www.offers.com
Open in
urlscan Pro
104.16.132.186
Public Scan
Submitted URL: http://www.offers.com/
Effective URL: https://www.offers.com/
Submission: On July 01 via manual from US — Scanned from DE
Effective URL: https://www.offers.com/
Submission: On July 01 via manual from US — Scanned from DE
Summary
This website contacted 18 IPs
in 4 countries
across 12 domains to perform 59 HTTP transactions.
The main IP is 104.16.132.186, located in
and
belongs to CLOUDFLARENET, US.
The main domain is www.offers.com.
The Cisco Umbrella rank of the primary domain is 315745.
TLS certificate: Issued by E1 on May 27th 2024. Valid for: 3 months.
This is the only time www.offers.com was scanned on urlscan.io!
TLS certificate: Issued by E1 on May 27th 2024. Valid for: 3 months.
This is the only time www.offers.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
3
23.53.42.168
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-168.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-168.deploy.static.akamaitechnologies.com
| cdn.static.zdbb.net |
2
2a02:26f0:3500:14::1724:a24d
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| cdn.ziffstatic.com |
2
2a00:1450:4001:80e::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
23
2606:4700::6811:579a
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| sgi3.offerscdn.net | |
| sgi2.offerscdn.net | |
| sgi1.offerscdn.net |
1
2a02:26f0:3500:16::215:1495
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| use.typekit.net |
2
63.35.62.126
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-62-126.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-62-126.eu-west-1.compute.amazonaws.com
| zdbb.net |
2
34.231.35.31
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-35-31.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-35-31.compute-1.amazonaws.com
| gurgle.offers.com |
1
52.204.34.112
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-34-112.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-34-112.compute-1.amazonaws.com
| gurgle.zdbb.net |
2
34.196.153.92
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-153-92.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-153-92.compute-1.amazonaws.com
| sp.offers.com |
1
2.16.110.80
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-110-80.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-110-80.deploy.static.akamaitechnologies.com
| cdn.ziffstatic.com |
1
35.175.73.46
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-73-46.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-73-46.compute-1.amazonaws.com
| jogger.zdbb.net |
1
23.212.204.55
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-212-204-55.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-212-204-55.deploy.static.akamaitechnologies.com
| tags.bkrtx.com |
1
35.244.174.68
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
| idsync.rlcdn.com |
1
72.246.169.24
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com
| stags.bluekai.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 23 |
offerscdn.net
sgi3.offerscdn.net — Cisco Umbrella Rank: 358275 sgi2.offerscdn.net — Cisco Umbrella Rank: 349218 sgi1.offerscdn.net — Cisco Umbrella Rank: 352249 |
309 KB |
| 14 |
offers.com
1 redirects
www.offers.com — Cisco Umbrella Rank: 315745 gurgle.offers.com — Cisco Umbrella Rank: 658376 sp.offers.com — Cisco Umbrella Rank: 752016 |
167 KB |
| 7 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 378 |
143 KB |
| 7 |
zdbb.net
1 redirects
cdn.static.zdbb.net — Cisco Umbrella Rank: 20015 zdbb.net — Cisco Umbrella Rank: 13498 gurgle.zdbb.net — Cisco Umbrella Rank: 25830 jogger.zdbb.net — Cisco Umbrella Rank: 20595 |
48 KB |
| 3 |
ziffstatic.com
1 redirects
cdn.ziffstatic.com — Cisco Umbrella Rank: 17924 |
128 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
188 KB |
| 1 |
bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1063 |
|
| 1 |
rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 495 |
98 B |
| 1 |
bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 6871 |
16 KB |
| 1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 653 |
295 B |
| 1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355 |
|
| 1 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 649 |
41 KB |
| 59 | 12 |
| Domain | Requested by | |
|---|---|---|
| 13 | sgi2.offerscdn.net |
www.offers.com
|
| 10 | www.offers.com |
www.offers.com
|
| 7 | cdn.cookielaw.org |
cdn.ziffstatic.com
|
| 6 | sgi3.offerscdn.net |
www.offers.com
|
| 4 | sgi1.offerscdn.net |
www.offers.com
|
| 3 | cdn.ziffstatic.com |
1 redirects
www.offers.com
cdn.ziffstatic.com |
| 3 | cdn.static.zdbb.net |
1 redirects
www.offers.com
cdn.static.zdbb.net |
| 2 | sp.offers.com |
www.offers.com
|
| 2 | gurgle.offers.com |
1 redirects
cdn.static.zdbb.net
|
| 2 | zdbb.net |
cdn.static.zdbb.net
|
| 2 | www.googletagmanager.com |
www.offers.com
|
| 1 | stags.bluekai.com |
tags.bkrtx.com
|
| 1 | idsync.rlcdn.com | |
| 1 | tags.bkrtx.com |
cdn.static.zdbb.net
|
| 1 | jogger.zdbb.net |
cdn.static.zdbb.net
|
| 1 | geolocation.onetrust.com |
cdn.ziffstatic.com
|
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | gurgle.zdbb.net | |
| 1 | use.typekit.net |
www.offers.com
|
| 59 | 19 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.ziffdavis.com |
| www.facebook.com |
| pinterest.com |
| twitter.com |
| www.instagram.com |
| flipboard.com |
| privacy.truste.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| offers.com E1 |
2024-05-27 - 2024-08-25 |
3 months | crt.sh |
| *.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| offerscdn.net E1 |
2024-05-27 - 2024-08-25 |
3 months | crt.sh |
| use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-01 - 2025-03-03 |
a year | crt.sh |
| zdbb.net Amazon RSA 2048 M02 |
2023-11-27 - 2024-12-25 |
a year | crt.sh |
| cookielaw.org Cloudflare Inc ECC CA-3 |
2024-03-01 - 2024-12-31 |
10 months | crt.sh |
| sp.offers.com Amazon RSA 2048 M03 |
2024-02-07 - 2025-03-07 |
a year | crt.sh |
| onetrust.com Cloudflare Inc ECC CA-3 |
2023-11-13 - 2024-11-12 |
a year | crt.sh |
| www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA |
2024-07-01 - 2025-07-01 |
a year | crt.sh |
| *.offers.com Amazon RSA 2048 M03 |
2024-04-16 - 2025-05-16 |
a year | crt.sh |
| *.zdbb.net Amazon RSA 2048 M03 |
2024-02-04 - 2025-03-03 |
a year | crt.sh |
| *.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-06 - 2024-12-05 |
a year | crt.sh |
| *.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2024-02-06 - 2025-03-05 |
a year | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-11 - 2024-12-11 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.offers.com/
Frame ID: A31E39185A82203B0E2E66734748BB90
Requests: 57 HTTP requests in this frame
Frame:
https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2F&phint=bbseg%3D900365&phint=bbseg%3D900366&phint=bbseg%3D900111&phint=bbseg%3D900367&phint=bbseg%3D800021&phint=bbseg%3D800022&phint=bbseg%3D900374&phint=bbseg%3D1100699&phint=bbseg%3D900387&phint=bbseg%3D900263&phint=bbseg%3D900151&phint=bbseg%3D900412&phint=bbseg%3D900160&phint=bbseg%3D8001&phint=bbseg%3D900163&phint=bbseg%3D900189&phint=bbseg%3D900449&phint=bbseg%3D900071&phint=bbseg%3D900331&phint=__bk_t%3DOffers.com%3A%20Today%27s%20Best%20Coupons%2C%20Promo%20Codes%20%26%20Deals&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2F&phint=__bk_v%3D3.1.10&limit=10&r=4342403
Frame ID: 27CEA4D082C8D77B7B78CB7B1FE3DCFF
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Offers.com: Today's Best Coupons, Promo Codes & DealsPage URL History Show full URLs
-
http://www.offers.com/
HTTP 307
https://www.offers.com/ Page URL
Detected technologies
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
OneTrust
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.cookielaw\.org
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
URL: https://www.ziffdavis.com/terms-of-use
Title: we may earn a commission
Title: we may earn a commission
Search URL Search Domain Scan URL
URL: https://www.ziffdavis.com/shopping-privacy-policy
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://www.ziffdavis.com/careers/jobs/
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://www.ziffdavis.com/shopping-privacy-policy/
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: https://www.ziffdavis.com/accessibility/
Title: Accessibility Statement
Title: Accessibility Statement
Search URL Search Domain Scan URL
URL: https://www.ziffdavis.com/terms-of-use/
Title: Terms of Use
Title: Terms of Use
Search URL Search Domain Scan URL
URL: http://www.facebook.com/OffersDOTcom
Search URL Search Domain Scan URL
URL: http://pinterest.com/Offerscom/
Search URL Search Domain Scan URL
URL: https://twitter.com/offers
Search URL Search Domain Scan URL
URL: https://www.instagram.com/offerscom/
Search URL Search Domain Scan URL
URL: https://flipboard.com/@offersdotcom
Search URL Search Domain Scan URL
URL: https://privacy.truste.com/privacy-seal/validation?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c
Title: .truste_svg__cls-4{fill:#004676}
Title: .truste_svg__cls-4{fill:#004676}
Search URL Search Domain Scan URL
URL: https://www.ziffdavis.com/privacy-policy
Title: Our Privacy Policy
Title: Our Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.offers.com/
HTTP 307
https://www.offers.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
- https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
- https://cdn.ziffstatic.com/jst/zdconsent.js HTTP 302
- https://cdn.ziffstatic.com/jst/zdconsent_eu.js
- https://gurgle.offers.com/info?url=https%3A%2F%2Fwww.offers.com%2F&fp=1&lcl_id= HTTP 302
- https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2F&fpx=1&lcl_id=
59 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.offers.com/ Redirect Chain
|
147 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
z0WVjCBSEeGLoxIxOQVEwQ.min.js
cdn.static.zdbb.net/eu/js/ Redirect Chain
|
162 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zdconsent_eu.js
cdn.ziffstatic.com/jst/ Redirect Chain
|
50 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
294 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.offers.com/js/ |
51 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
glide.js
www.offers.com/js/ |
27 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
www.offers.com/css/ |
71 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
glide.css
www.offers.com/css/ |
2 KB 842 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
www.offers.com/js/ |
138 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3730.h312.w1248.flpad.v24.bffffff.jpg
sgi3.offerscdn.net/i/production/published/92/image/ |
56 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3741.h312.w1248.flpad.v16.bffffff.jpg
sgi2.offerscdn.net/i/production/published/92/image/ |
45 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
email-decode.min.js
www.offers.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 808 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
244 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Inter.var.woff2
www.offers.com/fonts/ |
66 KB 66 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
l
use.typekit.net/af/9ff5df/0000000000000000000131a3/27/ |
41 KB 41 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
521.h64.w64.flim.v397.bffffff.png
sgi2.offerscdn.net/i/production/published/5/icon/ |
1 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11279417.h300.w300.flim.v29.bffffff.jpg
sgi2.offerscdn.net/i/production/published/4/image/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
00rSFpYXPhC077JWLfNxS4F.h300.w300.flim.v389.bffffff.png
sgi2.offerscdn.net/i/zdcs-merchants/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
04wzMn7sxlAXVAzNmGnzadB.h300.w300.flim.v607.bffffff.png
sgi3.offerscdn.net/i/zdcs-merchants/ |
30 KB 31 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
06sbwHntnfOnv5sdQQ7wPmx.h300.w300.flim.v352.bffffff.png
sgi1.offerscdn.net/i/zdcs-merchants/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
05iJ80xs1dMUrb71vuRz67e.h300.w300.flim.v578.bffffff.jpg
sgi2.offerscdn.net/i/zdcs-merchants/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
02PwTmJIcSmcrsrTOV80EG8.h300.w300.flim.v586.bffffff.png
sgi3.offerscdn.net/i/zdcs-merchants/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
05QHbi3Qc60UGLbyrX2IKMz.h300.w300.flim.v353.bffffff.png
sgi2.offerscdn.net/i/zdcs-merchants/ |
17 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
05q78EZ8gMnVSVDCU1TVfGD.h300.w300.flim.v188.bffffff.png
sgi3.offerscdn.net/i/zdcs-merchants/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
02zLDwCqTbhlnKCTPdI0yqf.h300.w300.flim.v1389.bffffff.png
sgi1.offerscdn.net/i/zdcs-merchants/ |
6 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
02d6UP4tEzxsZlR8MkTwT63.h300.w300.flim.v1253.bffffff.png
sgi2.offerscdn.net/i/zdcs-merchants/ |
4 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11024160.h300.w300.flim.v13.bffffff.jpg
sgi2.offerscdn.net/i/production/published/4/image/ |
10 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11428344.h300.w300.flim.v1.bffffff.jpg
sgi2.offerscdn.net/i/production/published/4/image/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11431363.h300.w300.flim.v1.bffffff.jpg
sgi2.offerscdn.net/i/production/published/4/image/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10795035.h300.w300.flim.v4.bffffff.jpg
sgi2.offerscdn.net/i/production/published/4/image/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11430869.h300.w300.flim.v1.bffffff.jpg
sgi1.offerscdn.net/i/production/published/4/image/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11423908.h300.w300.flim.v4.bffffff.jpg
sgi2.offerscdn.net/i/production/published/4/image/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3241245.h300.w300.flim.v14.bffffff.jpg
sgi2.offerscdn.net/i/production/published/4/image/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11433712.h300.w300.flim.v1.bffffff.jpg
sgi3.offerscdn.net/i/production/published/4/image/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11433707.h300.w300.flim.v3.bffffff.jpg
sgi3.offerscdn.net/i/production/published/4/image/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10516632.h300.w300.flim.v5.bffffff.jpg
sgi1.offerscdn.net/i/production/published/4/image/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
check_c
zdbb.net/ |
0 382 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
info
gurgle.zdbb.net/ Redirect Chain
|
433 B 634 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4f595d7e-5af5-40fa-bed5-8208a50e5dc0.json
cdn.cookielaw.org/consent/4f595d7e-5af5-40fa-bed5-8208a50e5dc0/ |
5 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
tp2
sp.offers.com/com.snowplowanalytics.snowplow/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
tp2
sp.offers.com/com.snowplowanalytics.snowplow/ |
2 B 293 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.offers.com/visitor/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
59 B 295 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
www.offers.com/ |
15 KB 3 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
otbannersdk.202405.1.0.js
cdn.ziffstatic.com/jst/ |
451 KB 109 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.json
cdn.cookielaw.org/consent/4f595d7e-5af5-40fa-bed5-8208a50e5dc0/018f77b1-6742-7627-b17c-b79906eecea5/ |
124 KB 26 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iab2V2Data.json
cdn.cookielaw.org/vendorlist/ |
579 KB 74 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
googleData.json
cdn.cookielaw.org/vendorlist/ |
57 KB 16 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otTCF.js
cdn.cookielaw.org/scripttemplates/202405.1.0/ |
60 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otFloatingRounded.json
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ |
10 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202405.1.0/assets/ |
24 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4f0e741e3bac4920ad2428a64a3fdb98
gurgle.offers.com/set_fpid/offers.com/c/ |
2 B 220 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
check
jogger.zdbb.net/ |
5 B 232 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zd-core-olt.min.js
cdn.static.zdbb.net/js/ |
830 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bk-coretag.js
tags.bkrtx.com/js/ |
51 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ |
43 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
425686.gif
idsync.rlcdn.com/ |
0 98 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
30629
stags.bluekai.com/site/ Frame 27CE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
62 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| zdconsent object| dataLayer object| blizzardConfig object| zd function| lr_Envelope object| ats object| zdcoreLICallbacks object| zdcoreZpackCallbacks object| googletag function| __zdcLoadOT function| __ZDConsentSetCookie function| __ZDConsent2 function| __uspapi object| pbjs object| adsbygoogle function| ga boolean| gtag_enable_tcf_support function| gtag object| uetq function| OptanonWrapper object| google_tag_manager object| google_tag_data object| webpackChunk object| PushlySDK object| Alpine object| blizzard object| gaGlobal function| postscribe object| google_tag_manager_external string| OnetrustActiveGroups string| OptanonActiveGroups function| __tcfapi object| otStubData number| __ZDConsentOTLoaded object| OneTrustStub object| OneTrust object| otIabModule object| Optanon string| __ZD_CPID_ object| __ZD_USEG_ object| __ZD_SEG_ object| zdcoreGurgleCallbacks object| zdcoreSignalBuffer object| zdcoreFunctionBuffer object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .offers.com/ | Name: __cf_bm Value: nsrmNRTItvblFDD5Eck7BM4erI.ImhQmbtoPk64y.GE-1719857134-1.0.1.1-apV2n.pwn4HtA9GQxUTUF_tFnsrkSm4Vr6hRHkshF9_iCy_3fODpionSFeW7_l1ZnGHEiH80tCsEMzuh7gL.Dw |
|
| .offers.com/ | Name: zd_session_id Value: e94a817b-5d41-4fbc-97ad-764e18a4ce46 |
|
| www.offers.com/ | Name: fu Value: 1 |
|
| www.offers.com/ | Name: _sp_ses.42cc Value: * |
|
| www.offers.com/ | Name: _sp_id.42cc Value: 100f9cd8-c077-40ba-b50a-0a6d96bea728.1719857135.1.1719857135..2a4f014b-ef37-4899-a342-582ac802911b..bcfb416a-7b98-476f-b168-6f3ce49f5c96.1719857135418.1 |
|
| .offerscdn.net/ | Name: __cf_bm Value: U7rj.FAzlJgHdwSxs_Nz.SEwx8niCfm2Brsd8Np7ZPA-1719857135-1.0.1.1-sXlbFu7iSLnESHNStUU9skmXCdmCEyTItg2cymrQwJH7YOxMZMSKaze_ktAk01iDY7lPQxcTh0jEu3zH_gK8CQ |
|
| .zdbb.net/ | Name: h_zdbb Value: 4f0e741e3bac4920ad2428a64a3fdb98 |
|
| .zdbb.net/ | Name: csp Value: 0 |
|
| www.offers.com/ | Name: ouid Value: eyJpdiI6IjIybSt1eEQ3eHFwcERFUVdDMkVtc1E9PSIsInZhbHVlIjoiK0IyWmV4ZXE3dkFFRytiTlVIcXgrcU1vZlNyN2hyeWtyUGV0SStVLzA4cFVsN0prZmhUUzVRVGU3UVJJQmtwWFJ5azYxS0hIaE5kTVVWWG95eHBhU3c9PSIsIm1hYyI6IjVjZmViYzBhMWQ3NzI1NDZhMjBhNjVlOTg1Y2JhODFlNzk2MTMyNDY5YjZlM2I4MTBmYjc4NmIxYWM2YmViMTQiLCJ0YWciOiIifQ%3D%3D |
|
| .offers.com/ | Name: sp Value: 0da14bb1-777d-4aa7-b728-aec63135115c |
|
| .offers.com/ | Name: h_zdbb Value: 4f0e741e3bac4920ad2428a64a3fdb98 |
|
| .offers.com/ | Name: zpack Value: eyJ6ZGJiIjoiNGYwZTc0MWUzYmFjNDkyMGFkMjQyOGE2NGEzZmRiOTgiLCJmcGlkIjpudWxsLCJwcGlkIjoiNGYwZTc0MWUzYmFjNDkyMGFkMjQyOGE2NGEzZmRiOTgiLCJ1ZV9tMnMiOiIiLCJsY2xfaWQiOiIiLCJsb2MiOiJodHRwczovL3d3dy5vZmZlcnMuY29tLyIsInB2X2lkIjoiOGEzZGI3ZDgtNzExMi00YWQ2LWFiOGMtNGY1NzZkNmMzMDM3Iiwic2Vzc19pZCI6ImU5NGE4MTdiLTVkNDEtNGZiYy05N2FkLTc2NGUxOGE0Y2U0NiJ9 |
|
| www.offers.com/ | Name: lrswap Value: 1 |
|
| .offers.com/ | Name: opt_out Value: 1 |
|
| .offers.com/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Jul+01+2024+20%3A05%3A36+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202405.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=d69f5451-9ce5-4987-88d7-5378ca446599&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.offers.com%2F&groups=C0001%3A1%2CC0004%3A0%2CC0002%3A0%2CC0003%3A0%2CV2STACK42%3A0&genVendors= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.cookielaw.org
cdn.static.zdbb.net
cdn.ziffstatic.com
geolocation.onetrust.com
gurgle.offers.com
gurgle.zdbb.net
idsync.rlcdn.com
jogger.zdbb.net
region1.google-analytics.com
sgi1.offerscdn.net
sgi2.offerscdn.net
sgi3.offerscdn.net
sp.offers.com
stags.bluekai.com
tags.bkrtx.com
use.typekit.net
www.googletagmanager.com
www.offers.com
zdbb.net
104.16.132.186
2.16.110.80
2001:4860:4802:34::36
23.212.204.55
23.53.42.168
2606:4700:4400::6812:2089
2606:4700::6811:579a
2606:4700::6813:b234
2a00:1450:4001:80e::2008
2a02:26f0:3500:14::1724:a24d
2a02:26f0:3500:16::215:1495
34.196.153.92
34.231.35.31
35.175.73.46
35.244.174.68
52.204.34.112
63.35.62.126
72.246.169.24
1c97bb04727edc37ee8d11fb57903bc56dcf99d6fe285797203a2fb40504dbf2
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c4f98e7a832e47e457a672bac73d7ed735fc57bc1831313bf74edf6a76db4ee
3273cf3eb2c916fb9ad65fa33bd64baf95345e11a894de19255a70d70e80f4ae
36eea934e4764e132fa4080637d172ed3ffdec68d09d56198711400d890dc648
40b072a01eba82ec23f47dfdde9afb1855acb8f211d821eea7f889ae29f4fbd0
469970139b65ffa44961ccbd68cdd60bce4138ad6ce132a4ff094040289cec86
474e882d924d272fdd45245d3c29016c72828caa2356a8790196ab67ad824039
4a5a2614eb666fe0d6c526f3c0d7dddecce1fcfe2b41966d3cd29e1ea70a0371
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4e77f2e2183b849b3c947b2048d50eec75dd916b882d74e8c7bd9d4a2a4ae902
521e4a1c58e277f8ecb0cbcd0d658d050004eaf4c0b5ae547d9fc81b1307ebdd
564d3b89cbd5dcfd40ecd0345834fa824e69d44d1105ccdf3a75598a6daaa6f1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
580b9e50b5284f6a4cd0b5ccdc2d0b87e8dc8ee044d587b73356e2c241d625b4
5ab37aaf24177ede346ea28037a1f2e2d5233d598c64ab954ae19c465e9cdee5
60b4dfa9bdaaf93148ec86d6807faab81e5cc24c8e85e984bc70b4cfa35e7b19
617a293e6f248ba83b9d5ddaf1ee3e0a2d18586be506e1edb7c49bf3ae73fc76
6610758b708e904a018fe9a5e6bc899acb5966fc5ff5ae2edc74cedf113615a4
6752f0a6f5827ef770d187e182763f74f4a71cac7b2330d6749f02d74dab54a6
6a282b37563631532aa2d0bded790fdb559b5716c0171721f7026805fdc189b4
70b44e9a496a5748c9272156ed0b3295f86a4415229ad5add76a310c5d89acac
770b14edf426e2fcb776e866363db14625e9ceaf2f465b6ad9f89a43a9f0f647
771b04f9a0be7c76370327d32b2899fc4a719d585b58c621c8a8e7c4137fc312
7a9de586c933625e4abed027f60939730766f2e05828746662dc44ed00f62de8
7ff73daf97e82d1196a14c2e6626c972aa9f5c2ce4e7b0e4e758c775ccf7db75
828aaa27fcc5b3e4dbc4129a9d74e5bbcc7a24309095a503707ce8cd0e305b7f
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8c9a00b773e3175483ea746c8327c6501196ecbd8e80635e48dba207f7eef82b
8d3d88db65d21bf45be1615cc3fdd8b50e406859303c592e36073d5bafaf2d9a
98dd556a63c229f80217c4dd8d1321a91ece35e4e8cae83b23a9a5277110097d
9b109500c82d93fafd7cd8749959ba066a7a170afb843a976d90bb1292fbc10d
a11b1b6f940ae4d44d5fa21f012e0eb8c0ab5302adff5611945bc7271c8c20a8
a44a3b712aab692268899cb0dc6bac64164749f6fc171adc3764e000e90425f1
a4b58ed77e412bce904533660fd3e71781409b1cb39b04dac2915375304631a9
ad3ffedc022aeb62910879f1df2b8c392ce1de448721293289aa83beff31f73b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b62994a1921d13bf87f08640b2814e362de95338dacbe04ea8b06bf867b50e2d
c1ff17896b8bc20ffe90d6e9da489d5ffa54cc6dcce07468c211efd3c4d92ace
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
cd5021d19e4a2a27625672a40fada7bae49856bec9d643cc4c3caf11525ac76e
d06c491720adfb16addae9ef616e7fb25b20f50c967d93be71a8184bdb6311ba
d178cd5f293bf26d6d4506c0e380850f07628513a47814d4a94fe0a3a21c93b6
d1b0d33575b0e0174aed836b6131d4a81fe048d5948be8d6620d80d16c4afd42
dc4491fbee22d14e44b79a85c6935efc625fc65c87b7830c4feb701bc5f3fe5f
dd7fb13850c0cd7fdc2cf314b19fa2b7a84229f80320fe34a689cab21d8dfa47
dec27a199d68e827019c7d74830ed6d336c299245eb6abe316b342ff7bd7eb09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
e6b3faf164b6dc994776b23e5f3b5a325813e30f7ebce47d956071aa157ced0e
ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c
f37bfbfb9b66a9c3b655ea0e38341cf392611bb5424900db83edf85b28622b14