ZEjn0o9r1YnyHTTsg2dH09SYP81s7G_I_Yi7SS9cb4097SMNxTsoo7W484qeY-oYcYvm_sygpj5ZZppqSxCzPUyze-x9ZAneWyB5VgYirhgmmz3LL7Vb1RRQXXJc_6i4fKdg9JJp_GcceSCm9R5Nhf7MJJEov5mjw_ErNHaWvEo3SgLa510L_-Q5O9Sf1S94t3kPVojWX8Gz8msZiotmWlg5wXVohB42_R1WjFQD3gN874-mm41EXkjZ1ZvGQSWgUybrPmHs07geuPHoH8ZfQ7JkGy_pRGjkJiEJrXw6AWq07B7msWmjcl2y2gkwoCU0csAC4lXhlP-uqRn7k53G87m-kTA-Ynby0NPVeriTkR92pbCTzoCjgcGaIi7C6ENVIHDQ-Qm1-lxrKmPdF_GMioGfY5GxbLbUDvxj5mp8V_1CFV827tq6T8q0sMAvVd_HUhRvLbjeUESAv-pfxIMgfyqAOIm3QVrMBMGaG9GMxc3gXDzTKn7mI_ZDsxSZgE2FLbdS0Q6PSx3DnHngbL6HcwD-gcde6UKYoSdJq3prPy4z2W4XOsCyk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BD42 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 16:50:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1025 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 06 Nov 2021 16:42:55 GMT
expires: Sun, 06 Nov 2022 16:42:55 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 088D 783 B
762 B 17ms
16ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

33df454875fffefae99b4164785f0de3ee15f2cec7050e602b66b985dfd3ce40

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FqV2e9S0RRmOIHLXZif7Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 06 Nov 2021 16:50:28 GMT
date: Sat, 06 Nov 2021 16:50:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FqV2e9S0RRmOIHLXZif7Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1025 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:32:24 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 088D 0
0 56ms
56ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=884351712176583&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BD42 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=884351712176583&bg=!-fql-r7NAAYH3anuB907ACkAdvg8WncZKCJmimu0NTFRaYbai3nMwba46gjkrqG43hlA4QFgvr9acQIAAABWUgAAAApoAQcKAJ70KIY75H6kEm72xFVYtK_Q_q3pYxUAN16VONex5DywAJUFc4iaHjyTu9nroyY_GVhjNUglCD6kkY24gCnmFLlWUGnuW0T7d1ylS1Tb6TZamXd6bzUOaC-5vaeXGFMGB1jroX9oQyf4gjhftpKKHbZhutACQRGUupR_kgg8r_oUW2QvBxgnk6TrlWRnCZX9wauF3W0O6j3E40O9it9pmJkCvxp8MYsKtFrrLKo9ZmTZQhjL9w7ybfD9uCSCl2WjvTtTQTlf9Fzmaom_iGenOf9bP5LyGRN208_MRed6MUFXzVIqNgADd9FjNXe7C7itZUhDH21mIIm9ZIUeba3msJo5okldsfrNwWsEsXyQ6bak8zXvvIOm9ICLK_YKpDfhXtfBnOPNCp4M6YRygR8NmwZsy9txctW8ONCUg76WHJgQHj5mZY5dHXWWbjwVb6z17DHcFKoRaPONg9tnSALEINrA0y8afDCSbnF7JvcVPtvTQdmEqxv8Xqzc_RZ_OPC51EKUsGIvhPGtCdK4TxZHdLyFa7MxLoNxuys9s5QJfb26A1KQkHcw3W3iwAbFIwdmeilOF0WVgHmxQtbK4uZ0yBKArd8lAoT4oRBJscT-ckvW-TTiVG7dECGTcUs2ClO7Orq-dXcX3MXR8QLnfTm9K3gW6pzxV9p3QmaGwsTb10aG0oEftBE2268vEulnbxcCFVy74TFpwf5KTOT-vYZ7KA1qHLjXlpluGmPqCbDiPVIeu9reHlZMVAhR4OCQGx3Y3ZQ7_5GS_7QDLYp0Wpkk4kEhao0qNCakUJX39OMlMyVNmkooevnZqjw1vjjfjMVldVqU6A6jQeM98a2uSyDvjqLf6v4PA3ZdPsH6QVQcuPsTP4BVEqpY4JoGvV5xcj8GimxB2lV1njNv-ciphjCBf-igvZCkFWfUtM5gC69FZPwCzasro0cXiKsOKPdc2abrTYSRPOihd-CywUJJXWqUhJMoCLaPuH966j5eDkWZLvs5lgyUIgLwFUinkCqSU8kLl0tf_g9tF3SMw86ZiaaXoV-o2eYB48BvuLOA_UlVwE-SwL5HIyIKCl87nlHzxtgszXybg8GpcHQjaY4yoON0LkRc2ocl2pYVvia8YiuOOMj1zITMG7q7-hbqVQOkpqwQnOY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6270 6 KB
1 KB 57ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046727&pi=t.ma~as.9214123897&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636217427869&bpp=4&bdt=213&idt=134&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&cookie=ID%3D3b675e7634e539ad-226d626937cb00f9%3AT%3D1636217427%3AS%3DALNI_MYq-KqzwWdXVZA6Q7L6HhKzidY0pQ&correlator=7129260672748&frm=23&ife=4&pv=2&ga_vid=859801229.1636217427&ga_sid=1636217428&ga_hid=1392140432&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=188&ady=920&biw=1600&bih=1200&isw=300&ish=250&ifk=3833888290&scr_x=0&scr_y=0&eid=31063393%2C31063395%2C44753743%2C31060566&oid=2&pvsid=884351712176583&pem=662&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.giobachsdphc&fsb=1&dtd=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 16:45:13 GMT
server: ESF
date: Sat, 06 Nov 2021 16:50:28 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 16:50:28 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6270 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:36:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 16:36:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 6270 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 16:44:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6270 3 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 16:34:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6270 120 KB
37 KB 323ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:50:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 16:50:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6270 15 KB
7 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 16:48:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6270 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAemo4qEM5j3w8PAiWcrhnNNHWUJ7tT1iK6rwziRPOOR2HDdzNkZfls0JkPb95TQIHR3P6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046727&pi=t.ma~as.9214123897&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636217427869&bpp=4&bdt=213&idt=134&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&cookie=ID%3D3b675e7634e539ad-226d626937cb00f9%3AT%3D1636217427%3AS%3DALNI_MYq-KqzwWdXVZA6Q7L6HhKzidY0pQ&correlator=7129260672748&frm=23&ife=4&pv=2&ga_vid=859801229.1636217427&ga_sid=1636217428&ga_hid=1392140432&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=188&ady=920&biw=1600&bih=1200&isw=300&ish=250&ifk=3833888290&scr_x=0&scr_y=0&eid=31063393%2C31063395%2C44753743%2C31060566&oid=2&pvsid=884351712176583&pem=662&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.giobachsdphc&fsb=1&dtd=169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame 6270 27 KB
12 KB 281ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 04:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Mon, 31 Jan 2022 05:32:03 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/9365884351793814477/ Frame 6270 30 KB
31 KB 16ms
7ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9365884351793814477/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

244b6b14f6abf855c296c7b31ec231ae683e9bbc7f41e24a930a4649566dad66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 18:47:45 GMT
x-content-type-options: nosniff
age: 338563
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30991
x-xss-protection: 0
last-modified: Fri, 14 May 2021 08:12:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Nov 2022 18:47:45 GMT

GET
DATA 200
OK truncated
/ Frame 6270 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5134b82d611c669043b8e4edb8506518397e44bfc41fc82fbe7a541e1a3b2e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6270 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRjarVLKGYcHRGYTN1fAPgpKG2Aiwuoy7Y4Dw4pPUDdrZHhABIO2mmy9glfrwgYwHoAG-65P9AsgBCakCCL4yBLposz6oAwHIA8sEqgTgAU_QikvrF0o-KbTMpX4FVhuCGx5D664OZw5k52weMTUJwVo7wzWHigBjGbIGGhoIH0YmetRE3rNA-xyfdG2k4dkRbuufcSatREV6ASET_nbbnmwTpbSg5C7lu6Smak9P0euPeGAMkjzllkWxZvqsZk6ndOJ7IA8LX-VjpsFLHc4l502Tu16lD2S_vrT20ZWDgtyG6uY5Ba5T_CaizYTdjj7PnLn2f3yDOQoEyDWZnTcRjAaoaT9vAYxTVptZ--KZkV7XWuPQjZ1VIvVmgg5kmhu1FhYWq-ZYGpk0XzNa-tQRwATq6NmbzAOSBQQIBBgBkgUECAUYBKAGLoAHqpTsggGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ5IAI0ggJCJDhgFAQARhfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTE2NzEyMzY2MTk5ODQ3NzMYAA&sigh=CILTkUEJma0&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&client=ca-pub-1671236619984773&output=html&h=250&slotname=9214123897&adk=3542530520&adf=3173046727&pi=t.ma~as.9214123897&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636217427869&bpp=4&bdt=213&idt=134&shv=r20211103&mjsv=m202111020101&ptt=9&saldr=aa&cookie=ID%3D3b675e7634e539ad-226d626937cb00f9%3AT%3D1636217427%3AS%3DALNI_MYq-KqzwWdXVZA6Q7L6HhKzidY0pQ&correlator=7129260672748&frm=23&ife=4&pv=2&ga_vid=859801229.1636217427&ga_sid=1636217428&ga_hid=1392140432&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=188&ady=920&biw=1600&bih=1200&isw=300&ish=250&ifk=3833888290&scr_x=0&scr_y=0&eid=31063393%2C31063395%2C44753743%2C31060566&oid=2&pvsid=884351712176583&pem=662&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.giobachsdphc&fsb=1&dtd=169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Nov 2021 16:50:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 check_c Show response
zdbb.net/ 0
230 B 31ms
31ms XHR
text/plain 52.18.143.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zdbb.net/check_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.143.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-143-209.eu-west-1.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:28 GMT
server: Ziff Davis BuyerBase
p3p: CP="ALL DSP COR NID"
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 6270 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 700b7e78c6b596d5d887fbafe2ee5a03443ddeb20b7a568b14cb4d788c7019b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6270 15 KB
16 KB 46ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:01 GMT
x-content-type-options: nosniff
age: 386308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Nov 2022 05:32:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6270 15 KB
16 KB 47ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 170052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 17:36:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6270 15 KB
15 KB 44ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:46:25 GMT
x-content-type-options: nosniff
age: 151444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:46:25 GMT

GET
H2 200 aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js Show response
pagead2.googlesyndication.com/bg/ Frame DA12 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aNNWlbpyBdP4mP9d7th6qOA8X9p-adJ6S1XSHexjUrk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 13:32:24 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD42 42 B
174 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut60fX52XrR4yDNxb3E5X-kiqxm3nokCHj-udJqYWvkfiLb4n_jaOHhcvYakH_jAFs3FNLi5Nb0lOXZ9lRz3dcBOT1jpSRweWudRrSeQAcM1eeF6hE&sig=Cg0ArKJSzPKzvf0G0akpEAE&id=lidar2&mcvt=1000&p=920,188,1170,488&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1989942666&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636217427656&rpt=360&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6270 42 B
108 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSOaEeWpu4-ZyW9kC8JZwCsNZbnT8VvjD1FvcVHBzaBGURnRbCtfwYtyw-EiWRkZHQ6EjoG3d8NZRKr1oBvXPUAlFPdlC5zc1dzUiYNeduw7_aIyim9w&sai=AMfl-YSuPQyC_YX7SL7hgOjR-SxQIrLdlagj5RwNAszEpalyMe0hq4b8vRDK1PkzEvGbm_yS9x2EtNkFfyEl6M-xL6Yu0NWrtQdRcBbZofgPTwddiPeNUeOaYFzGNnc&sig=Cg0ArKJSzEYbsfLoIPQFEAE&cid=CAASPeRor8qfUeoW-5guTYxtHbqVWad1sP6L34mwz5qyvmx9maUZmtdP66pqBWQQt-dtKIl8MJGtmzQyn2ErrSg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3542530520&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636217428039&rpt=862&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
131 B 24ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 16:50:31 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.offers.com/	1969-12-31 23:59:59	Name: psid Value: 1f56b3aeae7f9c57636fcadac721e49c015f75de
www.offers.com/	1970-01-20 15:17:34	Name: ovt Value: 1636217426%7C1636217426%7C1636217426
.www.offers.com/	1970-01-20 15:18:17	Name: ouid Value: 1715698324388317031%2654ca99b15c2b215ae63937c17c874f710e3971746b23c7ef48ec80b69832a467
.www.offers.com/	1970-01-19 22:30:21	Name: osvt Value: 1715698324392511336%2C%2C1636221026%265e223a7fb21c75a26e5c2c4963f94ac24350bfe0100d870dce53a6d65f143b65
.offers.com/	1970-01-19 22:30:19	Name: __cf_bm Value: igoxRDtdVvjP.dpjNmgtmzrX_nU.HXX83IgMH3EHijo-1636217426-0-AcDak7lgNMjRT4UNVN2UDFMNNOu59XZ9E/0JSmw53UaB52HO57nCD2rIvJOlrn5PuLl11ku8sM2aJMw4/b6mZmg=
www.offers.com/	1970-01-19 23:13:29	Name: fu Value: 1
.offers.com/	1970-01-19 22:31:43	Name: _gid Value: GA1.2.1859679162.1636217427
.offers.com/	1970-01-19 22:30:17	Name: _gat Value: 1
.offers.com/	1970-01-20 16:01:29	Name: _ga_H8B8R34YCC Value: GS1.1.1636217427.1.0.1636217427.0
.offers.com/	1970-01-20 16:01:29	Name: _ga Value: GA1.1.859801229.1636217427
.bing.com/	1970-01-20 07:51:53	Name: MUID Value: 3A93E56E1EED6C272C61F5891F866D0D
.offers.com/	1970-01-19 22:31:43	Name: _uetsid Value: a4c0f6503f2111ecb997b91a16578721
.offers.com/	1970-01-20 07:51:53	Name: _uetvid Value: a4c11bd03f2111eca3d4ab1050a66042
www.offers.com/	1970-01-20 02:49:29	Name: h_zdbb Value:
.offers.com/	1970-01-19 23:13:29	Name: zdbb_swap_ofrs_id Value: 1
.offers.com/	1970-01-20 07:51:53	Name: __gads Value: ID=3b675e7634e539ad-226d626937cb00f9:T=1636217427:S=ALNI_MYq-KqzwWdXVZA6Q7L6HhKzidY0pQ
.doubleclick.net/	1970-01-20 07:51:53	Name: IDE Value: AHWqTUnI8NeK46cHAvO52TfyD5s9YOZb4GbeSHt58t8cGOcnjD_9vhMMTEGvzXJZzgQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bat.bing.com
bidder.criteo.com
c.amazon-adsystem.com
c.evidon.com
cdn.id5-sync.com
cdn.krxd.net
cdn.static.zdbb.net
cdn.ziffstatic.com
d63d482ff40ce45a6128b14383d511b1.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
gurgle.offers.com
gurgle.zdbb.net
htlb.casalemedia.com
id5-sync.com
jogger.zdbb.net
l.evidon.com
pagead2.googlesyndication.com
partner.googleadservices.com
preferences.truste.com
privacy-policy.truste.com
securepubads.g.doubleclick.net
sgi.offerscdn.net
sgi1.offerscdn.net
sgi2.offerscdn.net
sgi3.offerscdn.net
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
tags.bkrtx.com
tpc.googlesyndication.com
u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.offers.com
zdbb.net
zdstatic.offers.com
ziffdavis-d.openx.net
104.111.215.191
104.111.228.137
104.111.244.187
104.16.177.182
142.250.185.130
143.204.95.188
143.204.98.113
151.101.130.133
178.250.2.131
18.208.45.198
184.31.84.150
184.73.53.228
2.16.186.144
2602:803:c003:200::31
2606:4700::6812:9e32
2606:4700::6812:9f32
2606:4700::6812:a032
2620:1ec:c11::200
2a00:1450:4001:801::2001
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c02::9b
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00::210:bb40
34.194.37.39
34.228.209.86
35.244.159.8
46.105.202.126
51.195.5.45
52.18.143.209
54.82.206.153
006097fc15162bc32be79d98287c6ef647f77b0df75ef06ac9f9485a66b6aee4
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
04d0a516e29de19b229e7a14a0039d2c9559d4773b7bba32f98f7129be046795
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
096dd5f3c64ba1a39f37efbca3dd8f7e39a1f6810538d378d2e5035d9d342fa2
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746
0c2ce0657e9c7590d4e98ad2135679abc7d433d198ac1f7fab35357c7bd5c55b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
18b5459fb2e87d81174ea522a9ec9564799b35382f7e5d52e54e83385dacf1ee
19ff7c66b66c944275642b55491e432a38242f8ab90574c92db16265b176aae8
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b7e10f6dbcacd83aaa2d83e2f890559da16170b08b02326f525cb1ff037b21d
20252e94fff75f8c269c3a97b0c9a1f006a854f7c768fc2fc65efd0b579b0072
242aed0ffde1f133fde405651ead78edb7c9f392e1eb647eeef4c075280af10d
244b6b14f6abf855c296c7b31ec231ae683e9bbc7f41e24a930a4649566dad66
2961e633fb39fe8c91ac7abd6ec011933478e58dff1e944924568f9cdddec7ec
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
323b59663dd6ccea0e6a32d20f69ef92f9065ce104651ab2712e286c6c49958c
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33df454875fffefae99b4164785f0de3ee15f2cec7050e602b66b985dfd3ce40
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c
3847b1c31663d53c1518509c0eac2d5902f4b20ecd2cc64b63416a009b8a2937
3d1ca10f6b7666e93d493bfb6a6748f380addb42602ee797994469c077c24837
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4aa2961dca0fae46e77063185d3e1da5507e47055a9fd1922d99bed618877d3e
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4afdd62268fbd733c37ba28eca7c52d66fdabc1afe917cdf153cba10e5e78917
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
4f68016f64d078966d202b3b9aaed1c22cef515e96971aabeff6d99e6a40a27b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50ad3a273dd7803066fae0fb2e4eec57cdfb969f449d86309527578d7e08d249
51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
54770fd1905812ea13a16abc2bb89af06ead2097a4c48539db49fed73b8d095e
54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766
5cb288f2d943c13ad207761ea04a93e006a96258ec34a378cae81788ea851e30
606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
65aae457eea154a8824bf40c7051a4d712c0c73bb570f8fc0e9c9be03b5b63b6
6716e7c9082bd0a706128a88da56548b13172dbd0acbf72fd13d391dc6fd2ba0
68d35695ba7205d3f898ff5deed87aa8e03c5fda7e69d27a4b55d21dec6352b9
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6
700b7e78c6b596d5d887fbafe2ee5a03443ddeb20b7a568b14cb4d788c7019b5
71e1d4f92dfd5d85db8e5b232e576740425b39224f9451ffe582840f86baf722
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78604b53d740442b5b8a5d692567f70f46f6e284118ab6db94a46641672f3954
7999a7f666379585be32c7a0d461b6bf438e9f36dde0fd5c20422bb874c6c4fa
8293f341723abb87f312d3f3f323cc1bfe181c9e0548e6a036658e5c24ce02fb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
883263abd92e9a94e5d2a961fc4e1e5419b399b106e1b7dbfd14cb544264be54
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8d64d95a0fb2d3628a4ced061ae1771200463d73f39085840ef7d06605ffc3e6
8eb8fa5598a41dae8756a3628fb36f944e7b26331912096d79502d4e2bd2f80f
9084b24863c91948a8a44b2143b64cd4d9c72ac1f796f1f3243f9e1aca80b1d7
98857b3332fbf0bbe1d066eee0bac45b49385b24bcc5fed4fdf68d844ffef3c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
a9e605a47de2cf6e48e1c1e748eede1219d27129ab3d898db9231c37ad05363d
ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7
ba78b36929926cae878d49333554b05fbce0aa3d3224a571e248743618e54048
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
bd0176f14d9b73455d3bc2eb77280659cce167a4f5d6d641085ef75ce3c7d016
be8087685c8b551246e730cbc2a2578dbb3f827ef2cf301bb905ea2f243e4cd7
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c82d3097f5cfa264b952d228a0ce41fe977cb4a03e10c6e664ef306448b84cfe
c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258
cb36af960148f544dbb012d562ea38b2ab9ef841c0f3a0b213cf0f5bbe1c66c2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ceb037bf695a81081fcbdd36b6a30a16d0b58e32559e51887f041637361e35fe
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d13e85d64e8fb8bac23025ce2c1977b69ba27737e44da3a350711f869d3247da
d1e556c22380347a89299ce0a42a9f7d5278bd96f138f0b44e7e414825b8601f
d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457
da5523987f1aa265f170cf27232c760db70775bb65e604ce85a4b1ab2ce74dad
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245
de38c204cb76dba1df84122c0a6724a4d4566d3d2e6f29ee27bb0bdbc8714d8c
e0dbca8e9a50d07acf3470a6677d1926501779109c33e0fe7d1ff90c10b63f34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f150dfeb4a0e6537529a23567ac44f32145446404e72f11e30c3114fc9bbf5be
f22b225cf858534bde4dfbda02d87a5e9dbbb8f862e11f3f9249caf02bbbb9eb
f5134b82d611c669043b8e4edb8506518397e44bfc41fc82fbe7a541e1a3b2e8
f71cfce63919bdba0e16eee386250478bac6af934dc6338be723f400dd559c3e
f98081076194f6885070d6ff9f5b86eb631716f88436a9e787850e6bb110acad
fb6a19dc762d76e22c743e22acced2cd38c0eb9852f4765df8de2e75aefb30e7
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

www.offers.com Open in urlscan Pro 104.16.177.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

133 Requests

98 %HTTPS

51 %IPv6

27 Domains

48 Subdomains

41 IPs

7 Countries

1855 kBTransfer

4598 kBSize

17 Cookies

11 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

www.offers.com Open in urlscan Pro
104.16.177.182 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

98 %
HTTPS

51 %
IPv6

27
Domains

48
Subdomains

41
IPs

7
Countries

1855 kB
Transfer

4598 kB
Size

17
Cookies

133 HTTP transactions
3 data transactions