www.offers.com Open in urlscan Pro
104.16.177.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.offers.com/adp/
Effective URL:
https://www.offers.com/stores/adp/
Submission: On January 04 via manual (January 4th 2022, 4:00:04 am UTC) from SG — Scanned from DE

Summary HTTP 120 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 26 domains to perform 120 HTTP transactions. The main IP is 104.16.177.182, located in and belongs to CLOUDFLARENET, US. The main domain is www.offers.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	104.16.177.182 104.16.177.182	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 4	95.100.153.122 95.100.153.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2606:4700::68... 2606:4700::6812:9c32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:9e32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.248.89 18.66.248.89	16509 (AMAZON-02) (AMAZON-02)
2	104.89.44.146 104.89.44.146	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	95.100.153.90 95.100.153.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:401... 2a00:1450:4019:803::200a	15169 (GOOGLE) (GOOGLE)
1	3.224.252.100 3.224.252.100	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	54.78.51.81 54.78.51.81	16509 (AMAZON-02) (AMAZON-02)
4	108.156.255.177 108.156.255.177	16509 (AMAZON-02) (AMAZON-02)
1 2	54.82.206.153 54.82.206.153	14618 (AMAZON-AES) (AMAZON-AES)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c004... 2602:803:c004:200::143	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	51.75.146.200 51.75.146.200	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	54.217.99.203 54.217.99.203	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	54.161.40.243 54.161.40.243	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:401... 2a00:1450:4019:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.228.50.94 34.228.50.94	14618 (AMAZON-AES) (AMAZON-AES)
1	104.89.33.102 104.89.33.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	142.250.181.2 142.250.181.2	15169 (GOOGLE) (GOOGLE)
120	43

23 104.16.177.182 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:f7::5c7b:e160 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.ziffstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.100.153.122 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-122.deploy.static.akamaitechnologies.com

cdn.static.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:9c32 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi3.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sgi.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:9e32 (United States)

ASN13335 (CLOUDFLARENET, US)

sgi1.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sgi2.offerscdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-89.dus51.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.44.146 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-44-146.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.153.90 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-90.deploy.static.akamaitechnologies.com

zdstatic.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:803::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.224.252.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-252-100.compute-1.amazonaws.com

preferences.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.51.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-51-81.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.206.153 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-206-153.compute-1.amazonaws.com

gurgle.offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gurgle.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

ziffdavis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.200 (France)

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.217.99.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-99-203.eu-west-1.compute.amazonaws.com

zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.40.243 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-40-243.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4019:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.50.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-50-94.compute-1.amazonaws.com

jogger.zdbb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.33.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-33-102.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fjr04s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	offers.com 3 redirects www.offers.com zdstatic.offers.com gurgle.offers.com	720 KB
21	googlesyndication.com b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	122 KB
12	offerscdn.net sgi3.offerscdn.net sgi.offerscdn.net sgi1.offerscdn.net sgi2.offerscdn.net	50 KB
9	zdbb.net 1 redirects cdn.static.zdbb.net gurgle.zdbb.net zdbb.net jogger.zdbb.net	28 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	177 KB
6	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	2 KB
6	ziffstatic.com cdn.ziffstatic.com	196 KB
4	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	amazon-adsystem.com c.amazon-adsystem.com	5 KB
4	evidon.com c.evidon.com l.evidon.com	2 KB
3	bing.com bat.bing.com	11 KB
3	openx.net 1 redirects ziffdavis-d.openx.net eu-u.openx.net us-u.openx.net	8 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	criteo.net static.criteo.net	55 KB
2	googletagmanager.com www.googletagmanager.com	114 KB
2	google.de adservice.google.de www.google.de	1 KB
2	id5-sync.com cdn.id5-sync.com id5-sync.com	11 KB
2	truste.com privacy-policy.truste.com preferences.truste.com	12 KB
1	bluekai.com stags.bluekai.com	338 B
1	krxd.net cdn.krxd.net	399 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	rubiconproject.com fastlane.rubiconproject.com	3 KB
1	casalemedia.com htlb.casalemedia.com	329 B
1	adsafeprotected.com pixel.adsafeprotected.com	534 B
1	googleapis.com ajax.googleapis.com	34 KB
120	26

	Domain	Requested by
23	www.offers.com	1 redirects www.offers.com ajax.googleapis.com
15	tpc.googlesyndication.com	www.offers.com b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
8	sgi.offerscdn.net	www.offers.com
6	cdn.ziffstatic.com	www.offers.com zdstatic.offers.com cdn.ziffstatic.com
5	securepubads.g.doubleclick.net	www.offers.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c.amazon-adsystem.com	cdn.ziffstatic.com
4	cdn.static.zdbb.net	1 redirects www.offers.com cdn.static.zdbb.net
3	gum.criteo.com	1 redirects static.criteo.net
3	zdbb.net	www.offers.com cdn.static.zdbb.net
3	www.google.com	1 redirects www.offers.com tpc.googlesyndication.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.offers.com
3	www.google-analytics.com	www.offers.com www.google-analytics.com www.googletagmanager.com
2	mug.criteo.com
2	static.criteo.net	cdn.ziffstatic.com static.criteo.net
2	googleads.g.doubleclick.net	b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
2	l.evidon.com	www.offers.com
2	www.googletagmanager.com	www.offers.com www.googletagmanager.com
2	b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	zdstatic.offers.com	1 redirects www.offers.com
2	c.evidon.com	www.offers.com zdstatic.offers.com
2	sgi3.offerscdn.net	www.offers.com
1	us-u.openx.net
1	cm.g.doubleclick.net	1 redirects
1	eu-u.openx.net	1 redirects
1	stags.bluekai.com	tags.bkrtx.com
1	cdn.krxd.net	cdn.static.zdbb.net
1	tags.bkrtx.com	cdn.static.zdbb.net
1	jogger.zdbb.net	cdn.static.zdbb.net
1	www.googletagservices.com	b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
1	www.google.de	www.offers.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ziffdavis-d.openx.net	cdn.ziffstatic.com
1	fastlane.rubiconproject.com	cdn.ziffstatic.com
1	htlb.casalemedia.com	cdn.ziffstatic.com
1	bidder.criteo.com	cdn.ziffstatic.com
1	cdn.id5-sync.com	www.offers.com
1	gurgle.zdbb.net	www.offers.com
1	gurgle.offers.com	1 redirects
1	pixel.adsafeprotected.com	cdn.ziffstatic.com
1	preferences.truste.com	www.offers.com
1	ajax.googleapis.com	www.offers.com
1	privacy-policy.truste.com	www.offers.com
1	sgi2.offerscdn.net	www.offers.com
1	sgi1.offerscdn.net	www.offers.com
120	48

This site contains links to these domains. Also see Links.

Domain
www.creditcardsexplained.com
www.ziffdavis.com
www.facebook.com
pinterest.com
twitter.com
www.instagram.com
flipboard.com
privacy.truste.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
www.ziffdavis.com COMODO RSA Organization Validation Secure Server CA	`2021-03-03` - `2022-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.evidon.com DigiCert SHA2 Secure Server CA	`2021-05-30` - `2022-06-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
cdn.id5-sync.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
zdbb.net Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.zdbb.net Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2021-04-02` - `2022-04-07`	a year	crt.sh
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-02-08` - `2022-02-07`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.offers.com/stores/adp/
Frame ID: DFF65801B2A9EAB1E4C77C379968986A
Requests: 93 HTTP requests in this frame

Frame: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 848139CDFFF66C67BFDBB572C4899D50
Requests: 1 HTTP requests in this frame

Frame: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DE29D51DB55452D3EA0F2853F5B275AF
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html
Frame ID: C1A0640BFB70DFCD1DA65FC2197DD921
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DE15CF22BFC52ACD7A4F0FC2952F3082
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.offers.com&gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA
Frame ID: 12F6DE10C64731D15CF00F7ACB8461BC
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=offersbrand%3Dstores&phint=bbseg%3D900263&phint=bbseg%3D900331&phint=bbseg%3D900365&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D900374&phint=bbseg%3D900376&phint=__bk_t%3DADP%20Promo%20Codes%20%26%20Coupons%202022&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=__bk_v%3D3.1.10&limit=10&r=14370145
Frame ID: 50BCA8E13D30A598FBFF5D0D9BADF267
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB38CA60FDAFA830AF97A81AB9669312
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 367A4C985E68868963F8783FEE706BC4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ADP Promo Codes & Coupons 2022

Page URL History Show full URLs

https://www.offers.com/adp/ HTTP 301
https://www.offers.com/stores/adp/ Page URL

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+class="[^"]*pure-u-(?:sm-|md-|lg-|xl-)?\d-\d

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

96 %
HTTPS

47 %
IPv6

26
Domains

48
Subdomains

43
IPs

6
Countries

1625 kB
Transfer

4153 kB
Size

26
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.creditcardsexplained.com/
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/terms-of-use
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.creditcardsexplained.com/articles
Title: Credit Card Blog

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.ziffdavis.com/accessibility
Title: Accessibility Statement

Search URL Search Domain Scan URL

URL: http://www.facebook.com/OffersDOTcom

Search URL Search Domain Scan URL

URL: http://pinterest.com/Offerscom/

Search URL Search Domain Scan URL

URL: https://twitter.com/offers

Search URL Search Domain Scan URL

URL: https://www.instagram.com/offerscom/

Search URL Search Domain Scan URL

URL: https://flipboard.com/@offersdotcom

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.offers.com/adp/ HTTP 301
https://www.offers.com/stores/adp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js HTTP 303
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Request Chain 24

https://zdstatic.offers.com/jst/zdconsent.js HTTP 302
https://zdstatic.offers.com/jst/eu/zdconsent.js

Request Chain 45

https://gurgle.offers.com/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fp=1 HTTP 302
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1

Request Chain 106

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.offers.com%2F&domain=www.offers.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JwbDMnxmUjc5eVFzS205VGcvVEg3bGxoNWVJQ3o2VkxwUU5YOFA5MmJ3S1RDdUowdG1YTVIxYUEvNlFIMkpxNWlkalBCOU1rOUJxd1E5Z3ZQY2dVQWhMeWR3OXRQMWNvOEU1c0Q5UlRzeHNUVGlXT1hwMzdrTzE5cmM0Ykg4c2tzZ3VjZkxRcWZaVlRiK3lrT1VuWm8rZWlkSTNTWDkzL24xN3VxMXZ1WjJ3Y1dQUDVUbUxycXRwQzI1d2xXRWZ1UDFuNGlETnZ6ZWI2Tjl0dG56ejdTZVY5QU5xT0lFZzZhc3dXeEtqaTI0MDZXSDN3PXw&cppv=2

Request Chain 118

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELieIFebMM9SHgP0bqH6tPY&google_cver=1

120 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.offers.com/stores/adp/
Redirect Chain

https://www.offers.com/adp/
https://www.offers.com/stores/adp/

36 KB
8 KB

407ms
406ms

Document
text/html

104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7667f6091a46a095a88bf2f490fce3c15e4a68b16ac2de29b25cca88f674fce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 04 Jan 2022 03:59:57 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6c818ea0eba37037-FRA
content-encoding: gzip

Redirect headers

date: Tue, 04 Jan 2022 03:59:57 GMT
content-type: text/html; charset=UTF-8
location: https://www.offers.com/stores/adp/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6c818ea00a687037-FRA

GET
H2 200 vendor.css
www.offers.com/assets/v1634679975/ 48 KB
10 KB 19ms
18ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/vendor.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6588672
cf-polished: origSize=48922
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:30 GMT
server: cloudflare
etag: W/"61647a92-bf1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6c818ea39f887037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 base.css
www.offers.com/assets/v1634679975/ 136 KB
27 KB 28ms
27ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ff7c66b66c944275642b55491e432a38242f8ab90574c92db16265b176aae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6588672
cf-polished: origSize=139160
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:55 GMT
server: cloudflare
etag: W/"61647aab-21f98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6c818ea39f897037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 base-async.css
www.offers.com/assets/v1634679975/ 4 KB
1 KB 17ms
16ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base-async.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6588672
cf-polished: origSize=3838
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:59 GMT
server: cloudflare
etag: W/"61647aaf-efe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6c818ea39f8a7037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 merchant.css
www.offers.com/assets/v1634679975/ 19 KB
4 KB 18ms
17ms Stylesheet
text/css 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/merchant.css

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9084b24863c91948a8a44b2143b64cd4d9c72ac1f796f1f3243f9e1aca80b1d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5928514
cf-polished: origSize=19335
cf-bgj: minify
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 21:46:52 GMT
server: cloudflare
etag: W/"616f3ccc-4b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 6c818ea39f8b7037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 offers.js Show response
cdn.ziffstatic.com/pg/ 34 KB
13 KB 126ms
15ms Script
application/javascript 2a02:26f0:f7::5c7b:e160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/pg/offers.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4b42885aff72886a45200a0f8640e4221290c4cc4661fd036d7f8908d8baceb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: cabCOFzWJhyVp.MuJFwzzKWcR.kpLe9f
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 17:41:59 GMT
x-amz-request-id: 4YAPHHNXFP0M2ERP
etag: "4d4a4f92e5c8520ab9f91e4efd086767"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=3600
date: Tue, 04 Jan 2022 03:59:58 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 12968
x-amz-id-2: 72fybhlAStXqvR7Ucu9rCZnGmbNjt4kPChrc8d0VgdlYXqNHt5U2r5aP/S7JXtSrGvHbOHcOI68=
expires: Tue, 04 Jan 2022 04:59:58 GMT

GET
H2 200 offers.prebid.js Show response
cdn.ziffstatic.com/pg/ 471 KB
138 KB 137ms
22ms Script
application/javascript 2a02:26f0:f7::5c7b:e160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4631094b53f0fda833f0eeda1fb477463e877e78f3b4d71b9548d862381376c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 7np4FDhXdyEE0wl8qFb2QW0.WBxPgzcQ
content-encoding: gzip
last-modified: Thu, 02 Dec 2021 23:46:07 GMT
x-amz-request-id: NZAZ0VCHYKEH1AGF
etag: "a42f0eca18c1ccc76408e6cbc62a9c6a"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=72170
date: Tue, 04 Jan 2022 03:59:58 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 140918
x-amz-id-2: ycG7HjdwCDTvxWh0yckjXi8RzhfnzhNG+/PQhKtzKdndCv9qD01UCvphObrZ2s40BM5D/3IYeXU=
expires: Wed, 05 Jan 2022 00:02:48 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 53ms
20ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1091 / 101 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jan 2022 03:59:58 GMT

GET
H2

200

z0WVjCBSEeGLoxIxOQVEwQ.min.js Show response
cdn.static.zdbb.net/eu/js/
Redirect Chain

https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

90 KB
26 KB

8ms
7ms

Script
application/javascript

95.100.153.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 95.100.153.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69a429e2c68e54fa79488bbf4aa386ab36bf7febbea057ff43d6ddf5e273130e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 9oZK2oMcD.X7824aCfwIyCTr43sAufJ4
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 15:41:08 GMT
x-amz-request-id: JWGCQYWD12Z2XKAZ
date: Tue, 04 Jan 2022 03:59:58 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25816
x-amz-id-2: fpgeENwHgHZdeCD4AP2g65uipnUojpKStqaWcUrdyH56bPQyMYOoyvvnpOrX/iFBK3aWdsc8V/k=
expires: Wed, 05 Jan 2022 03:59:58 GMT

Redirect headers

location: https://cdn.static.zdbb.net/eu/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
date: Tue, 04 Jan 2022 03:59:58 GMT
cache-control: max-age=86400
core-eu: Yes
content-length: 0
expires: Wed, 05 Jan 2022 03:59:58 GMT

GET
H2 200 logo.svg
www.offers.com/images/v1634679975/ 12 KB
4 KB 27ms
25ms Image
image/svg+xml 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1634679975/logo.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2961e633fb39fe8c91ac7abd6ec011933478e58dff1e944924568f9cdddec7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 15:09:29 GMT
server: cloudflare
age: 1219480
etag: W/"60e71529-2e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
strict-transport-security: max-age=31536000
cf-ray: 6c818ea3af9c7037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 611.v69.png
sgi3.offerscdn.net/i/production/published/5/topnav_image/ 1 KB
2 KB 98ms
30ms Image
image/webp 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi3.offerscdn.net/i/production/published/5/topnav_image/611.v69.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b8792f64595a8e4e70b724bc196ab026a895a83438fbd7ea0822c970fa167ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
vary: Accept
cf-cache-status: HIT
age: 545952
cf-polished: origFmt=png, origSize=3262
content-disposition: inline; filename="611.webp"
content-length: 1448
last-modified: Tue, 28 Dec 2021 20:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Wed, 04 Jan 2023 03:59:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea41839374f-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 023WOEB8HmIjus0qt9cQuqx.h90.w170.flpad.v28.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 14 KB
14 KB 374ms
322ms Image
image/png 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/023WOEB8HmIjus0qt9cQuqx.h90.w170.flpad.v28.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca70d63095e7c4605d868283368aaea6edf6f6a984509029636bc792494212bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea3f822374f-MXP
content-length: 14165
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 1087871.h80.w140.flpad.v15.bffffff.jpg
sgi1.offerscdn.net/i/production/published/4/image/ 2 KB
2 KB 422ms
368ms Image
image/jpeg 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi1.offerscdn.net/i/production/published/4/image/1087871.h80.w140.flpad.v15.bffffff.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3847b1c31663d53c1518509c0eac2d5902f4b20ecd2cc64b63416a009b8a2937

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea40b9b374e-MXP
content-length: 1984
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 51.h60.w60.flim.v1.jpg
sgi2.offerscdn.net/i/production/published/141/image/ 1 KB
2 KB 261ms
24ms Image
image/jpeg 2606:4700::6812:9e32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi2.offerscdn.net/i/production/published/141/image/51.h60.w60.flim.v1.jpg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9e32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252e614bb588005cf8ceb73905e2b16e5cf048509b4ff6d6c49852524af9f000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2694331
cf-polished: status=not_needed
content-length: 1213
last-modified: Fri, 03 Dec 2021 23:34:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
expires: Wed, 04 Jan 2023 03:59:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea52c06374e-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 64.h60.w60.flim.v1.png
sgi3.offerscdn.net/i/production/published/141/image/ 5 KB
5 KB 96ms
29ms Image
image/webp 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi3.offerscdn.net/i/production/published/141/image/64.h60.w60.flim.v1.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97af3844528504a94b86bd7ff9ccde8429c9463bda39603e045271fc5332d397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
vary: Accept
cf-cache-status: HIT
age: 383552
cf-polished: origFmt=png, origSize=7277
content-disposition: inline; filename="64.webp"
content-length: 4734
last-modified: Thu, 30 Dec 2021 17:27:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Wed, 04 Jan 2023 03:59:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea4183a374f-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 02r13VaP3HsZe2Xgxcgango.h90.w134.flpad.v262.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
3 KB 86ms
35ms Image
image/webp 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02r13VaP3HsZe2Xgxcgango.h90.w134.flpad.v262.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65aae457eea154a8824bf40c7051a4d712c0c73bb570f8fc0e9c9be03b5b63b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
vary: Accept
cf-cache-status: HIT
age: 728186
cf-polished: origFmt=png, origSize=3683
content-disposition: inline; filename="02r13VaP3HsZe2Xgxcgango.webp"
content-length: 2528
last-modified: Sun, 26 Dec 2021 17:43:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/webp
expires: Wed, 04 Jan 2023 03:59:58 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea3f824374f-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 01Z9Y1nEbhzHVHVugGY8cJZ.h90.w134.flpad.v226.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 6 KB
6 KB 446ms
395ms Image
image/png 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/01Z9Y1nEbhzHVHVugGY8cJZ.h90.w134.flpad.v226.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82464f7dc08fe4bb9601d0c8450ab34cf1685369cc75e3afc4470f8a76ef9c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea3f825374f-MXP
content-length: 6398
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 02Owc5Scp8XPPxwXylqqI3J.h90.w134.flpad.v193.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 3 KB
3 KB 420ms
369ms Image
image/png 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/02Owc5Scp8XPPxwXylqqI3J.h90.w134.flpad.v193.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc42f2f5ac3e38fe0f34ef2f7527b3b15e36597d9538253a5ae885541fecd98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea3f826374f-MXP
content-length: 2609
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 01cvmMLT9dy242wSb8auX2H.h90.w134.flpad.v53.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 2 KB
2 KB 366ms
327ms Image
image/png 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/01cvmMLT9dy242wSb8auX2H.h90.w134.flpad.v53.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7217dd7bb4ee20316074b91a71a46f16641df9364cc89373389c2f28fbe7fd69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea3f827374f-MXP
content-length: 2121
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 03fd4hd63sRglytbFvf2pSZ.h90.w134.flpad.v12.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 5 KB
5 KB 559ms
559ms Image
image/png 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/03fd4hd63sRglytbFvf2pSZ.h90.w134.flpad.v12.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23b07dfcfc6cf6316125602e1a5fd2b8c3152d84214c22a49480a998a561f3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea4082b374f-MXP
content-length: 4706
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 073LZ4sVmApkG8dOJjb3hTj.h90.w134.flpad.v70.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 4 KB
4 KB 318ms
318ms Image
image/png 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/073LZ4sVmApkG8dOJjb3hTj.h90.w134.flpad.v70.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04d26958916afa20fd0f761c080aa2e10cf589469e22969e3039d04503a381c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea4082d374f-MXP
content-length: 4070
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 05Vna0u5ROfQ5XgDugnuP3E.h90.w134.flpad.v17.bffffff.png
sgi.offerscdn.net/i/zdcs-merchants/ 4 KB
4 KB 321ms
321ms Image
image/png 2606:4700::6812:9c32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sgi.offerscdn.net/i/zdcs-merchants/05Vna0u5ROfQ5XgDugnuP3E.h90.w134.flpad.v17.bffffff.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:9c32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de6fc7b00f23c65bd792ef01e6adf3002fa8ad5e18abeae38c6aebeef644393c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jan 2022 03:59:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
cf-ray: 6c818ea4082e374f-MXP
content-length: 3891
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 logo-teal.svg
www.offers.com/images/v1634679975/ 12 KB
4 KB 25ms
24ms Image
image/svg+xml 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/v1634679975/logo-teal.svg

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d1ca10f6b7666e93d493bfb6a6748f380addb42602ee797994469c077c24837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 08 Jul 2021 15:09:29 GMT
server: cloudflare
age: 1219480
etag: W/"60e71529-2e21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
strict-transport-security: max-age=31536000
cf-ray: 6c818ea3af9e7037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 11 KB
11 KB 76ms
10ms Image
image/svg+xml 18.66.248.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=ce211316-dfd0-4abb-8bfb-9cb70de1e37c

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-89.dus51.r.cloudfront.net

Software

TXS /

Resource Hash

4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 03 Jan 2022 11:51:18 GMT
Via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 97705
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10781
X-Xss-Protection: 1; mode=block, 1; mode=block
Server: TXS
ETag: W/"10781-1594834140000"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: max-age=0
X-Amz-Cf-Pop: DUS51-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: iOufqOuzvBHQhJDnO779x8eDIO848elBp0Zcuwh7g5L-LxFg9FAk7g==

GET
H2 200 icong1.png
c.evidon.com/pub/ 600 B
907 B 31ms
7ms Image
image/png 104.89.44.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/icong1.png
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.89.44.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-44-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
last-modified: Tue, 21 May 2019 16:14:21 GMT
server: AkamaiNetStorage
etag: "d08da9f445b63100a56646de99043059:1558455261"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 623

GET
H2

200

zdconsent.js Show response
zdstatic.offers.com/jst/eu/
Redirect Chain

https://zdstatic.offers.com/jst/zdconsent.js
https://zdstatic.offers.com/jst/eu/zdconsent.js

32 KB
12 KB

386ms
386ms

Script
application/javascript

95.100.153.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://zdstatic.offers.com/jst/eu/zdconsent.js
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 95.100.153.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-90.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd68c67975a3c5901ca09f9e7453b862bbcff12b7ba742b663cd55648b3d2e77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: AcJf.Sj.CGPknhY6290AKKKdUNayVqJW
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 20:33:54 GMT
x-amz-request-id: PTCNFVRDFW315C8E
etag: "7fa82de35b3ebc0ee3733334d39c3926"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 04 Jan 2022 03:59:58 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 11611
x-amz-id-2: NS+/2GUNx1nW3SMYus/RnN1OWxLrcdh+wSPAEEca7BpIVRu2eRnukrA6LQkVXFeV3kUubSPaA3s=
expires: Wed, 05 Jan 2022 03:59:58 GMT

Redirect headers

location: https://zdstatic.offers.com/jst/eu/zdconsent.js
date: Tue, 04 Jan 2022 03:59:58 GMT
cache-control: max-age=86400
content-length: 0
expires: Wed, 05 Jan 2022 03:59:58 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 468ms
119ms Script
text/javascript 2a00:1450:4019:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 05:18:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Dec 2022 05:18:46 GMT

GET
H2 200 js Show response
preferences.truste.com/webservices/ 3 KB
1 KB 312ms
98ms Script
text/javascript 3.224.252.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://preferences.truste.com/webservices/js?&domain=ziffdavis.com&type=ziffdavis&js=2
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.252.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-252-100.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
server: Apache/2.4.7 (Ubuntu)
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1106
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vendor.js Show response
www.offers.com/assets/v1634679975/ 177 KB
54 KB 28ms
25ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/vendor.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f150dfeb4a0e6537529a23567ac44f32145446404e72f11e30c3114fc9bbf5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6588672
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:34 GMT
server: cloudflare
etag: W/"61647a96-2c290"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6c818ea3af967037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 base.js Show response
www.offers.com/assets/v1634679975/ 45 KB
11 KB 20ms
17ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/base.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da5523987f1aa265f170cf27232c760db70775bb65e604ce85a4b1ab2ce74dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6588671
cf-bgj: minify
vary: Accept-Encoding
last-modified: Mon, 11 Oct 2021 17:55:56 GMT
server: cloudflare
etag: W/"61647aac-b333"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6c818ea3af987037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 merchant.js Show response
www.offers.com/assets/v1634679975/ 13 KB
4 KB 22ms
19ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/assets/v1634679975/merchant.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9e605a47de2cf6e48e1c1e748eede1219d27129ab3d898db9231c37ad05363d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5798375
cf-bgj: minify
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 21:46:53 GMT
server: cloudflare
etag: W/"616f3ccd-334f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 6c818ea3af997037-FRA
expires: Fri, 02 Jan 2032 03:59:58 GMT

GET
H2 200 ga.js Show response
www.offers.com/scripts/ 477 B
443 B 23ms
20ms Script
application/javascript 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/scripts/ga.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78604b53d740442b5b8a5d692567f70f46f6e284118ab6db94a46641672f3954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4708
cf-polished: origSize=536
vary: Accept-Encoding
last-modified: Tue, 06 Jul 2021 19:22:06 GMT
server: cloudflare
etag: W/"60e4ad5e-218"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
expires: Wed, 04 Jan 2023 03:59:58 GMT
cache-control: public, max-age=31536000
cf-ray: 6c818ea3af9a7037-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3532
date: Tue, 04 Jan 2022 03:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 04 Jan 2022 05:01:06 GMT

GET
H2 200 bullet-black.png
www.offers.com/images/ 94 B
308 B 17ms
16ms Image
image/webp 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/bullet-black.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/assets/v1634679975/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1219480
cf-polished: origFmt=png, origSize=149
content-disposition: inline; filename="bullet-black.webp"
vary: Accept
content-length: 94
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
expires: Fri, 02 Jan 2032 03:59:58 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6c818ea3effd7037-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fa-solid-900.woff2
www.offers.com/fonts/ 115 KB
115 KB 20ms
15ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-solid-900.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5039
vary: Accept-Encoding
content-length: 117516
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-1cb0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea3f80d7037-FRA
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 fa-regular-400.woff2
www.offers.com/fonts/ 142 KB
142 KB 42ms
39ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-regular-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5039
vary: Accept-Encoding
content-length: 145072
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-236b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea3f80f7037-FRA
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 Gilroy-Bold.otf
www.offers.com/fonts/ 54 KB
54 KB 35ms
32ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Bold.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5039
vary: Accept-Encoding
content-length: 55376
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d850"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea3f8127037-FRA
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 Gilroy-Regular.otf
www.offers.com/fonts/ 53 KB
53 KB 46ms
44ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Regular.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5039
vary: Accept-Encoding
content-length: 53840
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea3f8147037-FRA
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 Gilroy-Medium.otf
www.offers.com/fonts/ 54 KB
54 KB 31ms
28ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/Gilroy-Medium.otf

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/merchant.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/merchant.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5039
vary: Accept-Encoding
content-length: 54972
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-d6bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea3f8167037-FRA
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 fa-brands-400.woff2
www.offers.com/fonts/ 70 KB
71 KB 38ms
36ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/fa-brands-400.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5039
vary: Accept-Encoding
content-length: 72148
last-modified: Wed, 05 Aug 2020 19:50:03 GMT
server: cloudflare
etag: "5f2b0d6b-119d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea3f8177037-FRA
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 OpenSans-Bold.woff2
www.offers.com/fonts/ 46 KB
46 KB 21ms
20ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Bold.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5025
vary: Accept-Encoding
content-length: 46676
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818ea4184b7037-FRA
expires: Wed, 04 Jan 2023 03:59:58 GMT

GET
H2 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 15ms
14ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 04 Jan 2022 03:59:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 100 B
116 B 30ms
15ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c129a98977eef34ee239ba6630363e30d74d5afff71385d06d03400ccddf5671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Tue, 04 Jan 2022 03:59:58 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 301 B
534 B 126ms
37ms XHR
application/json 54.78.51.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=7529&slot=%7Bid:sidebar-1,ss:%5B300.250,300.600%5D,p:/4585/ns.offers/organiccomm,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=6b8958c1-1aee-1390-0440-2a14d6bc0eb5&url=https%253A%252F%252Fwww.offers.com%252Fstores%252Fadp%252F
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.51.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-51-81.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4282d59dbfcaa213603d7a9641fe5c275ac2ba0e6626d1150adb283cfff3d54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-server-name: app16.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.offers.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
734 B 153ms
109ms XHR
application/json 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3158&u=https%3A%2F%2Fwww.offers.com
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:57 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a7.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: 1jEGJ8A-f4vvGxGpIyzbN7O1YP6BGgIU3-bzdQim-FVFqpzchMrg7Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 71ms
29ms XHR
application/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
date: Tue, 04 Jan 2022 03:59:58 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: aSEYI6zfx3p9U7qxEDBpXITM6ocvVpK9PB0hj8gGMvolwd_XyrgW8g==

GET
H2

200

info Show response
gurgle.zdbb.net/
Redirect Chain

https://gurgle.offers.com/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fp=1
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1

263 B
464 B

301ms
100ms

XHR
application/json

54.82.206.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Server: 54.82.206.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-206-153.compute-1.amazonaws.com
Software: /
Resource Hash: fe897c1c943ea491b50654dd2ddbbddfe28b4a05093a0647b1b1d3ce358bd4e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: null
date: Tue, 04 Jan 2022 03:59:58 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 263
access-control-allow-methods: GET, OPTIONS
content-type: application/json

Redirect headers

date: Tue, 04 Jan 2022 03:59:58 GMT
location: https://gurgle.zdbb.net/info?url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&fpx=1
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 86ms
86ms XHR
text/javascript 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3158&u=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&pid=inMJqRcENiliY&cb=0&ws=1600x1200&v=7.71.1&t=750&slots=%5B%7B%22sd%22%3A%22sidebar-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F4585%2Fns.offers%2Forganiccomm%22%7D%5D&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.255.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a7.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-amz-rid: M01T27WXZKCN6PQTZQYR
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: m0mlbL1SGYnhytkUm0KWYAIWGhBaf96cX8e-NhdnNJkJrq6k9YJ-GQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 37 KB
10 KB 78ms
13ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Tue, 04 Jan 2022 03:14:11 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10430
x-request-id: 583079353

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 74ms
16ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=23814109144

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.offers.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
329 B 63ms
18ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=429282&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22389e21f58f6db1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F%22%2C%22ref%22%3A%22%22%2C%22domain%22%3A%22offers.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22offers.com%22%7D%2C%22name%22%3A%22offers.com%22%2C%22mobile%22%3A1%2C%22privacypolicy%22%3A1%2C%22keywords%22%3A%22offers.com%2C%20offers%2C%20organiccomm%2C%20merchant%22%2C%22content%22%3A%7B%22language%22%3A%22en%22%2C%22title%22%3A%22ADP%20Promo%20Codes%20%26%20Coupons%202022%22%2C%22context%22%3A5%2C%22data%22%3A%5B%5D%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22site%22%3A%22offers.com%22%2C%22adunit%22%3A%22organiccomm%22%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224ebe26ff1addc1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A429282%2C%22sid%22%3A%22300x250%22%2C%22dfp_ad_unit_code%22%3A%22%2F4585%2Fns.offers%2Forganiccomm%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A429282%2C%22sid%22%3A%22300x600%22%2C%22dfp_ad_unit_code%22%3A%22%2F4585%2Fns.offers%2Forganiccomm%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F4585%2Fns.offers%2Forganiccomm%22%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 09b72d4cbe258eabd2cc96f624e8b01517b1199ab5498beb5e8cad64eb82275f

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.22], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.offers.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Tue, 04 Jan 2022 03:59:58 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 148ms
71ms XHR
application/json 2602:803:c004:200::143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=200194&zone_id=986094&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&kw=offers.com%2C%20offers%2C%20organiccomm%2C%20merchant&tg_i.page=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&tg_i.domain=offers.com&tg_i.name=offers.com&tg_i.mobile=1&tg_i.privacypolicy=1&tg_i.site=offers.com&tg_i.adunit=organiccomm&tg_i.dfp_ad_unit_code=4585%2Fns.offers%2Forganiccomm&tg_i.pbadslot=4585%2Fns.offers%2Forganiccomm&tk_flint=pbjs_lite_v5.20.0&x_source.tid=95716b95-5860-4ac4-81c8-0237cd41d035&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7493524339372151
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 160aa1257cda9e6983687bc8e97aa75acdeddbe65adef742a5a1832ec1f0c39e

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 04 Jan 2022 03:59:58 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.offers.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 1891
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
ziffdavis-d.openx.net/w/1.0/ 28 KB
8 KB 169ms
112ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ziffdavis-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=95716b95-5860-4ac4-81c8-0237cd41d035&nocache=1641268798412&gdpr=0&us_privacy=1---&aus=300x250%2C300x600&divids=sidebar-1&aucs=%252F4585%252Fns.offers%252Forganiccomm&auid=540322687
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 10e85ea635df4f7894dce1dc0671ca5783223084fb1f94d34fa61f23d1e7a552

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.offers.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7767
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
734 B 18ms
17ms XHR
application/json 108.156.255.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3158&u=https%3A%2F%2Fwww.offers.com
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:57 GMT
via: 1.1 b0067143f1e1520182fe27b53cced2a7.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 385
x-amz-cf-id: yxWh4nHFC0XpM_vzTkdfwZoTHtmETPVw0vXFLkbuJqPyb4HywGH68g==

GET
H2 200 country.js Show response
c.evidon.com/geo/ 252 B
459 B 8ms
8ms Script
application/x-javascript 104.89.44.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.89.44.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-44-146.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2020 23:46:45 GMT
server: AkamaiNetStorage
etag: "61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 174

GET
H2 200 evidon-sitenotice-bundle.js Show response
cdn.ziffstatic.com/sitenotice/ 251 KB
24 KB 15ms
15ms Script
application/javascript 2a02:26f0:f7::5c7b:e160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0dafddff65a868ca5c86057b382994a924841a17f744001b9e33fade54ecb866

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: AL.K4DNybLRF8Oy6h91FcxLfeLqUMFZ7
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 18:01:03 GMT
x-amz-request-id: 9J1TBJ31DGEA5NT0
etag: "4788fbf78bd8c5de5bc18c096bd0e177"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 04 Jan 2022 03:59:58 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 24340
x-amz-id-2: yOuZkMziyNv5qlkr/roiymK6y2D1bBVdwHeEPSjLPqIuQmY3FydUUnEONrWaqR15zRNUMSiroME=
expires: Wed, 05 Jan 2022 03:59:58 GMT

GET
H2 200 settings.js Show response
cdn.ziffstatic.com/sitenotice/660/offers/ 15 KB
4 KB 453ms
453ms Script
application/javascript 2a02:26f0:f7::5c7b:e160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/offers/settings.js
Requested by: Host: zdstatic.offers.com
URL: https://zdstatic.offers.com/jst/zdconsent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 006dd05700d33a58268dfc5a1099858705006e4ce53dab5783caed1275f87a04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: PqwfWDn.g3VVgqm.aLbrmkM5ABXbwVel
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 20:01:53 GMT
x-amz-request-id: 367PFZPQVCPD7AZ9
etag: "2ecc11ebadf470bdece73cf7cb20978c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 04 Jan 2022 03:59:59 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 3384
x-amz-id-2: DPQbP+Hf2MTFmXa+KmU1MIl558H1o8K6TkTk1zPBMf2EXbWr7CyrCH1KYdWSq5wLYaLb9fERfIE=
expires: Wed, 05 Jan 2022 03:59:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 39ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 46ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.offers.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 97 KB
31 KB 376ms
375ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3914628685208517&correlator=4194807906168773&output=ldjh&impl=fifs&eid=31061814%2C31063378%2C31063870%2C44756717%2C44755509&vrg=2021120601&ptt=17&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1YNY&npa=1&sc=1&sfv=1-0-38&ecs=20220104&iu_parts=4585%2Cns.offers%2Corganiccomm&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=rfr%3Dfalse%26pos%3D1%26ppos%3D1%2Catf%26npos%3D1%26pogo%3Dsidebar%26divid%3Dsidebar-1%26amznbid%3D2%26amznp%3D2%26id%3Dc88b6508-6d12-11ec-99ea-067f141e2336%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%2C60%26hb_format_openx%3Dbanner%26hb_size_openx%3D300x600%26hb_pb_openx%3D0.05%26hb_adid_openx%3D10919011911137%26hb_bidder_openx%3Dopenx%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.22%26hb_adid_rubicon%3D9e6cd2906afc19%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.22%26hb_adid%3D9e6cd2906afc19%26hb_bidder%3Drubicon&eri=5&cust_params=template%3Dmerchant%26category%3Dorganiccomm%26OOF%3Dfalse%26ref%3D%26zdid%3D3108b989e6483f7dc184ad6abf5c8b68%26pageviewid%3D255fe5eb-6498-41a3-9e09-7c3dd009ce04%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D%26gdpr%3D0%26amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&dt=1641268798599&dlt=1641268797996&idt=238&frm=20&biw=1600&bih=1200&oid=2&adxs=188&adys=922&adks=1989942666&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=307x1952&msz=307x0&ga_vid=1515812315.1641268799&ga_sid=1641268799&ga_hid=299073430&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1c30a68f385990f31d802959dafa9aab30eeedf868992f6d5dd4fb6072fa59f7

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKWb5d2al_UCFczpuwgdS0QNfw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16424753811123199272/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKWb5d2al_UCFczpuwgdS0QNfw&gqi=&layout=/sadbundle/%24csp%253Der3%24/16424753811123199272/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32174
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Tue, 04 Jan 2022 03:59:58 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8481 6 KB
4 KB 109ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 04 Jan 2022 03:59:58 GMT
expires: Wed, 04 Jan 2023 03:59:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200 848.json Show response
id5-sync.com/g/v2/ 213 B
532 B 42ms
8ms XHR
application/json 51.75.146.200
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/848.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.200 , France, ASN16276 (OVH, FR),

Reverse DNS

p11.id5-sync.com

Software

Resource Hash

2cbb5a7f40e7abac85d9600e52803d8407426747babc5f6fd25c24f6cb2fa9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.offers.com
Date: Tue, 04 Jan 2022 03:59:58 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 en.js Show response
cdn.ziffstatic.com/sitenotice/660/translations/ 319 KB
13 KB 15ms
15ms Script
application/javascript 2a02:26f0:f7::5c7b:e160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/660/translations/en.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ceb037bf695a81081fcbdd36b6a30a16d0b58e32559e51887f041637361e35fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: RyjZv03MK4iPaQygju2GE0RcsAA9tHmK
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 21:00:13 GMT
x-amz-request-id: T5CQ213WFXSPG26J
etag: "e6bc20bf0564148eff940422a380934a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 04 Jan 2022 03:59:58 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 12409
x-amz-id-2: My6Dfx7XVZWZNeumh/MYEYTLXAMSJhB99XoR+AGAsVW3gKhWp+J9m8QyWw1rF6YYixxTYsXOin0=
expires: Wed, 05 Jan 2022 03:59:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
55 KB 52ms
28ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29b23d2ab868e453491b563b83d55e423131bc45ba82186947b17e3271c57b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55738
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Jan 2022 03:59:58 GMT

GET
H2 200 offer-tile-placeholder.png
www.offers.com/images/ 72 B
255 B 18ms
17ms Image
image/webp 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offers.com/images/offer-tile-placeholder.png

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/stores/adp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1218844
cf-polished: origFmt=png, origSize=162
content-disposition: inline; filename="offer-tile-placeholder.webp"
vary: Accept
content-length: 72
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
expires: Fri, 02 Jan 2032 03:59:58 GMT
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6c818ea7bd9b7037-FRA
cf-bgj: imgq:100,h2pri

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 36ms
20ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=299073430&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&ul=en-us&de=UTF-8&dt=ADP%20Promo%20Codes%20%26%20Coupons%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KChAAEABEAAAAC~&jid=1150974403&gjid=1133493313&cid=1515812315.1641268799&tid=UA-7272868-1&_gid=692244146.1641268799&_r=1&_slc=1&cd7=023WOEB8HmIjus0qt9cQuqx&z=1101712873

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.offers.com/core/merchant/impressions/ 0
175 B 134ms
134ms XHR
text/html 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/core/merchant/impressions/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.offers.com/stores/adp/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6c818ea7cdd07037-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7272868-1&cid=1515812315.1641268799&jid=1150974403&gjid=1133493313&_gid=692244146.1641268799&_u=KChAAEAAEAAAAC~&z=463951161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 Jan 2022 03:59:58 GMT
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 159 KB
59 KB 35ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H8B8R34YCC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d878b25a564383308248123ce43db92b28f38a3976c34d4aae38c68237b83e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59986
x-xss-protection: 0
expires: Tue, 04 Jan 2022 03:59:58 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 68ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FXTVV
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8583673114C4CD581521AE95905A8A9 Ref B: FRAEDGE1212 Ref C: 2022-01-04T03:59:58Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 42ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7272868-1&cid=1515812315.1641268799&jid=1150974403&_u=KChAAEAAEAAAAC~&z=1035209163

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 41ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7272868-1&cid=1515812315.1641268799&jid=1150974403&_u=KChAAEAAEAAAAC~&z=1035209163

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H8B8R34YCC&gtm=2oec10&_p=299073430&sr=1600x1200&ul=en-us&cid=1515812315.1641268799&_s=1&dl=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&dt=ADP%20Promo%20Codes%20%26%20Coupons%202022&sid=1641268798&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H8B8R34YCC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.offers.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 28000255.js Show response
bat.bing.com/p/action/ 0
93 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/28000255.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 Jan 2022 03:59:58 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 480029A21F744DB7BD29BF64B468A99E Ref B: FRAEDGE1212 Ref C: 2022-01-04T03:59:58Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=28000255&tm=gtm002&Ver=2&mid=6d926800-856f-4982-9bc3-2a431a4eb388&sid=c8dba1a06d1211eca559d956b0204145&vid=c8db80d06d1211ec85b475669af69921&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ADP%20Promo%20Codes%20%26%20Coupons%202022&p=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&r=&lt=1276&evt=pageLoad&msclkid=N&sv=1&rn=590897
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A705FF5E912343DDAB6E705540F61CE8 Ref B: FRAEDGE1212 Ref C: 2022-01-04T03:59:58Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 z0WVjCBSEeGLoxIxOQVEwQ
zdbb.net/l/ 43 B
108 B 103ms
32ms Image
image/gif 54.217.99.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=255fe5eb-6498-41a3-9e09-7c3dd009ce04&zd_location=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.99.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-99-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-length: 43
content-type: image/gif

GET
H2 200 eAAAAAAAAAAAAAAAAAAAAA
zdbb.net/n/ 43 B
109 B 102ms
31ms Image
image/gif 54.217.99.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zdbb.net/n/eAAAAAAAAAAAAAAAAAAAAA?tp=ofpweeaflkwerkldfksklwk&tpc=1720995070809081729&zd_pageview_id=255fe5eb-6498-41a3-9e09-7c3dd009ce04&zd_location=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&evidon_consent=undefined&third_party_consent=&fu=true
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.99.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-99-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:58 GMT
content-length: 43
content-type: image/gif

GET
H3 200 container.html Show response
b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DE29 6 KB
3 KB 23ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 04 Jan 2022 03:59:58 GMT
expires: Wed, 04 Jan 2023 03:59:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 96 KB
24 KB 39ms
12ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html

Requested by

Host: www.offers.com
URL: https://www.offers.com/stores/adp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe451fe872e6bb32a10fedc8409c570cad5e536b427e70dc4cf13107db7dff1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Thu, 30 Dec 2021 23:08:49 GMT
expires: Fri, 30 Dec 2022 23:08:49 GMT
last-modified: Thu, 16 Dec 2021 15:10:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 23156
age: 363070
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DE29 0
0 19ms
19ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cas5JPsbTYaWEJ8zT7_UPy4i1-AedooXFZ8Ocv4mXD5js8euODhABIOXP6xZglfrwgYwHoAH21rTsA8gBCakCPNNH2Sr2sj7gAgCoAwHIAwiqBOwBT9DN5HZQJf0SUlOIfU5vTUjEGZVGtKZ9Tlv-6BtgCVvHBtRKBzDK0EyL2TID3nEWT1xRHQ6acOaV2Entsul7nUfwcGK8YLTlTin_QHNiIlm7nvxTimxLHiSGFkjkyerg_u04zT-cOO_0mjvys_9vRtjHCA7R5X1xXswClFf161QRtex9EbC2hSZVZE-UuEMi06dEx8oDtce4DwW_B3cfBDj4rYBNc_HwO6ROHZ6453dXSMFJjRayljqq6qp_q32NoW9DwMKzAycpK5e64i3vCg03Y_ZD5tPNrbhhVecnh0kGV0ZkqbFkCAVHngjABKOFt5zoA-AEAaAGLoAH8qjLE6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIDoLNIICQiY4YBwEAEYHYAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05OTE0OTkyOTE0OTEwODQ3GKSdEA&sigh=btz2qV7zkd8&uach_m=[UACH]&template_id=419
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame DE29 19 KB
8 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 02:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 02:37:09 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE29 2 KB
1 KB 36ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 03:53:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE29 119 KB
37 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 04 Jan 2022 03:59:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame DE29 15 KB
6 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jan 2022 03:51:32 GMT

GET
H2 200 evidon-barrier.js Show response
cdn.ziffstatic.com/sitenotice/ 14 KB
4 KB 14ms
14ms Script
application/javascript 2a02:26f0:f7::5c7b:e160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ziffstatic.com/sitenotice/evidon-barrier.js
Requested by: Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/sitenotice/evidon-sitenotice-bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e160 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: U2DhT9Z7q643vVc7APOy8YhFyfkZfVwJ
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 19:00:16 GMT
x-amz-request-id: 800WHJ2RSCGM39FN
etag: "282d0aad6323c983709c8ba8921e53b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
date: Tue, 04 Jan 2022 03:59:59 GMT
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 3930
x-amz-id-2: 2kx8+JX91b2Awffv5HBmUpDuvcR6TTsExGpC0ksbPc+fFMbAEtbTY5bgc1pBLrcZ8Y3xWMINqt8=
expires: Wed, 05 Jan 2022 03:59:59 GMT

GET
H2 204 18610
l.evidon.com/site/v3/660/147/3/1/3/2/ 0
120 B 365ms
99ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/660/147/3/1/3/2/18610?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 OpenSans-Regular.woff2
www.offers.com/fonts/ 46 KB
46 KB 17ms
17ms Font
application/octet-stream 104.16.177.182
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offers.com/fonts/OpenSans-Regular.woff2

Requested by

Host: www.offers.com
URL: https://www.offers.com/assets/v1634679975/base.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.177.182 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offers.com/assets/v1634679975/base.css
Origin: https://www.offers.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5040
vary: Accept-Encoding
content-length: 47016
last-modified: Thu, 28 Feb 2019 17:02:27 GMT
server: cloudflare
etag: "5c781423-b7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/octet-stream
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c818eaa492b7037-FRA
expires: Wed, 04 Jan 2023 03:59:59 GMT

GET
H2 204 18610
l.evidon.com/site/v3/660/147/3/5/3/2/ 0
121 B 339ms
99ms Image
text/plain 54.161.40.243
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/660/147/3/5/3/2/18610?consent=0&regulationid=0&regulationconsenttypeid=1
Requested by: Host: www.offers.com
URL: https://www.offers.com/stores/adp/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.40.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-40-243.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE15 143 B
426 B 466ms
118ms Document
text/html 2a00:1450:4019:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 04 Jan 2022 03:34:47 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C1A0 16 KB
6 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 04:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 Jan 2022 04:22:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C1A0 26 KB
10 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 14:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 04 Jan 2022 14:22:06 GMT

GET
DATA 200
OK truncated
/ Frame DE29 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5131b49d1c64176e0623beaff45ad467bb5c178831eba6e2652de462a0459f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 63ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: cdn.ziffstatic.com
URL: https://cdn.ziffstatic.com/pg/offers.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Jan 2022 03:59:59 GMT

GET
H3 404 null
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 43 B
63 B 289ms
289ms Image
image/gif 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/null

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 04 Jan 2022 03:59:59 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 65ms
24ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:43 GMT
server: nginx
etag: W/"61cc54f3-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 Jan 2022 03:59:59 GMT

GET
H3 200 wideskyscraper_claim.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 19 KB
5 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/wideskyscraper_claim.svg

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05a29beffdaaa41e78204f55ac02bd1d4cb9ca4dd4314b9828f8ae2860acfdd9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 363147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5388
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 15:10:53 GMT
server: sffe
date: Thu, 30 Dec 2021 23:07:32 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:07:32 GMT

GET
H3 200 wideSkyscraper_copy_bett.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 25 KB
6 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/wideSkyscraper_copy_bett.svg

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f10dcfb01fddb765e07674633996d5e14b575aaa9648d65aabf9bf2242b7992

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 363147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5631
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 15:10:53 GMT
server: sffe
date: Thu, 30 Dec 2021 23:07:32 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:07:32 GMT

GET
H3 200 wideSkyscraper_head_bett.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 20 KB
5 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/wideSkyscraper_head_bett.svg

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e93dbe578d8cc598b4df62ff1e47d095688529db2fd5b7925cdc0dce17a2c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 363147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5523
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 15:10:53 GMT
server: sffe
date: Thu, 30 Dec 2021 23:07:32 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:07:32 GMT

GET
H3 200 cta_hover.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 10 KB
3 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/cta_hover.svg

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ba09d6c96dce11166c54d20583459ff3798e4b3b2d052313620e13bca1e497

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 363147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 15:10:53 GMT
server: sffe
date: Thu, 30 Dec 2021 23:07:32 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:07:32 GMT

GET
H3 200 cta_normal.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 10 KB
3 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/cta_normal.svg

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ba09d6c96dce11166c54d20583459ff3798e4b3b2d052313620e13bca1e497

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 363147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 15:10:53 GMT
server: sffe
date: Thu, 30 Dec 2021 23:07:32 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:07:32 GMT

GET
H3 200 cta_normal.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/ Frame C1A0 10 KB
3 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/cta_normal.svg

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74ba09d6c96dce11166c54d20583459ff3798e4b3b2d052313620e13bca1e497

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 363147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 15:10:53 GMT
server: sffe
date: Thu, 30 Dec 2021 23:07:32 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:07:32 GMT

GET
H2 200 check Show response
jogger.zdbb.net/ 5 B
232 B 306ms
100ms XHR
text/plain 34.228.50.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jogger.zdbb.net/check?href=https%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.50.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-50-94.compute-1.amazonaws.com
Software: /
Resource Hash: 4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=306948
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control
content-length: 5

GET
H2 200 zd-core-olt.min.js Show response
cdn.static.zdbb.net/js/ 844 B
776 B 8ms
8ms Script
application/javascript 95.100.153.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/zd-core-olt.min.js?v=5
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: VelS3neDNomhgHaO23tAaRrqvD5MfCbX
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 15:41:07 GMT
x-amz-request-id: D41NKXW1PXK6HMFE
date: Tue, 04 Jan 2022 03:59:59 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 464
x-amz-id-2: wn9mlrTjCgtY2SJAcNvKv6RjEjAf4tqkM6fn5BSsdGrc9/OJy1C8gIHdI9W41fhN/jhdOMq5b4Q=
expires: Tue, 11 Jan 2022 03:59:59 GMT

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 64ms
12ms Script
application/javascript 104.89.33.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.33.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-33-102.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 21 May 2021 19:14:21 GMT
Server: nginx/1.15.8
ETag: W/"60a8068d-cbc2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 04 Jan 2022 03:59:59 GMT
Connection: keep-alive
Content-Length: 16078
Expires: Tue, 11 Jan 2022 03:59:59 GMT

GET
H2 200 krux-coretag.js Show response
cdn.static.zdbb.net/js/ 335 B
568 B 8ms
8ms Script
application/javascript 95.100.153.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.122 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: Y2khje06JIFbLokGXs6YffcNkqzkRdCS
content-encoding: gzip
last-modified: Thu, 16 Dec 2021 15:41:06 GMT
x-amz-request-id: ER9X47ADF270AAPD
date: Tue, 04 Jan 2022 03:59:59 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 255
x-amz-id-2: MvKTgtPSfc8xDaKxP5o9Ah8QGPfWKyIAS7xm2LxMT9to5KqBXyYgVQzFZhO2vRNxhlej2HTmlrw=
expires: Wed, 05 Jan 2022 03:59:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 48ms
19ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d38ca7e451a3a7c8cbe99348812dfe8c813bb2aa3a8dae78b93789371d6e966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 Jan 2022 03:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8468
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 12F6 291 B
600 B 53ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.offers.com&gdpr=1&gdpr_consent=CPJsci9PJscm1ASABCENBjCgAIAAAMPAAAwIIEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIEgEmGpfQBdiWODJtGlUKIEYVhIdAKACigGFomsIGVwU7K4CPUELABCagIwIgQYgoxYBAAIBAEhEQEgB4IBEARAIAAQAqQEIACNgEFgBYGAQACgGhYgRQBCBIQZHBUcpgQESLRQT2VgCUXexphCGUWAFAo_oqMBEoQQLAyEhYOY4AkAAA.YAAAAAAAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 927
date: Tue, 04 Jan 2022 03:59:59 GMT
content-length: 321
strict-transport-security: max-age=31536000; preload;

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DE15
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

518ms
289ms

Document
text/html

2a00:1450:4019:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
URL: https://b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Jan 2022 04:00:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 Jan 2022 04:00:00 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 04 Jan 2022 03:59:59 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 spgdj7g8u.js Show response
cdn.krxd.net/controltag/ 2 B
399 B 277ms
11ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/spgdj7g8u.js
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/krux-coretag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 04 Jan 2022 03:59:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 473
x-cache: MISS, HIT, HIT
x-app-cache: MISS
x-age: 0
content-encoding: gzip
content-length: 22
x-served-by: config-service-a002-ash-prod.krxd.net, cache-iad-kjyo7100103-IAD, cache-hhn4034-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1641268800.884223,VS0,VE0
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 15

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 03:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 04 Jan 2022 03:59:59 GMT

GET
H/1.1 200
OK 30629 Show response
stags.bluekai.com/site/ Frame 50BC 71 B
338 B 351ms
169ms Document
text/html 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/30629?ret=html&phint=site%3Doffers.com&phint=referer%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=offersbrand%3Dstores&phint=bbseg%3D900263&phint=bbseg%3D900331&phint=bbseg%3D900365&phint=bbseg%3D900111&phint=bbseg%3D900115&phint=bbseg%3D900374&phint=bbseg%3D900376&phint=__bk_t%3DADP%20Promo%20Codes%20%26%20Coupons%202022&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Fwww.offers.com%2Fstores%2Fadp%2F&phint=__bk_v%3D3.1.10&limit=10&r=14370145
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-192-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 48d8
Date: Tue, 04 Jan 2022 04:00:00 GMT
Connection: keep-alive
X-N: S

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB38 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Mon, 03 Jan 2022 15:04:42 GMT
expires: Tue, 03 Jan 2023 15:04:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 46517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 367A 783 B
534 B 25ms
25ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dc84c41781292d716199cda1e70b184992750041235b1bede62b4c4dfa6a7381

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SAzCq9KA2rzUfv2avjgznw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 04 Jan 2022 03:59:59 GMT
date: Tue, 04 Jan 2022 03:59:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SAzCq9KA2rzUfv2avjgznw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js Show response
pagead2.googlesyndication.com/bg/ Frame FB38 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f8gou5y2Dfq0zn72-W9hYw99gWviw2ua4IRi-orcC78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 12:52:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13559
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Jan 2023 12:52:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 367A 0
0 18ms
18ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=3914628685208517&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=3914628685208517&bg=!OTqlOn7NAAZKWFskSlg7ACkAdvg8WqN5ShhiMmv_J9gCQHKGuW4xeivWvaan7-3c4cGl38Ye2cIa_wIAAABcUgAAAAtoAQeZAquNN5PIW6f7pQtil9HarF2PKg4h9yDkHF-gRnNPZjsHpRECrU7rDHQ6ijQGkJaOAEZwcM1kQsYaC8xNOeAjo-aalBltJzqC9AZ59FyOSCgRygJCduHlQT-e9QeOXHGPFtO1mc5GmJrUm1lMESdvMDbgRE4lUZVLNYPz44NY1aEyyL3xfcQtdUryiTEFB49tI3MYEvZw7sq7r9crh8eO5FSymGNd83pzUlQfVPXSX840LaETmTEFWMzcb8Jq_ghy2sf2lO3Qk4NwDJWzSL8G0jJNZDF3TlgVytEGDtbNwrnPT70t2n3VJY-flP74gZApfRoLPKa1NYmR5n6nfa8rhxsvYs48jDRyZOp23Cxz46XVHthpjM3abgHGrybagjDCCukqrSOs83dfXqv21apwbDh3hWeCIEz4vsLc50nP8mpFJ-Kqo2mSASDR9_VfX2wnHTURKzOyAKo5zDyP3L0uIBJOP4PUM-_Oo0pqerFhLJJRIwJt2B8_bxqI1YZ8eSqRin8sDNjgb_XSomYTeNhYz1U16bZyYlS49TylEcxVl3lHGRfylIsnBIffPMUFdgINLmL_SsyQzD2zNoM9jOYQp1zXTJ2vYogjhyeJwcZdg9k-qQYz8c-4Xk2TXo22zQvG56TOdOiUN0R_VvvWw9LK0zc2mkuHFAiPMZwXVN3IWEjHwiGbFuPrTQdbWhn4vCTrcUk0ZEAkcXqTQMVbItU3X_JgDoWRMLy5Nvh8fLhz5fFOmf1uH1Yjqb_FfGI2UnFxLgShtzNfNZZi8xxljooKXjOUoMXpPmPTiniJwiLDF404bR3Kv4FoVuoyKVFUzuoQ4eXzHYZcNRuX0S-VTB4U1qJQBgX_SgViQY1pCuCHlkeWjnDUO3INnPXxUPrLDb3c_91IVVHLH4Xjgh81eA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 03:59:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check_c Show response
zdbb.net/ 0
230 B 30ms
30ms XHR
text/plain 54.217.99.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://zdbb.net/check_c
Requested by: Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.99.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-99-203.eu-west-1.compute.amazonaws.com
Software: Ziff Davis BuyerBase /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 04:00:00 GMT
server: Ziff Davis BuyerBase
p3p: CP="ALL DSP COR NID"
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.offers.com%2F&domain=www.offers.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=JwbDMnxmUjc5eVFzS205VGcvVEg3bGxoNWVJQ3o2VkxwUU5YOFA5MmJ3S1RDdUowdG1YTVIxYUEvNlFIMkpxNWlkalBCOU1rOUJxd1E5Z3ZQY2dVQWhMeWR3OXRQMWNvOEU1c0Q5UlRzeHNUVGlXT1hwMzdrTzE5cmM0Yk...

342 B
611 B

51ms
18ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JwbDMnxmUjc5eVFzS205VGcvVEg3bGxoNWVJQ3o2VkxwUU5YOFA5MmJ3S1RDdUowdG1YTVIxYUEvNlFIMkpxNWlkalBCOU1rOUJxd1E5Z3ZQY2dVQWhMeWR3OXRQMWNvOEU1c0Q5UlRzeHNUVGlXT1hwMzdrTzE5cmM0Ykg4c2tzZ3VjZkxRcWZaVlRiK3lrT1VuWm8rZWlkSTNTWDkzL24xN3VxMXZ1WjJ3Y1dQUDVUbUxycXRwQzI1d2xXRWZ1UDFuNGlETnZ6ZWI2Tjl0dG56ejdTZVY5QU5xT0lFZzZhc3dXeEtqaTI0MDZXSDN3PXw&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

393714d56c74cc5e214b92f98c2687b9adfa18bec3df215469249dfdc3fe12d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 04:00:02 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2501
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 04 Jan 2022 04:00:02 GMT
location: https://mug.criteo.com/sid?cpp=JwbDMnxmUjc5eVFzS205VGcvVEg3bGxoNWVJQ3o2VkxwUU5YOFA5MmJ3S1RDdUowdG1YTVIxYUEvNlFIMkpxNWlkalBCOU1rOUJxd1E5Z3ZQY2dVQWhMeWR3OXRQMWNvOEU1c0Q5UlRzeHNUVGlXT1hwMzdrTzE5cmM0Ykg4c2tzZ3VjZkxRcWZaVlRiK3lrT1VuWm8rZWlkSTNTWDkzL24xN3VxMXZ1WjJ3Y1dQUDVUbUxycXRwQzI1d2xXRWZ1UDFuNGlETnZ6ZWI2Tjl0dG56ejdTZVY5QU5xT0lFZzZhc3dXeEtqaTI0MDZXSDN3PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.offers.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1730
content-length: 482
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 52ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.offers.com%2F&domain=www.offers.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://www.offers.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1646
date: Tue, 04 Jan 2022 04:00:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=dc423def-06ad-4fb4-a386-363c0a8315a3&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELieIFebMM9SHgP0bqH6tPY&google_cver=1

43 B
114 B

45ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELieIFebMM9SHgP0bqH6tPY&google_cver=1
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jan 2022 04:00:03 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Jan 2022 04:00:03 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELieIFebMM9SHgP0bqH6tPY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 406ms
18ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2577
date: Tue, 04 Jan 2022 04:00:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.offers.com/	1969-12-31 23:59:59	Name: psid Value: 0fc1e1a59b4520c218cbc24e1f44e8be7af55169
.offers.com/	1970-01-19 23:54:30	Name: __cf_bm Value: gqmBEfUcTDpPdWu4PJ0PgCQfUZaOSQYVO4N209UzGwo-1641268797-0-AVG2PzG9SKFDLgrlNJvblXeUv9xAiTSUSXOi5t4IBD02RNQT0/rV+XSxD2WhqvX/NOlP0dD5iI9hZJw6q/cw0rY=
www.offers.com/	1970-01-20 16:41:09	Name: ovt Value: 1641268797%7C1641268797%7C1641268797
.www.offers.com/	1970-01-20 16:42:28	Name: ouid Value: 1720995070809081729%267106d76a4cdcccb892f76ebb92719c6d735149659d6ee13d312f325f91e1f0c3
.www.offers.com/	1970-01-19 23:54:32	Name: osvt Value: 1720995070813276034%2C%2C1641272397%26a2b9ad12807932affcc3272ba5999680f2e1b549ce800ab423e5b0cadbea68f0
www.offers.com/	1970-01-20 00:37:40	Name: fu Value: 1
www.offers.com/	1970-01-20 00:37:40	Name: _pbjs_userid_consent_data Value: 1738560442838663
.rubiconproject.com/	1970-01-20 08:40:04	Name: khaos Value: KXZL2DY3-1G-542M
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.rubiconproject.com/	1970-01-20 08:40:04	Name: audit Value: 1\|hLZGFuTafB3tXQaF8y0HckZeVCuLeoYaJAQRvrb7NaabCHyK42ojydPqjdvGqFCkhVkhD8wUPnL8yt2nEHEUZsxuhZpbWKLtnKXpBYfVaX8=
.openx.net/	1970-01-20 08:40:04	Name: i Value: f3597f8c-d711-081d-3a71-60c12d9c2b0e\|1641268798
.offers.com/	1970-01-19 23:55:55	Name: _gid Value: GA1.2.692244146.1641268799
.offers.com/	1970-01-19 23:54:28	Name: _gat Value: 1
.offers.com/	1970-01-20 17:25:40	Name: _ga_H8B8R34YCC Value: GS1.1.1641268798.1.0.1641268798.0
.offers.com/	1970-01-20 17:25:40	Name: _ga Value: GA1.1.1515812315.1641268799
.bing.com/	1970-01-20 09:16:04	Name: MUID Value: 3AFDD6E4D1BD6C210A20C7C6D06F6D01
.offers.com/	1970-01-19 23:55:55	Name: _uetsid Value: c8dba1a06d1211eca559d956b0204145
.offers.com/	1970-01-20 09:16:04	Name: _uetvid Value: c8db80d06d1211ec85b475669af69921
www.offers.com/	1970-01-20 04:13:40	Name: h_zdbb Value:
.offers.com/	1970-01-20 00:39:07	Name: zdbb_swap_ofrs_id Value: 1
.offers.com/	1970-01-20 09:16:04	Name: __gads Value: ID=60797653c4ec37b8-22bfcfd214cd0006:T=1641268798:S=ALNI_MbyGQuS0k5VqmZVIfZnfo4u7wSCyQ
.doubleclick.net/	1970-01-20 09:16:04	Name: IDE Value: AHWqTUmigZB-WpPNn_QxbqxdK2u0E-fvz4PUjYAqjZRwkxLaA8cjWEc_nAn4oIbrfpc
.doubleclick.net/	1970-01-19 23:54:32	Name: DSID Value: NO_DATA
.openx.net/	1970-01-20 00:16:04	Name: pd Value: v2\|1641268802\|gu
www.offers.com/	1970-01-20 09:16:04	Name: cto_bundle Value: 4LUtBV9aSWRMRzdsbWI5bExsdjkwaHgyb1FaeEFUVXQ4ajM0ZlZ6UDZndXI2TXo2ajdMSSUyQlZoZnczVFlGOGRnR2FsSVY5aHA3STIzaWduWDhYd2czMlh5UUI2RG0lMkZ4NVUlMkJjYktGeGdCVGtGY29SdE1aRHZSSEpCTDB5Wmhib1BZaXBiVQ
www.offers.com/	1970-01-20 09:16:04	Name: cto_bidid Value: RwioV180dEZldEM2bGVpWnZ1Qm5IRmRNVXBON2UxeTZ5bnp6ZmFpOXpsOGRuRWhTUHRacWRUdSUyRjFiSVZWaVV4TDdOUHg3V1JEdUY3RWR5OVBkeVdhS1NZZmRnJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16424753811123199272/null Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
b60bc44d25830ab6f72cb36a99d529db.safeframe.googlesyndication.com
bat.bing.com
bidder.criteo.com
c.amazon-adsystem.com
c.evidon.com
cdn.id5-sync.com
cdn.krxd.net
cdn.static.zdbb.net
cdn.ziffstatic.com
cm.g.doubleclick.net
eu-u.openx.net
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
gurgle.offers.com
gurgle.zdbb.net
htlb.casalemedia.com
id5-sync.com
jogger.zdbb.net
l.evidon.com
mug.criteo.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
preferences.truste.com
privacy-policy.truste.com
securepubads.g.doubleclick.net
sgi.offerscdn.net
sgi1.offerscdn.net
sgi2.offerscdn.net
sgi3.offerscdn.net
stags.bluekai.com
static.criteo.net
stats.g.doubleclick.net
tags.bkrtx.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.offers.com
zdbb.net
zdstatic.offers.com
ziffdavis-d.openx.net
104.16.177.182
104.89.33.102
104.89.44.146
104.90.192.27
108.156.255.177
142.250.181.2
142.250.185.226
151.101.130.133
178.250.0.157
178.250.0.165
18.66.248.89
2.21.111.28
2602:803:c004:200::143
2606:4700::6812:9c32
2606:4700::6812:9e32
2620:1ec:c11::200
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:829::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c02::9c
2a00:1450:4019:803::200a
2a00:1450:4019:80d::2002
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:f7::5c7b:e160
3.224.252.100
34.228.50.94
34.98.64.218
46.105.202.126
51.75.146.200
54.161.40.243
54.217.99.203
54.78.51.81
54.82.206.153
95.100.153.122
95.100.153.90
006dd05700d33a58268dfc5a1099858705006e4ce53dab5783caed1275f87a04
04d26958916afa20fd0f761c080aa2e10cf589469e22969e3039d04503a381c2
05a29beffdaaa41e78204f55ac02bd1d4cb9ca4dd4314b9828f8ae2860acfdd9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09b72d4cbe258eabd2cc96f624e8b01517b1199ab5498beb5e8cad64eb82275f
0b407eb4f07ffc0929b1cf94e00515b0c21b2b35df9b5c1de9d60dcdb0a2e746
0dafddff65a868ca5c86057b382994a924841a17f744001b9e33fade54ecb866
10e85ea635df4f7894dce1dc0671ca5783223084fb1f94d34fa61f23d1e7a552
11f0395ac2ad058ebbd3b44a9be3f387611e9e14bdd10b7eac7d38ce5c5c7776
1331ce07d67579b7a85c3f1deb9479460b198356c6d1aee8de72daa1d5e377b2
160aa1257cda9e6983687bc8e97aa75acdeddbe65adef742a5a1832ec1f0c39e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
19ff7c66b66c944275642b55491e432a38242f8ab90574c92db16265b176aae8
1c30a68f385990f31d802959dafa9aab30eeedf868992f6d5dd4fb6072fa59f7
23b07dfcfc6cf6316125602e1a5fd2b8c3152d84214c22a49480a998a561f3a8
252e614bb588005cf8ceb73905e2b16e5cf048509b4ff6d6c49852524af9f000
2961e633fb39fe8c91ac7abd6ec011933478e58dff1e944924568f9cdddec7ec
29b23d2ab868e453491b563b83d55e423131bc45ba82186947b17e3271c57b22
2cbb5a7f40e7abac85d9600e52803d8407426747babc5f6fd25c24f6cb2fa9a2
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2f10dcfb01fddb765e07674633996d5e14b575aaa9648d65aabf9bf2242b7992
34273b76dd2e55cf68a5ff82223c7dbb30d04babf0fbe177f7957c65be8e4f4c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3847b1c31663d53c1518509c0eac2d5902f4b20ecd2cc64b63416a009b8a2937
393714d56c74cc5e214b92f98c2687b9adfa18bec3df215469249dfdc3fe12d5
3d1ca10f6b7666e93d493bfb6a6748f380addb42602ee797994469c077c24837
3d38ca7e451a3a7c8cbe99348812dfe8c813bb2aa3a8dae78b93789371d6e966
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
4282d59dbfcaa213603d7a9641fe5c275ac2ba0e6626d1150adb283cfff3d54a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4631094b53f0fda833f0eeda1fb477463e877e78f3b4d71b9548d862381376c8
4b42885aff72886a45200a0f8640e4221290c4cc4661fd036d7f8908d8baceb4
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07
4d3efed2d9cd327163c366899e315e5854ea089f6215adcedf1c798a6efc809d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e523a5ae5b4636c75901b79fafbd3912e41dc7987414e688b09d4b436ff22b3
4f30bdeed794aeb92d85e55d901c0bdb634df32432010792e3b569ea73cae443
5131b49d1c64176e0623beaff45ad467bb5c178831eba6e2652de462a0459f98
51602869834421b04da25e373a5414f8b07cc38dac6187f5596ce65fd53021ad
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ab02407b89ddc3f76da3c0dc9f807b4f6def211a6e4cef8e622512c8fc8766
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b8792f64595a8e4e70b724bc196ab026a895a83438fbd7ea0822c970fa167ba
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
606df7b1fee7ec41366cc669d240d71312c66e444fb1f6e16610b707b3561f2a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
65aae457eea154a8824bf40c7051a4d712c0c73bb570f8fc0e9c9be03b5b63b6
69a429e2c68e54fa79488bbf4aa386ab36bf7febbea057ff43d6ddf5e273130e
6f83677606b2235e0a687535c7a0a96156b554d622c659ceea7dbb90372225c6
7217dd7bb4ee20316074b91a71a46f16641df9364cc89373389c2f28fbe7fd69
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74ba09d6c96dce11166c54d20583459ff3798e4b3b2d052313620e13bca1e497
7667f6091a46a095a88bf2f490fce3c15e4a68b16ac2de29b25cca88f674fce8
78604b53d740442b5b8a5d692567f70f46f6e284118ab6db94a46641672f3954
7fc828bb9cb60dfab4ce7ef6f96f61630f7d816be2c36b9ae08462fa8adc0bbf
82464f7dc08fe4bb9601d0c8450ab34cf1685369cc75e3afc4470f8a76ef9c24
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
9084b24863c91948a8a44b2143b64cd4d9c72ac1f796f1f3243f9e1aca80b1d7
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
97af3844528504a94b86bd7ff9ccde8429c9463bda39603e045271fc5332d397
9fc42f2f5ac3e38fe0f34ef2f7527b3b15e36597d9538253a5ae885541fecd98
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9e605a47de2cf6e48e1c1e748eede1219d27129ab3d898db9231c37ad05363d
ad870134e00e713a173b1be210378b4b7b85f8081e578e85e13fffeec0ae78a0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9a4d8c59f4bb7f250d9111be10c5664c7202abeaf020eda52e7f1a3482fd9c7
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
c129a98977eef34ee239ba6630363e30d74d5afff71385d06d03400ccddf5671
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c888e34c8a9fcdd17a160948d147c12ab01552a9960ed1142f12ce40b6609258
ca70d63095e7c4605d868283368aaea6edf6f6a984509029636bc792494212bc
cbe451fe872e6bb32a10fedc8409c570cad5e536b427e70dc4cf13107db7dff1
cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275
ceb037bf695a81081fcbdd36b6a30a16d0b58e32559e51887f041637361e35fe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d64849d9ec4afd8eb21b289c99a9d785eb7079d893b899490132fb4707447457
d878b25a564383308248123ce43db92b28f38a3976c34d4aae38c68237b83e99
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
da5523987f1aa265f170cf27232c760db70775bb65e604ce85a4b1ab2ce74dad
dbd7e665693aaa8b13bac8ddfce1e5d78d888b8366faff26eb160de3eb589245
dc84c41781292d716199cda1e70b184992750041235b1bede62b4c4dfa6a7381
dd68c67975a3c5901ca09f9e7453b862bbcff12b7ba742b663cd55648b3d2e77
de6fc7b00f23c65bd792ef01e6adf3002fa8ad5e18abeae38c6aebeef644393c
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f150dfeb4a0e6537529a23567ac44f32145446404e72f11e30c3114fc9bbf5be
f3e93dbe578d8cc598b4df62ff1e47d095688529db2fd5b7925cdc0dce17a2c6
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75
fe897c1c943ea491b50654dd2ddbbddfe28b4a05093a0647b1b1d3ce358bd4e6
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.offers.com Open in urlscan Pro 104.16.177.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

96 %HTTPS

47 %IPv6

26 Domains

48 Subdomains

43 IPs

6 Countries

1625 kBTransfer

4153 kBSize

26 Cookies

11 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.offers.com Open in urlscan Pro
104.16.177.182 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

96 %
HTTPS

47 %
IPv6

26
Domains

48
Subdomains

43
IPs

6
Countries

1625 kB
Transfer

4153 kB
Size

26
Cookies

120 HTTP transactions
1 data transactions