www.e-rewards.com Open in urlscan Pro
2600:9000:206f:2e00:3:68f9:62c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.e-rewards.com/
Effective URL:
https://www.e-rewards.com/
Submission: On February 15 via api (February 15th 2021, 12:03:45 pm UTC) from CH

Summary HTTP 114 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 64 domains to perform 114 HTTP transactions. The main IP is 2600:9000:206f:2e00:3:68f9:62c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.e-rewards.com.
TLS certificate: Issued by Amazon on September 23rd 2020. Valid for: a year.

This is the only time www.e-rewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2600:9000:206... 2600:9000:206f:2e00:3:68f9:62c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4c00:1d:cb66:70c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:206... 2600:9000:206f:3c00:17:5070:d6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.94.69 65.9.94.69	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
7	2606:4700:e6:... 2606:4700:e6::ac40:ca1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:be00:0:9a75:c240:21	16509 (AMAZON-02) (AMAZON-02)
1	65.9.91.52 65.9.91.52	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:491::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	52.216.177.131 52.216.177.131	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	65.9.94.95 65.9.94.95	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	34.236.139.133 34.236.139.133	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.94.4 65.9.94.4	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
1	65.9.91.90 65.9.91.90	16509 (AMAZON-02) (AMAZON-02)
1	63.241.211.31 63.241.211.31	7018 (ATT-INTER...) (ATT-INTERNET4)
1	65.9.69.50 65.9.69.50	16509 (AMAZON-02) (AMAZON-02)
2 4	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
3	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	65.9.94.89 65.9.94.89	16509 (AMAZON-02) (AMAZON-02)
1	34.199.27.181 34.199.27.181	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	184.30.208.188 184.30.208.188	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.67.140.99 23.67.140.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	107.21.82.111 107.21.82.111	14618 (AMAZON-AES) (AMAZON-AES)
1 15	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1 4	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.28.167.150 52.28.167.150	16509 (AMAZON-02) (AMAZON-02)
1	104.109.59.72 104.109.59.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.123.78.164 3.123.78.164	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
3 3	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
5 5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2 3	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	34.253.109.165 34.253.109.165	16509 (AMAZON-02) (AMAZON-02)
2	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	18.202.184.10 18.202.184.10	16509 (AMAZON-02) (AMAZON-02)
1	52.218.41.75 52.218.41.75	16509 (AMAZON-02) (AMAZON-02)
1	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
1	88.80.189.68 88.80.189.68	63949 (LINODE-AP...) (LINODE-AP Linode)
1	54.171.91.151 54.171.91.151	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	65.9.94.15 65.9.94.15	16509 (AMAZON-02) (AMAZON-02)
2 2	34.204.119.109 34.204.119.109	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.254.147.143 34.254.147.143	16509 (AMAZON-02) (AMAZON-02)
1 1	18.133.35.94 18.133.35.94	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	35.158.49.68 35.158.49.68	16509 (AMAZON-02) (AMAZON-02)
1	69.169.85.6 69.169.85.6	33597 (ATLANTIC-...) (ATLANTIC-METRO-COMMUNICATIONS-II-INC)
3 4	51.75.146.200 51.75.146.200	16276 (OVH) (OVH)
1 1	3.120.46.225 3.120.46.225	16509 (AMAZON-02) (AMAZON-02)
4 4	146.59.138.188 146.59.138.188	16276 (OVH) (OVH)
1 1	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1	65.9.94.29 65.9.94.29	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	52.57.49.235 52.57.49.235	16509 (AMAZON-02) (AMAZON-02)
114	63

9 2600:9000:206f:2e00:3:68f9:62c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.e-rewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4c00:1d:cb66:70c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dq.tmx.surveysampling.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:206f:3c00:17:5070:d6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

darwin-assets.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.69 (United States)

ASN16509 (AMAZON-02, US)

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e6::ac40:ca1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:be00:0:9a75:c240:21 (United States)

ASN16509 (AMAZON-02, US)

d3agx2rif8aadl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.91.52 (United States)

ASN16509 (AMAZON-02, US)

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:491::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.177.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

upp-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.95 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.236.139.133 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

goggles.mw.dynata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.4 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.91.90 (United States)

ASN16509 (AMAZON-02, US)

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.241.211.31 (United States)

ASN7018 (ATT-INTERNET4, US)

flare.e-rewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.50 (United States)

ASN16509 (AMAZON-02, US)

cdn.oneopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.167.164.37 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.89 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.27.181 (United States)

ASN14618 (AMAZON-AES, US)

evidon.oneopinion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.208.188 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.67.140.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-67-140-99.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.21.82.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.6.241 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.167.150 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.59.72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.78.164 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.254.214 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.142.16 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.71.186 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.207.148 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.109.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.184.10 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.41.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.236 (France)

ASN16276 (OVH, FR)

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.80.189.68 (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.91.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.15 (United States)

ASN16509 (AMAZON-02, US)

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.119.109 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.147.143 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-147-143.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.35.94 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-35-94.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.49.68 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-49-68.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.6 (United States)

ASN33597 (ATLANTIC-METRO-COMMUNICATIONS-II-INC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.75.146.200 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: p11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.46.225 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.138.188 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip188.ip-146-59-138.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.62 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.94.29 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Slovenia)

ASN51790 (SIEL, SI)

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.49.235 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-49-235.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	adform.net 3 redirects a2.adform.net s2.adform.net c1.adform.net dmp.adform.net	37 KB
10	e-rewards.com 1 redirects www.e-rewards.com flare.e-rewards.com	331 KB
9	dynata.com 1 redirects darwin-assets.dynata.com goggles.mw.dynata.com	355 KB
8	doubleclick.net 7 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
8	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	120 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	id5-sync.com 3 redirects id5-sync.com	6 KB
4	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	4 KB
4	semasio.net 4 redirects uipglob.semasio.net	3 KB
4	mathtag.com 1 redirects pixel.mathtag.com	3 KB
4	evidon.com c.evidon.com	5 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	bugsnag.com sessions.bugsnag.com notify.bugsnag.com	210 B
3	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org	1 KB
3	yahoo.com 1 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	2 KB
3	360yield.com 2 redirects ad.360yield.com ice.360yield.com	1 KB
3	betrad.com c.betrad.com l.betrad.com	6 KB
3	ensighten.com nexus.ensighten.com	10 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	amazonaws.com upp-public.s3.amazonaws.com s3-eu-west-1.amazonaws.com	140 KB
3	cloudfront.net d3agx2rif8aadl.cloudfront.net d2wy8f7a9ursnm.cloudfront.net d10lpsik1i8c69.cloudfront.net	161 KB
2	3lift.com 1 redirects eb2.3lift.com	717 B
2	tapad.com 2 redirects pixel.tapad.com	753 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	579 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	2 KB
2	openx.net 1 redirects eu-u.openx.net	347 B
2	bluekai.com tags.bluekai.com	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	967 B
2	eyeota.net ps.eyeota.net	688 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	852 B
2	advertising.com 2 redirects pixel.advertising.com	675 B
2	adscale.de 2 redirects ih.adscale.de	658 B
2	oneopinion.com cdn.oneopinion.com evidon.oneopinion.com	6 KB
2	googletagmanager.com www.googletagmanager.com	69 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	237 B
1	teads.tv sync.teads.tv	172 B
1	ib-ibi.com global.ib-ibi.com	72 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	456 B
1	agkn.com 1 redirects aa.agkn.com	341 B
1	userreport.com pdw-adf.userreport.com	433 B
1	pubmatic.com simage2.pubmatic.com	850 B
1	krxd.net beacon.krxd.net	337 B
1	adsafety.net cm.adsafety.net	229 B
1	onaudience.com pixel.onaudience.com	248 B
1	adrtx.net 1 redirects api.adrtx.net	407 B
1	exelator.com loadm.exelator.com	324 B
1	contextweb.com bh.contextweb.com	406 B
1	stickyadstv.com ads.stickyadstv.com	710 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	360 B
1	googleoptimize.com www.googleoptimize.com	37 KB
1	adobedtm.com assets.adobedtm.com	22 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	trustpilot.com widget.trustpilot.com	7 KB
1	surveysampling.com dq.tmx.surveysampling.com	2 KB
1	googleapis.com fonts.googleapis.com	565 B
0	angsrvr.com Failed sy.eu.angsrvr.com Failed
114	64

	Domain	Requested by
11	c1.adform.net	1 redirects a2.adform.net c1.adform.net
9	www.e-rewards.com	1 redirects www.e-rewards.com
8	darwin-assets.dynata.com	www.e-rewards.com
7	cm.g.doubleclick.net	7 redirects
7	ka-f.fontawesome.com	kit.fontawesome.com www.e-rewards.com d2wy8f7a9ursnm.cloudfront.net
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	uipglob.semasio.net	4 redirects
4	pixel.mathtag.com	1 redirects a2.adform.net www.e-rewards.com
4	c.evidon.com	c.betrad.com www.e-rewards.com
4	a2.adform.net	2 redirects www.e-rewards.com a2.adform.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	secure.adnxs.com	2 redirects c1.adform.net
3	idsync.rlcdn.com	2 redirects c1.adform.net
3	match.adsrvr.org	3 redirects
3	nexus.ensighten.com	assets.adobedtm.com nexus.ensighten.com
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	eu-u.openx.net	1 redirects c1.adform.net
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	ps.eyeota.net	c1.adform.net
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	l.betrad.com	www.e-rewards.com
2	notify.bugsnag.com	d2wy8f7a9ursnm.cloudfront.net
2	sessions.bugsnag.com	d2wy8f7a9ursnm.cloudfront.net
2	upp-public.s3.amazonaws.com	www.e-rewards.com
2	www.googletagmanager.com	www.e-rewards.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	ib.adnxs.com	1 redirects
1	ice.360yield.com	1 redirects
1	global.ib-ibi.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.adsafety.net	c1.adform.net
1	pixel.onaudience.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	loadm.exelator.com	c1.adform.net
1	cms.analytics.yahoo.com	c1.adform.net
1	bh.contextweb.com	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	c.betrad.com	cdn.oneopinion.com
1	www.googleoptimize.com	assets.adobedtm.com
1	evidon.oneopinion.com	cdn.oneopinion.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	s2.adform.net	www.e-rewards.com
1	cdn.oneopinion.com	www.e-rewards.com
1	flare.e-rewards.com	www.e-rewards.com
1	d10lpsik1i8c69.cloudfront.net	www.e-rewards.com
1	script.hotjar.com	static.hotjar.com
1	goggles.mw.dynata.com	1 redirects
1	static.hotjar.com	www.e-rewards.com
1	assets.adobedtm.com	www.e-rewards.com
1	d2wy8f7a9ursnm.cloudfront.net	www.e-rewards.com
1	d3agx2rif8aadl.cloudfront.net	www.e-rewards.com
1	fonts.gstatic.com	fonts.googleapis.com
1	kit.fontawesome.com	www.e-rewards.com
1	widget.trustpilot.com	www.e-rewards.com
1	dq.tmx.surveysampling.com	www.e-rewards.com
1	fonts.googleapis.com	www.e-rewards.com
0	sy.eu.angsrvr.com Failed	c1.adform.net
114	82

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
info.evidon.com

Subject Issuer	Validity	Valid
*.e-rewards.com Amazon	`2020-09-23` - `2021-10-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
dq.tmx.surveysampling.com Amazon	`2021-01-22` - `2022-02-19`	a year	crt.sh
*.dynata.com Amazon	`2020-05-16` - `2021-06-16`	a year	crt.sh
*.trustpilot.com Amazon	`2020-05-01` - `2021-06-01`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-13` - `2021-10-12`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.oneopinion.com Amazon	`2021-01-13` - `2022-02-10`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.betrad.com DigiCert SHA2 Secure Server CA	`2020-04-29` - `2021-07-29`	a year	crt.sh
*.evidon.com DigiCert Secure Site ECC CA-1	`2020-04-29` - `2021-07-29`	a year	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2021-05-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-29` - `2021-06-22`	6 months	crt.sh
*.eyeota.net R3	`2020-12-29` - `2021-03-29`	3 months	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2020-05-28` - `2021-05-28`	a year	crt.sh
*.adsafety.net R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.userreport.com RapidSSL RSA CA 2018	`2019-01-10` - `2021-03-10`	2 years	crt.sh
*.ib-ibi.com DigiCert SHA2 High Assurance Server CA	`2019-01-07` - `2021-03-03`	2 years	crt.sh
*.id5-sync.com R3	`2020-12-26` - `2021-03-26`	3 months	crt.sh
teads.tv R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
sync.1dmp.io R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
s.ad.smaato.net Amazon	`2020-04-15` - `2021-05-15`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2020-05-22` - `2021-06-04`	a year	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.e-rewards.com/
Frame ID: 518BFA121919B192EACD76814A0BBE9D
Requests: 61 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2793AA5BD184906B016FE1D30CBA53AC
Requests: 1 HTTP requests in this frame

Frame: https://a2.adform.net/serving/container/?pm=1956476&lid=65760292&ctype=0&media=0&PageName=Conversion_e-Rewards+Homepage&rnd=1715337298&cpref=&loc=https%3a%2f%2fwww.e-rewards.com%2f
Frame ID: 6BCEDC86E911EE47021F9ECFC8DB8471
Requests: 4 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Frame ID: 55D33003E8C71C42B5BBBFBBBA84817E
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.e-rewards.com/ HTTP 301
https://www.e-rewards.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

114
Requests

99 %
HTTPS

20 %
IPv6

64
Domains

82
Subdomains

63
IPs

9
Countries

1416 kB
Transfer

2782 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/eRewardsUS/
Title: Follow us

Search URL Search Domain Scan URL

URL: http://info.evidon.com/pub_info/16864
Title: Cookie Notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.e-rewards.com/ HTTP 301
https://www.e-rewards.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://goggles.mw.dynata.com/api/v1/upp/global.js HTTP 302
https://upp-public.s3.amazonaws.com/upp-client/1.1.0/global.js?v=2

Request Chain 45

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 55

https://a2.adform.net/Serving/TrackPoint/?pm=1956476&ADFPageName=Conversion_e-Rewards%20Homepage&ADFdivider=%7C&ord=268268891788&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.e-rewards.com%2F HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1956476&ADFPageName=Conversion_e-Rewards%20Homepage&ADFdivider=%7C&ord=268268891788&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.e-rewards.com%2F

Request Chain 66

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3670222353713489722&Expiration=1614600206 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3670222353713489722&Expiration=1614600206

Request Chain 69

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3670222353713489722&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3670222353713489722&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=de0d014d587843a8999aa92f96b72316 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=e8b0d112df4cc1b5f123428ec7a36460f69a5ec42957254ec517e66a74e24df6

Request Chain 71

https://pixel.advertising.com/ups/55944/sync?uid=3670222353713489722&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=3670222353713489722&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3670222353713489722&_origin=1&apid=UPcf953eac-6f85-11eb-9134-028ad9218a3e HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3670222353713489722&_origin=1&apid=UPcf953eac-6f85-11eb-9134-028ad9218a3e&verify=true

Request Chain 74

https://x.bidswitch.net/sync?dsp_id=70&user_id=3670222353713489722 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3670222353713489722 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=7fd15b0c-09c7-4d6c-bbef-ba04d73479ae

Request Chain 75

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3670222353713489722&expiration=1614600206 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3670222353713489722&expiration=1614600206&C=1

Request Chain 76

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3670222353713489722&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3670222353713489722&sInitiator=external HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=f701f61b-7bd9-400e-9957-b61e90e6957f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=REIyMjYwNUM1NTBDNzNFOQ&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELwaKG5bd8-CTMfxMpZPv3A&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&sInitiator=internal&gdpr=true&euconsent=

Request Chain 79

https://idsync.rlcdn.com/398366.gif?partner_uid=3670222353713489722 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMzY3MDIyMjM1MzcxMzQ4OTcyMhAAGg0IjsapgQYSBQjoBxAAQgBKAA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFW9yZq-OeCPmtrkBaV99d0&google_cver=1

Request Chain 80

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3670222353713489722 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3670222353713489722

Request Chain 82

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3670222353713489722 HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3670222353713489722

Request Chain 83

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzY3MDIyMjM1MzcxMzQ4OTcyMg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzY3MDIyMjM1MzcxMzQ4OTcyMg&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG4Z1gam7maHuD5txVLF4Zo&google_cver=1&google_ula=1641347,0

Request Chain 89

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3467278733886171876&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=3670222353713489722

Request Chain 92

https://a.audrte.com/a?adform_uid=3670222353713489722 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESECN6KmgoP7VsgwC61gk3_v0&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=9hel-3TQEm3RAyAfsV-flsCLA&gdpr=0&gdpr_consent=

Request Chain 93

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3670222353713489722&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3670222353713489722&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=90319210186241673804422025347186725284&noredirect=1

Request Chain 94

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3670222353713489722 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164861203698000617646

Request Chain 95

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6929459892742584470

Request Chain 97

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=39dd602a-630e-4300-9a53-3a0dc81e74ea

Request Chain 98

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=t0K6996G1LbCB95

Request Chain 99

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f701f61b-7bd9-400e-9957-b61e90e6957f

Request Chain 101

https://id5-sync.com/s/10/0.gif?puid=3670222353713489722 HTTP 302
https://id5-sync.com/c/10/10/2/1.gif?puid=3670222353713489722&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOq4sMQJC5hN1hLlkCXBy-CiZj5IpIAyuN_2HzRA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/10/124/1/2.gif?puid=534c6112-79a8-417a-9a2e-ef0d61c9a752&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEIj4nZfL3r4QeNXKUrUMW_w&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIj4nZfL3r4QeNXKUrUMW_w&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3467278733886171876&opid=apx&ops=&utidl=tech:goo:CAESEIj4nZfL3r4QeNXKUrUMW_w&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A11241661041&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Request Chain 102

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=842536287 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5z6EyDG5QOChe/dsKLQoP.

Request Chain 104

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3670222353713489722 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3670222353713489722&cs=1

Request Chain 106

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3670222353713489722&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3670222353713489722&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=cfcc2c51-6f85-11eb-afe8-5a9a02d33f5c

Request Chain 108

https://eb2.3lift.com/xuid?mid=7354&xuid=3670222353713489722&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3670222353713489722&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.e-rewards.com/
Redirect Chain

http://www.e-rewards.com/
https://www.e-rewards.com/

126 KB
25 KB

455ms
437ms

Document
text/html

2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0f1f020da93f336a0656a556ac29b66e82f67285b67164509d157350b02d435

Request headers

:method: GET
:authority: www.e-rewards.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
date: Mon, 15 Feb 2021 12:03:25 GMT
last-modified: Fri, 12 Feb 2021 14:17:02 GMT
etag: W/"52b0d933bcde32bdf1b0f5b78ac08392"
server: AmazonS3
set-cookie: corona_visit="eyJwYW5lbElkIjoiNTAiLCJkdCI6IjE2MTMzOTA2MDQ4NjciLCJ1dWlkIjoiOTVkOGFjNWYtYmFmZi00NTMxLTk5MzAtZDFjY2I2NWFmMDcxIiwidG9rZW4iOiI1NWNkNDRjMjgzMzUxMjJmOTkyZjdiNDkwZWY4ZDljYTFhNGViNmU0In0="; Domain=.e-rewards.com; path=/
content-encoding: gzip
vary: Accept-Encoding,Cookie
x-cache: Miss from cloudfront
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ek228cj5YUR-icfepiWGwaFbFxJ4EhEmqVO61cj9ObOcmOiN2lWbAw==

Redirect headers

Server: CloudFront
Date: Mon, 15 Feb 2021 12:03:24 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.e-rewards.com/
X-Cache: Redirect from cloudfront
Via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: RLx3stQe4dXYDcBsC-MKZ0-yvwmDJTTjV98uYnLqi2LF1SdER8rLmA==

GET
H2 200 style.css
www.e-rewards.com/blueprint/dist/stylesheets/ 97 KB
19 KB 9ms
8ms Stylesheet
text/css 2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 13:22:05 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:16:57 GMT
server: AmazonS3
age: 81680
etag: W/"30d82773f7c95cddad36e1abe66530d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: giJBMEg_dEK4AOf-KrzgefH2GBABSyXZKW68KFGi9HFlyDI9Cwcjyw==

GET
H2 200 default.css
www.e-rewards.com/blueprint/dist/stylesheets/layouts/default/ 17 KB
4 KB 8ms
7ms Stylesheet
text/css 2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/blueprint/dist/stylesheets/layouts/default/default.css
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0072ac4da2be62e296da967e0c844bc37e237e74bfab56683c927528eefdd6e0

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 13:22:05 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:16:54 GMT
server: AmazonS3
age: 81680
etag: W/"2f57c156084f18379771147e8f8e3a70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -j354VCo1mshdI7eKc4Al5rmHJv68TLdj28A2x6hrY5OTOJp286MQg==

GET
H2 200 icons.js Show response
www.e-rewards.com/blueprint/dist/common/ 15 KB
5 KB 9ms
9ms Script
application/javascript 2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/blueprint/dist/common/icons.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a482b239be36ea3db3ad631da4bc6063d490196c0d17de3d85c3a03d86faef75

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 13:22:05 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:16:53 GMT
server: AmazonS3
age: 81680
etag: W/"e31b709e272a7bfca0723fc37c2681f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: IuNr0J6OsHTOR3uXZd_1cKaat0sDbNuKy5NGS7LpeAR3EPzdUALfbQ==

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
565 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Requested by

Host: www.e-rewards.com
URL: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d417952c1aee9d78d81a444a5e30ff9a2ecb26b4f224e650c12da801b411d96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Feb 2021 12:03:24 GMT
server: ESF
date: Mon, 15 Feb 2021 12:03:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Feb 2021 12:03:24 GMT

GET
H2 200 tmx.js Show response
dq.tmx.surveysampling.com/threatmetrix/ 2 KB
2 KB 44ms
6ms Script
application/x-javascript 2600:9000:206f:4c00:1d:cb66:70c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dq.tmx.surveysampling.com/threatmetrix/tmx.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4c00:1d:cb66:70c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e710de470f984623ec96f39726f73a14e4eefa7ec7e56ea05507c85ffa97f1c

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 01:50:04 GMT
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Tue, 26 Mar 2019 14:17:43 GMT
server: AmazonS3
age: 36801
etag: "0f0a6b1b64c0baef75940b9d99554643"
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2203
x-amz-cf-id: 23spP3iE-G6iLDBNPkfw9M3CsC0T-ku7qJD0umHEn2P70IJU_tiGew==

GET
H2 200 eRewards.png
darwin-assets.dynata.com/ 21 KB
21 KB 49ms
6ms Image
image/png 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darwin-assets.dynata.com/eRewards.png
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 940814c81f66bbc6074e23d64a49d45c5946d3e93c5c6807dc6c30f52e99b690

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 06:20:45 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Wed, 18 Sep 2019 20:53:26 GMT
server: AmazonS3
age: 20560
etag: "e83a54d1881a6746694f1a237cc2c56d"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 20996
x-amz-cf-id: k5al0ohxTOxNqTSPIT_Z8Qe7xUz2QyQQtIUb-sO9QQguUy0puVtl_A==

GET
H2 200 eRewards-mobile.png
darwin-assets.dynata.com/ 6 KB
7 KB 49ms
7ms Image
image/png 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darwin-assets.dynata.com/eRewards-mobile.png
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd1d48c6172c4a60339397890b7687cdcb03b45261d095304888c79e959714fb

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 05:17:34 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Mon, 23 Sep 2019 23:36:52 GMT
server: AmazonS3
age: 24351
etag: "a9b763f281d166afbf0777e5406ea6fd"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6541
x-amz-cf-id: GU4FkFrgupkuKFLzWnXmyUgyxFaibDWq4XElS1mRUtUqEO1kiyo8lg==

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 20 KB
7 KB 140ms
46ms Script
application/x-javascript 65.9.94.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.e-rewards.com
URL: https://www.e-rewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.94.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b4e13931ab40de24157618e15c0acf8709db66a56f5924bebb3834c5f632105d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 25031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Mon, 15 Feb 2021 05:06:14 GMT
content-length: 6699
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Jan 2021 09:37:02 GMT
server: AmazonS3
etag: "2fd9c60e9bcfaf4ac19ab18d4a1e126e"
content-type: application/x-javascript
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-amz-cf-id: RcW9sTnW6Wq2ZU3W9b0QUChndW4VJTrwQRub4nmw18j0iS4Bz_KLnQ==

GET
H2 200 b7da1dbf2d.js Show response
kit.fontawesome.com/ 11 KB
4 KB 40ms
22ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/b7da1dbf2d.js

Requested by

Host: www.e-rewards.com
URL: https://www.e-rewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f842a97e69f92f840786c99d7ce9ecc186c63ab17e14da444942ea175a6e8a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:24 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 30
strict-transport-security: max-age=31536000; preload
cf-request-id: 08472c02a80000175e5687e000000001
x-request-id: Flo4Th5IRA-K39kAAhjh
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 621ee2b10ede175e-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 erop-index-hero-o1.jpg
darwin-assets.dynata.com/EROP/ 71 KB
71 KB 41ms
23ms Image
image/jpeg 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darwin-assets.dynata.com/EROP/erop-index-hero-o1.jpg
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2df128d3630c50d15321128d52230d27a2a4bf5237572629ae2c6e2659562eab

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
etag: "2f4ca8653d478367faa53178928d1dfc"
last-modified: Fri, 29 Jan 2021 13:55:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 72265
x-amz-cf-id: eAUYnWjKmmpt7RwyVMRxsbsbUktSyUN8u-W55ffGutRx6EDNWJi1Hw==

GET
H3-Q050 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.e-rewards.com
Referer: https://fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,400italic,400,700,700italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 13:34:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 599313
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Tue, 08 Feb 2022 13:34:51 GMT

GET
H2 200 fontawesome-webfont.woff2
www.e-rewards.com/shared/vendor/font-awesome/fonts/ 65 KB
65 KB 9ms
8ms Font
font/woff2 2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/shared/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: https://www.e-rewards.com
Referer: https://www.e-rewards.com/blueprint/dist/stylesheets/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 14:48:53 GMT
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 14:17:07 GMT
server: AmazonS3
age: 76472
etag: "db812d8a70a4e88e888744c1c9a27e89"
x-cache: Hit from cloudfront
content-type: font/woff2
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 66624
x-amz-cf-id: bDeDRYp61oRsXBvIAMLyTezPa67DsrROv4eklwALM2sP7PePS-HjoA==

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
13 KB 34ms
17ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=b7da1dbf2d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b7da1dbf2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 fba39238fd8fc98a9491893a18564594.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2655606
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08472c02e000002b1a8c209000000001
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DxRLlMZriReysdgIUi7PDL5E4zlJLnidnoDUs199M%2Fd4zn82OH5enyWEM%2Fcxm5Sw7xE%2B4250AkfN0pKgmGronX5aXB3JYgDl3bmP2GSCPdN6E3aDovTN6O%2FAMwLaO%2FwBOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 621ee2b16b822b1a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ZQZ87Ty702N6jAaldBYbNwYkVsRux5dUvdLCRhfpj7MsstUTK8tUlw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
5 KB 32ms
15ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=b7da1dbf2d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b7da1dbf2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2655606
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08472c02e000002b1adf295000000001
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YyIwmwHy6RF%2BOUNJ%2FBXeLvDmOnrs%2Bhk1Mz08zdKcQ8ffnN%2BkdVJYajkRq9MPYVdktfUvjsGnAof58OtySs6pAT5xf1sfo58Y03cdwCD6HIhjv4AoKTJXvl4nJGK4y9i20Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 621ee2b16b852b1a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: xkorG1NzywOzHxm4xkd4o2wLBazCGjEvsr9nkUkahMt-6ivc71MqgA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 3 KB
1 KB 33ms
16ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-font-face.min.css?token=b7da1dbf2d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b7da1dbf2d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 bd80cfe94adf909814522d7e10625c19.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2655606
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08472c02e000002b1a71802000000001
last-modified: Wed, 13 Jan 2021 18:32:16 GMT
server: cloudflare
etag: W/"252773908df2cc3deb0e09dc1817e64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rsh8sLPSStBMDq%2FFsUDp1UJkfx%2BPXoSgauWdV%2F01Ljse5R8ciFflRyM1lHLZ1xjirgOHX%2Br8C%2FNkcoKYm9wVbZsKkFN%2FzlcUlt%2BUy%2BlYj3Bn7N%2BqCerCmL6R25W28FLRCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 621ee2b16b872b1a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: XFetwsb6TosgQrqE47C-_Zbx3l8WasV3XYkEl13Daf7IfCQJ_cra7Q==

GET
H2 200 erop-promo-box3-v4.jpg
darwin-assets.dynata.com/ 21 KB
21 KB 21ms
20ms Image
image/jpeg 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darwin-assets.dynata.com/erop-promo-box3-v4.jpg
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 106906f49498839a7d83d86e92f89af57a6c6d2df1fe5c013489a8bb18f5518b

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Tue, 15 Oct 2019 11:43:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "d5dbd4e2b45c85d33fadf04c95228edb"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 21056
x-amz-cf-id: 4KTXCToxcTW_Kbfo9913HPuSHhCQ-e2myGKL8Tuiu3t3GBlT6c8xXQ==

GET
H2 200 erop-promo-box2-v4.jpg
darwin-assets.dynata.com/ 30 KB
30 KB 15ms
14ms Image
image/jpeg 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darwin-assets.dynata.com/erop-promo-box2-v4.jpg
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37e27da77e4d748bb7ada394fd8bf9191d4469ee5fd0d3b1e59cd16c8cd2b296

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Tue, 15 Oct 2019 11:43:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "52e2ed334f8af26859e63bb292951c44"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 30220
x-amz-cf-id: BIuXqoTdX8kIe6pf-Kpz820winVnPTs91vwHlos2UHdG5pqzlOMolQ==

GET
H2 200 erop-promo-box3-ex-dark.jpg
darwin-assets.dynata.com/ 81 KB
82 KB 10ms
10ms Image
image/jpeg 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darwin-assets.dynata.com/erop-promo-box3-ex-dark.jpg
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36d1d18d8fe206cc94c1ac76f30dfb4f6830063698348128602fa8ef2e78a0e5

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 02:20:14 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Mon, 16 Sep 2019 01:54:03 GMT
server: AmazonS3
age: 34992
etag: "aaf5d86c670c4eed1616c74a583aaca6"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 83416
x-amz-cf-id: iTOBS6y98AMyNoSgn61vFuChCYfS9Pd0ePq9jEjENGPf06zx7DSm3Q==

GET
H2 200 erop-index-section3-ex-v5.jpg
darwin-assets.dynata.com/EROP/ 80 KB
80 KB 10ms
9ms Image
image/jpeg 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://darwin-assets.dynata.com/EROP/erop-index-section3-ex-v5.jpg
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 489d701de34ddc176d473e3f21c30d8943a0f3e212b97583ef37d7c418881929

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Feb 2021 02:53:21 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 09:46:23 GMT
server: AmazonS3
age: 33005
etag: "1806d817549e7e296eb920556f277c11"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 81968
x-amz-cf-id: _Hur8-L0E7-MQcqTTfBG4mK2T3uam_1p0vA8X2GMPgK7b4WMog6TGw==

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.2/webfonts/ 78 KB
79 KB 15ms
15ms Font
font/woff2 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454

Request headers

Origin: https://www.e-rewards.com
Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 ab75100c271dc755058d3ce126a2b54d.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 532545
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 80272
cf-request-id: 08472c035a00002b1ad1b21000000001
last-modified: Wed, 13 Jan 2021 18:39:13 GMT
server: cloudflare
etag: "a156119daf157b8244f7c816f85638cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P33gNIaLQ7dM07KtnJuqJLyZ%2FRZTp5I5wmfdTZaZuL2BM5Sb4qykR2s3idAZoRDNABf7n6zy8lOtY2vxJDKyoUQjQff9Eyk3z4lh9uX2vVomZWYGWw9gf3pU3Ykyfbld0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
cf-ray: 621ee2b22d182b1a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 6MUuJqCm88gQZizorSg73LdTCOhbvr3jaIiHXi2wVdG5Bg_24bnDxg==

GET
H2 200 nectarCanvass2-global.js Show response
www.e-rewards.com/blueprint/dist/packages/ 617 KB
183 KB 11ms
9ms Script
application/javascript 2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/blueprint/dist/packages/nectarCanvass2-global.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98d69c5eb04cbd747cd6a4343f9cd2bed117304c525bf5c5dfe9b2a62ea97bda

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 13:22:06 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:16:54 GMT
server: AmazonS3
age: 81680
etag: W/"37c0e0a69c26ba53602f13450f55c902"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: aQcDP3pSNiYYwyPDITicGP3hBVsupjD7p15Qso1i_luX4OCiRBtOXA==

GET
H2 200 home.js Show response
www.e-rewards.com/blueprint/dist/apps/home/ 106 KB
28 KB 13ms
9ms Script
application/javascript 2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/blueprint/dist/apps/home/home.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd2224568ea7256886fe270d87325fd43ebdab856afc9c0d7653371bf45672d9

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 13:22:06 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:16:53 GMT
server: AmazonS3
age: 81680
etag: W/"7047e0953e5651bb8e398b9f4406abab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: e01JhFI30LFLNCu4kAjC4zc6bPv-X8ueUrDWvw9svpOVotq2WdLmRw==

GET
H2 200 layout.js Show response
www.e-rewards.com/blueprint/dist/common/ 2 KB
1 KB 10ms
7ms Script
application/javascript 2600:9000:206f:2e00:3:68f9:62c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.e-rewards.com/blueprint/dist/common/layout.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:2e00:3:68f9:62c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8cb723056209dec3150bfb06892a920763a08b3e9d132abba47b564e26270a3

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 14 Feb 2021 13:22:06 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 14:16:53 GMT
server: AmazonS3
age: 81680
etag: W/"d8d4d7ac821659aaecc05258aa670a36"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: DKpOanYDmMklTbgcY0ntL-949Sd6HclWvKBLeQutJQJoHH1JyBVggg==

GET
H2 200 registrationguard1.0.js Show response
d3agx2rif8aadl.cloudfront.net/ 118 KB
118 KB 40ms
7ms Script
application/x-javascript 2600:9000:206f:be00:0:9a75:c240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agx2rif8aadl.cloudfront.net/registrationguard1.0.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:be00:0:9a75:c240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b334d45d548960adaaaeaddac5c6dea70cd04d2b4351537bd133950fc182faff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: io7HvMjHGXK9U0QUBEay5uDuv4VGjz2o
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
last-modified: Mon, 25 Jan 2021 17:03:02 GMT
server: AmazonS3
age: 22126
etag: "b39fcab6675ba3592428e6a2d248e744"
x-cache: Hit from cloudfront
content-type: application/x-javascript
date: Mon, 15 Feb 2021 05:54:40 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 120335
x-amz-cf-id: B_zTQL73SAegl1694kFwG_JZCeGx7q3PQQpI_qqzlMUOEaNQfS0vtQ==

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
41 KB 144ms
49ms Script
application/javascript 65.9.91.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 00:36:32 GMT
Via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 14210814
ETag: "e63788b8657ac52b3cdbb970e551c2a4"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=315360000
X-Amz-Cf-Pop: PRG50-C1
Accept-Ranges: bytes
Content-Length: 40961
X-Amz-Cf-Id: 8qwnN7q9_FSQGL5V_0RP8gY6Nny5n_U96GJxppyW7rf3dCQPK8UFoQ==

GET
H2 200 launch-EN60fd1a01badf4e628a4115339e14d224.min.js Show response
assets.adobedtm.com/ 87 KB
22 KB 26ms
6ms Script
application/x-javascript 2a02:26f0:7100:491::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN60fd1a01badf4e628a4115339e14d224.min.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:491::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3f14b2e2395eb4afea88f03f128887a97d0de3a3584a7a7ba43985c6b5abec42

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 16:27:44 GMT
server: AkamaiNetStorage
etag: "5d4e5db5dec57e6ff1b7e5d49e2d8c0f:1604507264.810586"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.e-rewards.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 21788
expires: Mon, 15 Feb 2021 13:03:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 28ms
26ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48438478-1

Requested by

Host: www.e-rewards.com
URL: https://www.e-rewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e53665cfe89ea53a2883832bdbb6a1fa2b3f3fd3646c6877961134f40bdfaa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39101
x-xss-protection: 0
expires: Mon, 15 Feb 2021 12:03:25 GMT

GET
H2 200 campaign.js Show response
darwin-assets.dynata.com/ 42 KB
43 KB 8ms
6ms Script
text/javascript 2600:9000:206f:3c00:17:5070:d6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://darwin-assets.dynata.com/campaign.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:17:5070:d6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 687bb59e461b9e9d947b1efad82a5af0db2895c91d6ef45ac4941e27294bebff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Feb 2021 02:29:39 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 21:55:14 GMT
server: AmazonS3
age: 34427
etag: "74a2fe28f9d340c481ba1aad94111773"
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 43461
x-amz-cf-id: VtjDxo21IaY1v6oIohH3_VWpnw60AMkkLt5-EtNLbsgf2SEE8Zstag==

GET
H/1.1 200
OK global.js Show response
upp-public.s3.amazonaws.com/upp-client/1.1.0/ 69 KB
70 KB 436ms
118ms Script
application/javascript 52.216.177.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upp-public.s3.amazonaws.com/upp-client/1.1.0/global.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.177.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eecf79260d8f028750a84724431257a261ac8532aaae3d2bf81c907c6deae9ec

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Last-Modified: Mon, 14 Dec 2020 17:38:50 GMT
Server: AmazonS3
x-amz-request-id: 76BAE49A5BFEFE0E
ETag: "f0f6b58a47172184f2b4d97fbe1eb61e"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 71024
x-amz-id-2: l/z06JiyC9wDxcS6UA5BBu5dYatWmhJqn5syO09DypssSo/yM4aQSdw/2qfAQ/Y+RShlm7O/8nM=

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 158ms
143ms Other 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.e-rewards.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:25 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 146ms
145ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.e-rewards.com/
Bugsnag-Sent-At: 2021-02-15T12:03:25.377Z
Bugsnag-Api-Key: f76e95dcd14d705fbc9ef14b67d8d4c1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 google
alt-svc: clear
content-length: 21
content-type: application/json

GET
H2 200 hotjar-1702204.js Show response
static.hotjar.com/c/ 4 KB
2 KB 90ms
90ms Script
application/javascript 65.9.94.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1702204.js?sv=6

Requested by

Host: www.e-rewards.com
URL: https://www.e-rewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.94.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b68d488d29312ae3e813f96ad63c805f8bac6a561dfa870d2aedd9a4802c7635

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: PRG50-C1
etag: W/dd6d8a5f54d7bb724c5615341592b8f8
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1761
via: 1.1 0c8bf5614b4bcc3e76982cb7ff9a7662.cloudfront.net (CloudFront)
x-amz-cf-id: LKAg3Gg8VXO05skYn6wJqt7bj4lokFqnv9R9KevG_KWXquB9mFas7Q==

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 59 KB
12 KB 16ms
15ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free.min.css?token=b7da1dbf2d
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 fba39238fd8fc98a9491893a18564594.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2655606
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08472c045000002b1adf2b6000000001
last-modified: Wed, 13 Jan 2021 18:32:18 GMT
server: cloudflare
etag: W/"4ecc071b77d6b1790fa9fb8a5173f972"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3cMSVNoFn%2BLck4w6HaH5qPDCavzivB2XpuO4LiDMBROt9kxwhe5aa183x%2BLNVlhraI4a7N%2BJHv%2BYGMKrbmKLrGwTHEIkP9ypUduCxdpg2mUznIOjAwDjGh4yEnRcnhyPvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 621ee2b3b8142b1a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ZQZ87Ty702N6jAaldBYbNwYkVsRux5dUvdLCRhfpj7MsstUTK8tUlw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 26 KB
5 KB 15ms
14ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-shims.min.css?token=b7da1dbf2d
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2655606
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08472c045000002b1a519a8000000001
last-modified: Wed, 13 Jan 2021 18:32:17 GMT
server: cloudflare
etag: W/"1848e71668f42835079e5fa2af6cf4a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EkP8R2ot0f3MVwkrmQnK46vu%2B1vJvS91aqhARDqgGosqt%2Blp%2Fo3qUQcc1GY4qB3HovFfkDouK3lsCKqQyPr8BiE0GKKNa3B30zGFA%2BPI5%2FMfKrf6JlqHaLIwSDsGLlYlkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 621ee2b3b8182b1a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: xkorG1NzywOzHxm4xkd4o2wLBazCGjEvsr9nkUkahMt-6ivc71MqgA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.2/css/ 3 KB
1 KB 18ms
17ms Fetch
text/css 2606:4700:e6::ac40:ca1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.2/css/free-v4-font-face.min.css?token=b7da1dbf2d
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
via: 1.1 bd80cfe94adf909814522d7e10625c19.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2655606
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 08472c045000002b1a58335000000001
last-modified: Wed, 13 Jan 2021 18:32:16 GMT
server: cloudflare
etag: W/"252773908df2cc3deb0e09dc1817e64b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zD07mmAkuqJ3DLnio2XM%2FEDs42QspqL56lGDeJgyhXYIThpCPNc6GwsA%2FZ7t2Stjzua280N2heFV9gwApmEOSdV%2FVd1bdXCTjUNF%2BbTvRSHAERKZEaqfBNn7U2HuipQSUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP64-C1
cf-ray: 621ee2b3b81a2b1a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: XFetwsb6TosgQrqE47C-_Zbx3l8WasV3XYkEl13Daf7IfCQJ_cra7Q==

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 15ms
10ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48438478-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2604
date: Mon, 15 Feb 2021 11:20:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 15 Feb 2021 13:20:01 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 18ms
17ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=627187210&t=pageview&_s=1&dl=https%3A%2F%2Fwww.e-rewards.com%2F&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=709488724&gjid=416033840&cid=93270645.1613390605&tid=UA-48438478-1&_gid=631489023.1613390605&_r=1&gtm=2ou230&z=83843596

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

global.js Show response
upp-public.s3.amazonaws.com/upp-client/1.1.0/
Redirect Chain

https://goggles.mw.dynata.com/api/v1/upp/global.js
https://upp-public.s3.amazonaws.com/upp-client/1.1.0/global.js?v=2

69 KB
70 KB

113ms
113ms

Script
application/javascript

52.216.177.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://upp-public.s3.amazonaws.com/upp-client/1.1.0/global.js?v=2
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.177.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eecf79260d8f028750a84724431257a261ac8532aaae3d2bf81c907c6deae9ec

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Last-Modified: Mon, 14 Dec 2020 17:38:50 GMT
Server: AmazonS3
x-amz-request-id: 072F01DC7816A5BD
ETag: "f0f6b58a47172184f2b4d97fbe1eb61e"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 71024
x-amz-id-2: pANfdn0qVUe3z4yM8AJEGcNLRmDULHuH4anjOmN0SHb/t8uXBtsi9tEzgF98BWEEVPPGVNQlIUA=

Redirect headers

date: Mon, 15 Feb 2021 12:03:25 GMT
content-encoding: gzip
location: https://upp-public.s3.amazonaws.com/upp-client/1.1.0/global.js?v=2
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, paneldomainid
content-length: 110

GET
H2 200 modules.a84f203d7417acc5a631.js Show response
script.hotjar.com/ 225 KB
59 KB 48ms
47ms Script
application/javascript 65.9.94.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.a84f203d7417acc5a631.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1702204.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.94.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5aa00eb00b2231bd3d63bedc14a9aec30dc49c0008f3ca13a278cd48ea3e5191

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 10:29:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5633
x-cache: Hit from cloudfront
content-length: 60206
access-control-allow-origin: *
last-modified: Mon, 15 Feb 2021 10:26:29 GMT
etag: "a917757cfe5b07cd9fb83032af3deb2b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -lD0Mufvkw45CCj4ol3p5aj40Xrg7rLjTYo3n04bdMdo3ewAGjyIeA==

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 157ms
142ms Other 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://www.e-rewards.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version
access-control-allow-methods: POST
access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:25 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 137ms
44ms Script
application/javascript 65.9.91.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.91.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd27513c109ea36402ee7ea51a54c79d5883f2f0bc510500268a6b7834dcaf5c

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 11:53:22 GMT
content-encoding: gzip
last-modified: Tue, 26 Jan 2021 22:40:19 GMT
server: AmazonS3
age: 604
etag: W/"c887c3fbb2d17e630bce195beb41ca38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8197d89da72990bb606996d5e7c73ab6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: APTIpbB4ZCP3rLUNvsCegD8xLXjyAGBkBwAX_7KocMkcZ1Jz0-eXPw==

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 78 KB
31 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFM7ZQ

Requested by

Host: www.e-rewards.com
URL: https://www.e-rewards.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38f8eaf23cb997c61ecd485b90f5791ff8f2c8db23a6fefb43c806f20e705c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31306
x-xss-protection: 0
expires: Mon, 15 Feb 2021 12:03:25 GMT

POST
H2 200 / Show response
notify.bugsnag.com/ 2 B
113 B 150ms
150ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4
Referer: https://www.e-rewards.com/
Bugsnag-Sent-At: 2021-02-15T12:03:25.844Z
Bugsnag-Api-Key: f76e95dcd14d705fbc9ef14b67d8d4c1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:26 GMT
via: 1.1 google
bugsnag-event-id: 602a630e00699b7f3af90000
alt-svc: clear
content-length: 2
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK error Show response
flare.e-rewards.com/api/1/log/browser/ 4 B
320 B 557ms
157ms XHR
application/json 63.241.211.31
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://flare.e-rewards.com/api/1/log/browser/error
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.241.211.31 , United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Content-Encoding: gzip
Server: nginx
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.e-rewards.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 24

GET
H/1.1 200
OK dynata-min.js Show response
cdn.oneopinion.com/evidon/ 5 KB
5 KB 84ms
22ms Script
application/javascript 65.9.69.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.oneopinion.com/evidon/dynata-min.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9101bbe838915c3ee398c630c99ecd3ae7817f9e4c79d218955c93e444281dbc

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Mon, 15 Feb 2021 05:30:22 GMT
Via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
Last-Modified: Mon, 30 Dec 2019 21:25:14 GMT
Server: AmazonS3
Age: 23584
ETag: "8d3e37668b0e4906ea3a89a30a06f3fb"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 4832
X-Amz-Cf-Id: vwkghXJ3zR_-d6KhkUn-qYVF8eP6dnV_9xZRFPYR0nFGYzyYsVaGHA==

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

335ms
45ms

Script
application/x-javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 11:55:12 GMT
server: nginx
etag: W/"60057720-13dce"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Mon, 15 Feb 2021 12:03:26 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/12214/ 28 KB
9 KB 74ms
25ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN60fd1a01badf4e628a4115339e14d224.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5f6eee008275250a5d785e51e808048ff0d85019c0fe155f07a773d4bdea4f36

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 19:57:16 GMT
server: nginx
etag: W/"5f73919c-7076"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=627187210&t=pageview&_s=1&dl=https%3A%2F%2Fwww.e-rewards.com%2F&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=1086732002&gjid=1971138129&cid=93270645.1613390605&tid=UA-52458439-1&_gid=631489023.1613390605&_r=1&gtm=2wg230TLFM7ZQ&z=820302429

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.e-rewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
423 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-52458439-1&cid=93270645.1613390605&jid=1086732002&gjid=1971138129&_gid=631489023.1613390605&_u=aEDAAUABAAAAAC~&z=981611294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Feb 2021 12:03:25 GMT
content-type: text/plain
access-control-allow-origin: https://www.e-rewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html Show response
vars.hotjar.com/ Frame 2793 2 KB
1 KB 45ms
44ms Document
text/html 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1702204.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.e-rewards.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.e-rewards.com/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bc1976da553dde6dd59c4ea33001b73.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: tT8WItTTcsZXoNAo7JAigyUrjmXNEYht_26_Kt26JcbGWf5HdSc-vw==
age: 7239742

GET
H2 200 / Show response
evidon.oneopinion.com/ 8 B
304 B 521ms
298ms XHR
text/html 34.199.27.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://evidon.oneopinion.com/
Requested by: Host: cdn.oneopinion.com
URL: https://cdn.oneopinion.com/evidon/dynata-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.27.181 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx / PHP/7.1.33
Resource Hash: 7baba10dbe0046b49b22fc70055a9553ba58cf519675614831a387beae662034

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
server: nginx
x-powered-by: PHP/7.1.33
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 96 KB
37 KB 37ms
17ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NX7TBG8

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN60fd1a01badf4e628a4115339e14d224.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e41707c371cbc006907bf72e50e4fcfb03716f4fd1bff985397a704b8d81b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37528
x-xss-protection: 0
expires: Mon, 15 Feb 2021 12:03:25 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/12214/ 274 B
416 B 56ms
56ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12214/serverComponent.php?r=997.6681441486859&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/12214/code/&publishedOn=Tue%20Sep%2029%2019:51:26%20GMT%202020&ClientID=923&PageID=https%3A%2F%2Fwww.e-rewards.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5c11cb6f474709a944d5efd36c0fef92b366396d2abf2379995ac7534d1f72fa

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:25 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 274
expires: Mon, 15 Feb 2021 12:03:24 GMT

GET
H2 200 77819ac0b9d2bc1d24f7cfdd783cc0d1.js Show response
nexus.ensighten.com/choozle/12214/code/ 1 KB
513 B 23ms
22ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/12214/code/77819ac0b9d2bc1d24f7cfdd783cc0d1.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/12214/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
last-modified: Thu, 24 Sep 2020 02:31:06 GMT
server: nginx
etag: W/"5f6c04ea-535"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK h1.js Show response
c.betrad.com/geo/ 15 KB
5 KB 70ms
26ms Script
application/x-javascript 184.30.208.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.betrad.com/geo/h1.js
Requested by: Host: cdn.oneopinion.com
URL: https://cdn.oneopinion.com/evidon/dynata-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.208.188 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 142e887a7aaaf0b5bb5a1ac342133a63bc2b9f9e80b90b9014f67f3d11813711

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Oct 2019 16:47:17 GMT
Server: AkamaiNetStorage
ETag: "0474fb94c9b4df5d34cc37e8427323c1:1571935642"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5219

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=1956476&ADFPageName=Conversion_e-Rewards%20Homepage&ADFdivider=%7C&ord=268268891788&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fww...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1956476&ADFPageName=Conversion_e-Rewards%20Homepage&ADFdivider=%7C&ord=268268891788&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F...

952 B
1 KB

90ms
90ms

Script
text/javascript

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1956476&ADFPageName=Conversion_e-Rewards%20Homepage&ADFdivider=%7C&ord=268268891788&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.e-rewards.com%2F

Requested by

Host: www.e-rewards.com
URL: https://www.e-rewards.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

23131577ce2daaa9db40bcbaa30c82247f0852b435512a25c9e5a2d4f9c389ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 736
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:26 GMT
server: nginx
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1956476&ADFPageName=Conversion_e-Rewards%20Homepage&ADFdivider=%7C&ord=268268891788&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.e-rewards.com%2F
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 16864.js Show response
c.evidon.com/pub/c/2770/ 2 KB
1 KB 80ms
30ms Script
application/x-javascript 23.67.140.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/pub/c/2770/16864.js
Requested by: Host: c.betrad.com
URL: https://c.betrad.com/geo/h1.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.67.140.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-140-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 120cd72fe2d38521fcd272c5c9103d31db02c5f29b47eada305a492901d1f04c

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 22:56:20 GMT
server: AkamaiNetStorage
etag: "7ff00af50bcf8952b377fcd2126b04a0:1607727380.964633"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=172800
accept-ranges: bytes
access-control-allow-headers: *
content-length: 842

GET
H2 204 p.gif
l.betrad.com/pub/ 0
121 B 312ms
102ms Image
text/plain 107.21.82.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/pub/p.gif?pid=16864&ocid=2770&ii=1&nt=2&d=1&mb=0&r=0.4111576379021886
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.82.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 ric-info.png
c.evidon.com/pub/ 2 KB
2 KB 22ms
21ms Image
image/png 23.67.140.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/ric-info.png
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.67.140.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-140-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 01af67a2653d7059b2c3cb996d889bb0643aab79aba19610907adb24f502e261

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
last-modified: Wed, 16 May 2012 20:44:11 GMT
server: AkamaiNetStorage
etag: "9d28f72225001c55a9c802d3c71fb422:1337201051"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2039

GET
H2 200 ric-close.png
c.evidon.com/pub/ 526 B
832 B 22ms
21ms Image
image/png 23.67.140.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/ric-close.png
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.67.140.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-140-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 71d29817ccc89f5d51c79aefcb62f23c28e0300ab5702adc6e4b5c3d461e7922

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
last-modified: Wed, 16 May 2012 20:44:04 GMT
server: AkamaiNetStorage
etag: "16f1fe29bb13829c58c21080871b48ce:1337201044"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 549

GET
H2 204 p.gif
l.betrad.com/pub/ 0
120 B 312ms
103ms Image
text/plain 107.21.82.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/pub/p.gif?pid=16864&ocid=2770&ii=1&nt=1&d=1&mb=0&r=0.5814911989444356
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.82.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 bg1.png
c.evidon.com/pub/ 166 B
458 B 21ms
21ms Image
image/png 23.67.140.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/pub/bg1.png
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.67.140.99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-67-140-99.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9f68a41bd701e49dfdb3c4ae493f679d9269a3e694647dc6d0644525693da0c7

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
content-encoding: gzip
last-modified: Fri, 20 Apr 2012 19:51:42 GMT
server: AkamaiNetStorage
etag: "bbae2eeba0d9d0608ec2f6ee9e047c75:1334951502"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET,OPTIONS,POST
content-type: image/png
access-control-allow-origin
access-control-max-age: 108000
cache-control: max-age=864000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 175

GET
H2 200 / Show response
a2.adform.net/serving/container/ Frame 6BCE 968 B
887 B 90ms
89ms Document
text/html 185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/serving/container/?pm=1956476&lid=65760292&ctype=0&media=0&PageName=Conversion_e-Rewards+Homepage&rnd=1715337298&cpref=&loc=https%3a%2f%2fwww.e-rewards.com%2f

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c84344a3c708d08bc2ea198350bf37eb9b2e6080b1be1568b78e4736b6f774d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: a2.adform.net
:scheme: https
:path: /serving/container/?pm=1956476&lid=65760292&ctype=0&media=0&PageName=Conversion_e-Rewards+Homepage&rnd=1715337298&cpref=&loc=https%3a%2f%2fwww.e-rewards.com%2f
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.e-rewards.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=3670222353713489722; CM=1|0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.e-rewards.com/

Response headers

server: nginx
date: Mon, 15 Feb 2021 12:03:26 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 55D3 5 KB
2 KB 91ms
30ms Document
text/html 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Requested by

Host: a2.adform.net
URL: https://a2.adform.net/Serving/TrackPoint/?pm=1956476&ADFPageName=Conversion_e-Rewards%20Homepage&ADFdivider=%7C&ord=268268891788&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.e-rewards.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3e24b0309e650a95916e1cd8493e65f08931037c7ec10f95fd6cdf8d2026857d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.e-rewards.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: C=1; uid=3670222353713489722; CM=1|0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.e-rewards.com/

Response headers

server: nginx
date: Mon, 15 Feb 2021 12:03:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: CM14=1613477006_1613390606_1_Hu7u7u4e4e7u7u4REREeERERERHhEQ; expires=Mon, 01 Mar 2021 12:03:26 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 6BCE 597 B
1 KB 84ms
36ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1459267&mt_adid=217204&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: a2.adform.net
URL: https://a2.adform.net/serving/container/?pm=1956476&lid=65760292&ctype=0&media=0&PageName=Conversion_e-Rewards+Homepage&rnd=1715337298&cpref=&loc=https%3a%2f%2fwww.e-rewards.com%2f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x3 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://a2.adform.net/serving/container/?pm=1956476&lid=65760292&ctype=0&media=0&PageName=Conversion_e-Rewards+Homepage&rnd=1715337298&cpref=&loc=https%3a%2f%2fwww.e-rewards.com%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x3
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 15 Feb 2021 12:03:50 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 55D3 0
118 B 31ms
30ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:26 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 55D3
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=3670222353713489722&Expiration=1614600206
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3670222353713489722&Expiration=1614600206

43 B
423 B

37ms
37ms

Image
image/gif

52.28.167.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3670222353713489722&Expiration=1614600206
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=3670222353713489722&Expiration=1614600206
date: Mon, 15 Feb 2021 12:03:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 55D3 0
360 B 111ms
58ms Image
text/plain 104.109.59.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=3670222353713489722

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.59.72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 12:03:26 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sun, 14 Feb 2021 12:03:26 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 55D3 0
214 B 105ms
27ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 55D3
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3670222353713489722&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=3670222353713489722&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=de0d014d587843a89...
https://c1.adform.net/serving/cookie/match?party=9&uid=e8b0d112df4cc1b5f123428ec7a36460f69a5ec42957254ec517e66a74e24df6

35 B
333 B

31ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=e8b0d112df4cc1b5f123428ec7a36460f69a5ec42957254ec517e66a74e24df6

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:26 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=e8b0d112df4cc1b5f123428ec7a36460f69a5ec42957254ec517e66a74e24df6
date: Mon, 15 Feb 2021 12:03:26 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 55D3 43 B
163 B 97ms
47ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=3670222353713489722&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55944/ Frame 55D3
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=3670222353713489722&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=3670222353713489722&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3670222353713489722&_origin=1&apid=UPcf953eac-6f85-11eb-9134-028ad9218a3e
https://ups.analytics.yahoo.com/ups/55944/sync?uid=3670222353713489722&_origin=1&apid=UPcf953eac-6f85-11eb-9134-028ad9218a3e&verify=true

0
964 B

28ms
27ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=3670222353713489722&_origin=1&apid=UPcf953eac-6f85-11eb-9134-028ad9218a3e&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=3670222353713489722&_origin=1&apid=UPcf953eac-6f85-11eb-9134-028ad9218a3e&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 55D3 43 B
710 B 103ms
49ms Image
image/gif 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1613390606802038-17
Expires: Mon, 15 Feb 2021 12:03:26 GMT

GET sync
sy.eu.angsrvr.com/ Frame 55D3 0
0

GET
H2

200

rtset
bh.contextweb.com/bh/ Frame 55D3
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=3670222353713489722
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=3670222353713489722
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=7fd15b0c-09c7-4d6c-bbef-ba04d73479ae

49 B
406 B

289ms
97ms

Image
image/gif

198.148.27.140
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=7fd15b0c-09c7-4d6c-bbef-ba04d73479ae

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-75d6d6d469-cr7h4
expires: -1

Redirect headers

location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=7fd15b0c-09c7-4d6c-bbef-ba04d73479ae
date: Mon, 15 Feb 2021 12:03:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 55D3
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3670222353713489722&expiration=1614600206
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3670222353713489722&expiration=1614600206&C=1

43 B
1006 B

33ms
32ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3670222353713489722&expiration=1614600206&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 12:03:26 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=3670222353713489722&expiration=1614600206&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Expires: Mon, 15 Feb 2021 12:03:26 GMT

GET
H2

204

cms
cms.analytics.yahoo.com/ Frame 55D3
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=3670222353713489722&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=3670222353713489722&sInitiator=external
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=f701f61b-7bd9-400e-9957-b61e90e6957f
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=REIyMjYwNUM1NTBDNzNFOQ&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESELwaKG5bd8-CTMfxMpZPv3A&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&sInitiator=internal&gdpr=true&euconsent=

0
0

112ms
35ms

Image
text/html

212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&sInitiator=internal&gdpr=true&euconsent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:25 GMT
frontend-id: 13
location: https://cms.analytics.yahoo.com/cms?partner_id=SEMAS&sInitiator=internal&gdpr=true&euconsent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 55D3 0
344 B 93ms
24ms Image
text/plain 3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3670222353713489722&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 /
loadm.exelator.com/load/ Frame 55D3 0
324 B 76ms
23ms Image
text/plain 18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 55D3
Redirect Chain

https://idsync.rlcdn.com/398366.gif?partner_uid=3670222353713489722
https://idsync.rlcdn.com/1000.gif?memo=CJ6oGBIeChoIARCUdRoTMzY3MDIyMjM1MzcxMzQ4OTcyMhAAGg0IjsapgQYSBQjoBxAAQgBKAA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFW9yZq-OeCPmtrkBaV99d0&google_cver=1

42 B
318 B

24ms
23ms

Image
image/gif

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFW9yZq-OeCPmtrkBaV99d0&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Feb 2021 12:03:27 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFW9yZq-OeCPmtrkBaV99d0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

tpid=3670222353713489722
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 55D3
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=3670222353713489722
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3670222353713489722

49 B
713 B

45ms
45ms

Image
image/gif

34.253.109.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:26 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.78
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:26 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=3670222353713489722
cache-control: no-cache
x-server: 10.45.24.133
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 55D3 62 B
329 B 242ms
195ms Image
image/gif 23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 8bbf
Content-Type: image/gif

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 55D3
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3670222353713489722
https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3670222353713489722

43 B
122 B

30ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:26 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=537113484&val=3670222353713489722
date: Mon, 15 Feb 2021 12:03:26 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 55D3
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

41ms
40ms

Image
image/gif

52.218.41.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.41.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:28 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: 7083361CB937C021
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: oOcFvhM4rGYtZcWolUwK4aE2hCJX+9CZYttNlzR80SIQ7VManSVqxjc90HRRc2fKI5ijSUMnBhg=

Redirect headers

X-Error-Reason: Missing UserId
Date: Mon, 15 Feb 2021 12:03:27 GMT
Server: akka-http/10.1.13
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 55D3 35 B
248 B 88ms
28ms Image
image/gif 51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=3670222353713489722&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1 200
OK /
cm.adsafety.net/ Frame 55D3 43 B
229 B 82ms
26ms Image
image/gif 88.80.189.68
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.80.189.68 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 55D3 0
337 B 105ms
33ms Image
text/plain 54.171.91.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.91.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:27 GMT
cache-control: private, no-cache, no-store
x-request-time: D=47 t=1613390607
x-served-by: beacon-n001-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 55D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=MzY3MDIyMjM1MzcxMzQ4OTcyMg
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm=&google_ula=1641347&party=1&google_hm=MzY3MDIyMjM1MzcxMzQ4OTcyMg&google_tc=
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG4Z1gam7maHuD5txVLF4Zo&google_cver=1&google_ula=1641347,0

35 B
324 B

30ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG4Z1gam7maHuD5txVLF4Zo&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEG4Z1gam7maHuD5txVLF4Zo&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 55D3 0
118 B 36ms
30ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:26 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 55D3
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3467278733886171876&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=3670222353713489722

43 B
1012 B

36ms
36ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=3670222353713489722

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 12:03:27 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid: cb73281f-3d13-4f95-a6de-2d4939c2a4f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=3670222353713489722
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
expires: -1

GET
H/1.1 200
OK Pug
simage2.pubmatic.com/AdServer/ Frame 55D3 42 B
850 B 19ms
18ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 15 Feb 2021 12:03:27 GMT
X-lat: Pug22060:0:346
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 55D3 43 B
433 B 198ms
105ms Image
image/gif 65.9.94.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
Via: 1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.16.1
X-Amz-Cf-Pop: PRG50-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: oK7C7g-JFKRwSHPoWas_BWPjqd0zx1F-jtQ0USmoJUK4Xedl01POJQ==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 55D3
Redirect Chain

https://a.audrte.com/a?adform_uid=3670222353713489722
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&google_gid=CAESECN6KmgoP7VsgwC61gk3_v0&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=9hel-3TQEm3RAyAfsV-flsCLA&gdpr=0&gdpr_consent=

0
344 B

25ms
24ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=9hel-3TQEm3RAyAfsV-flsCLA&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=9hel-3TQEm3RAyAfsV-flsCLA&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 55D3
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=3670222353713489722&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=3670222353713489722&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=90319210186241673804422025347186725284&noredirect=1

35 B
333 B

31ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=90319210186241673804422025347186725284&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 84U3yzF6RJk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=90319210186241673804422025347186725284&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 55D3
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=3670222353713489722
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164861203698000617646

35 B
324 B

32ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164861203698000617646

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=164861203698000617646
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 55D3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6929459892742584470

35 B
324 B

30ms
29ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6929459892742584470

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=6929459892742584470
Date: Mon, 15 Feb 2021 12:03:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 55D3 62 B
725 B 195ms
182ms Image
image/gif 23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 8768
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 55D3
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=39dd602a-630e-4300-9a53-3a0dc81e74ea

35 B
324 B

30ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=39dd602a-630e-4300-9a53-3a0dc81e74ea

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=39dd602a-630e-4300-9a53-3a0dc81e74ea
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 15 Feb 2021 12:03:50 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 55D3
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=t0K6996G1LbCB95

35 B
333 B

30ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=t0K6996G1LbCB95

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: PingMatch/v2.0.30-619-g1028223#rel-ec2-master i-0047f8acf6307f30d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=t0K6996G1LbCB95
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 55D3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f701f61b-7bd9-400e-9957-b61e90e6957f

35 B
324 B

31ms
31ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f701f61b-7bd9-400e-9957-b61e90e6957f

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=f701f61b-7bd9-400e-9957-b61e90e6957f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET
H/1.0 200
OK image.sbmx
global.ib-ibi.com/ Frame 55D3 0
72 B 408ms
100ms Image
text/plain 69.169.85.6
ATLANTIC-METRO-CO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_256_CBC
Server: 69.169.85.6 , United States, ASN33597 (ATLANTIC-METRO-COMMUNICATIONS-II-INC, US),
Reverse DNS
Software: BigIP /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: close
Content-Length: 0
Server: BigIP

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame 55D3
Redirect Chain

https://id5-sync.com/s/10/0.gif?puid=3670222353713489722
https://id5-sync.com/c/10/10/2/1.gif?puid=3670222353713489722&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOq4sMQJC5hN1hLlkCXBy-CiZj5IpIAyuN_2HzRA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F10%2F124%2F1%2F2.gif%3Fpuid%3D%...
https://id5-sync.com/cq/10/124/1/2.gif?puid=534c6112-79a8-417a-9a2e-ef0d61c9a752&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg&action=GET_ID&opid=goo&etid=&domid=1033...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIj4nZfL3r4QeNXKUrUMW_w&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3467278733886171876&opid=apx&ops=&utidl=tech:goo:CAESEIj4nZfL3r4QeNXKUrUMW_w&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A11241661041&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

43 B
1 KB

68ms
25ms

Image
image/gif

51.75.146.200
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A11241661041&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.75.146.200 , France, ASN16276 (OVH, FR),

Reverse DNS

p11.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:27 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A11241661041&sd=Y2FzY2FkZXNSZW1haW5pbmc9MCZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj0xMCZmb3JtYXQ9Z2lmJg
date: Mon, 15 Feb 2021 12:03:27 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 55D3
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=842536287
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5z6EyDG5QOChe/dsKLQoP.

35 B
324 B

31ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5z6EyDG5QOChe/dsKLQoP.

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
via: 1.1 google
last-modified: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=5z6EyDG5QOChe/dsKLQoP.
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 55D3 23 B
172 B 120ms
71ms Image
image/gif 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 15 Feb 2021 12:03:27 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 55D3
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3670222353713489722
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3670222353713489722&cs=1

35 B
376 B

46ms
46ms

Image
image/gif

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3670222353713489722&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.216.101.186 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:27 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=3670222353713489722&cs=1
date: Mon, 15 Feb 2021 12:03:27 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 55D3 0
237 B 179ms
86ms Image
text/plain 65.9.94.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=3670222353713489722
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:27 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: R1t_W5CSl_Ct6v1KhgA6YUrETvhEV-MCPMBRbBpOq3fKBTupHzhhsw==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 55D3
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=3670222353713489722&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=3670222353713489722&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=cfcc2c51-6f85-11eb-afe8-5a9a02d33f5c

35 B
324 B

30ms
30ms

Image
image/gif

37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=cfcc2c51-6f85-11eb-afe8-5a9a02d33f5c

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 12:03:27 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

Redirect headers

date: Mon, 15 Feb 2021 12:03:27 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=cfcc2c51-6f85-11eb-afe8-5a9a02d33f5c
alt-svc: clear
content-length: 0

GET
H2 200 3670222353713489722
match.contentexchange.me/adform/ Frame 55D3 0
49 B 131ms
42ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/3670222353713489722?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 , Slovenia, ASN51790 (SIEL, SI),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:27 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 55D3
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=3670222353713489722&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3670222353713489722&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

24ms
24ms

Image
image/gif

52.57.49.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=3670222353713489722&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.49.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-49-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:03:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=3670222353713489722&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 15 Feb 2021 12:03:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 55D3 0
118 B 32ms
30ms Image
text/plain 37.157.6.241
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://c1.adform.net/imatch/pixels?uid=3670222353713489722&agencyId=6276&advertiserId=2060739&src=tp&rnd=446265
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Feb 2021 12:03:26 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 6BCE 43 B
480 B 33ms
31ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.e-rewards.com
URL: https://www.e-rewards.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x28 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a2.adform.net/serving/container/?pm=1956476&lid=65760292&ctype=0&media=0&PageName=Conversion_e-Rewards+Homepage&rnd=1715337298&cpref=&loc=https%3a%2f%2fwww.e-rewards.com%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:26 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 12:03:50 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=627187210&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.e-rewards.com%2F&ul=en-us&de=UTF-8&dt=Paid%20Surveys%20Online%20%7C%20e-Rewards%20currency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Register%20Form&ea=&el=Submit&_u=aGDACUABBAAAAC~&jid=&gjid=&cid=93270645.1613390605&tid=UA-52458439-1&_gid=631489023.1613390605&gtm=2wg230TLFM7ZQ&z=1613019542

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.e-rewards.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Feb 2021 06:02:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21671
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 6BCE 43 B
635 B 33ms
33ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 3518 2f03077 master cdg-pixel-x24 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://a2.adform.net/serving/container/?pm=1956476&lid=65760292&ctype=0&media=0&PageName=Conversion_e-Rewards+Homepage&rnd=1715337298&cpref=&loc=https%3a%2f%2fwww.e-rewards.com%2f
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 15 Feb 2021 12:03:36 GMT
Server: MT3 3518 2f03077 master cdg-pixel-x24
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Feb 2021 12:04:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sy.eu.angsrvr.com
URL: https://sy.eu.angsrvr.com/sync?type=host&dsp=13&dspuuid=3670222353713489722

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adform.net/	1970-01-19 16:30:00	Name: CM14 Value: 1613477006_1613390606_1_Hu7u7u4e4e7u7u4REREeERERERHhEQ
.adform.net/	1970-01-19 16:11:17	Name: CM Value: 1\|0
.adform.net/	1970-01-19 17:36:14	Name: uid Value: 3670222353713489722
.e-rewards.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.e-rewards.com/	1970-01-20 00:55:26	Name: _hjid Value: 39723258-f000-4560-afaa-ef41d8c20654
www.e-rewards.com/	1969-12-31 23:59:59	Name: __ric_sc16864 Value: 1
.e-rewards.com/	1970-01-19 16:09:50	Name: _gat_UA-52458439-1 Value: 1
.e-rewards.com/	1970-01-19 16:09:52	Name: _hjFirstSeen Value: 1
.adform.net/	1970-01-19 16:50:09	Name: C Value: 1
.e-rewards.com/	1970-01-20 09:41:02	Name: _ga Value: GA1.2.93270645.1613390605
.e-rewards.com/	1970-01-19 16:09:50	Name: _gat_gtag_UA_48438478_1 Value: 1
.e-rewards.com/	1970-01-19 16:11:17	Name: _gid Value: GA1.2.631489023.1613390605
www.e-rewards.com/	1970-01-19 16:53:02	Name: __ric_c16864 Value: 1
.e-rewards.com/	1969-12-31 23:59:59	Name: corona_visit Value: "eyJwYW5lbElkIjoiNTAiLCJkdCI6IjE2MTMzOTA2MDQ4NjciLCJ1dWlkIjoiOTVkOGFjNWYtYmFmZi00NTMxLTk5MzAtZDFjY2I2NWFmMDcxIiwidG9rZW4iOiI1NWNkNDRjMjgzMzUxMjJmOTkyZjdiNDkwZWY4ZDljYTFhNGViNmU0In0="

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.e-rewards.com/(Line 33) Message: tmx is being loaded.
console-api	debug	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: [bugsnag] Loaded!
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: UPP starting up
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: Standard "Conversion_e-Rewards Homepage"
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: dynata-evidon-cid = 2770
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: dynata-evidon-pid = 16864
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: dynata-evidon-force-ccpa = null
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: UPP starting up
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: Belgium
console-api	log	URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js(Line 1) Message: Display betrad notice

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.stickyadstv.com
api.adrtx.net
assets.adobedtm.com
beacon.krxd.net
bh.contextweb.com
c.betrad.com
c.evidon.com
c1.adform.net
cdn.oneopinion.com
cm.adsafety.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cookie-matching.mediarithmics.com
d10lpsik1i8c69.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
d3agx2rif8aadl.cloudfront.net
darwin-assets.dynata.com
dmp.adform.net
dpm.demdex.net
dq.tmx.surveysampling.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
evidon.oneopinion.com
flare.e-rewards.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
goggles.mw.dynata.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
ka-f.fontawesome.com
kit.fontawesome.com
l.betrad.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
nexus.ensighten.com
notify.bugsnag.com
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
script.hotjar.com
secure.adnxs.com
sessions.bugsnag.com
simage2.pubmatic.com
static.hotjar.com
stats.g.doubleclick.net
sy.eu.angsrvr.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
upp-public.s3.amazonaws.com
ups.analytics.yahoo.com
vars.hotjar.com
widget.trustpilot.com
www.e-rewards.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
x.bidswitch.net
sy.eu.angsrvr.com
104.109.59.72
107.21.82.111
142.250.186.34
146.59.138.188
18.133.35.94
18.197.253.20
18.198.69.109
18.202.184.10
184.30.20.207
184.30.208.188
184.30.21.112
185.167.164.37
185.64.189.110
185.86.137.110
198.148.27.140
212.82.100.182
23.218.208.246
23.218.209.56
23.67.140.99
23.79.152.128
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2600:9000:206f:2e00:3:68f9:62c0:93a1
2600:9000:206f:3c00:17:5070:d6c0:93a1
2600:9000:206f:4c00:1d:cb66:70c0:93a1
2600:9000:206f:be00:0:9a75:c240:21
2606:4700::6812:1734
2606:4700:e6::ac40:ca1c
2a00:1450:4001:800::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2003
2a00:1450:400c:c04::9a
2a02:26f0:7100:491::1e80
3.120.46.225
3.121.27.153
3.123.78.164
3.126.56.137
34.120.207.148
34.199.27.181
34.204.119.109
34.236.139.133
34.253.109.165
34.254.147.143
34.98.64.218
35.158.49.68
35.190.16.14
35.227.248.159
37.157.5.73
37.157.6.241
37.252.172.45
37.252.173.62
46.19.11.36
51.210.112.236
51.75.146.200
52.216.177.131
52.218.41.75
52.28.167.150
52.28.254.214
52.57.142.16
52.57.49.235
54.171.91.151
63.241.211.31
65.9.69.50
65.9.91.52
65.9.91.90
65.9.94.15
65.9.94.29
65.9.94.4
65.9.94.69
65.9.94.89
65.9.94.95
69.169.85.6
69.173.144.139
77.243.60.138
85.114.159.118
88.80.189.68
95.216.101.186
99.80.71.186
0072ac4da2be62e296da967e0c844bc37e237e74bfab56683c927528eefdd6e0
01af67a2653d7059b2c3cb996d889bb0643aab79aba19610907adb24f502e261
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
106906f49498839a7d83d86e92f89af57a6c6d2df1fe5c013489a8bb18f5518b
120cd72fe2d38521fcd272c5c9103d31db02c5f29b47eada305a492901d1f04c
142e887a7aaaf0b5bb5a1ac342133a63bc2b9f9e80b90b9014f67f3d11813711
23131577ce2daaa9db40bcbaa30c82247f0852b435512a25c9e5a2d4f9c389ea
2df128d3630c50d15321128d52230d27a2a4bf5237572629ae2c6e2659562eab
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36d1d18d8fe206cc94c1ac76f30dfb4f6830063698348128602fa8ef2e78a0e5
37e27da77e4d748bb7ada394fd8bf9191d4469ee5fd0d3b1e59cd16c8cd2b296
38f8eaf23cb997c61ecd485b90f5791ff8f2c8db23a6fefb43c806f20e705c83
3e24b0309e650a95916e1cd8493e65f08931037c7ec10f95fd6cdf8d2026857d
3f14b2e2395eb4afea88f03f128887a97d0de3a3584a7a7ba43985c6b5abec42
489d701de34ddc176d473e3f21c30d8943a0f3e212b97583ef37d7c418881929
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5aa00eb00b2231bd3d63bedc14a9aec30dc49c0008f3ca13a278cd48ea3e5191
5c11cb6f474709a944d5efd36c0fef92b366396d2abf2379995ac7534d1f72fa
5f6eee008275250a5d785e51e808048ff0d85019c0fe155f07a773d4bdea4f36
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
687bb59e461b9e9d947b1efad82a5af0db2895c91d6ef45ac4941e27294bebff
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e710de470f984623ec96f39726f73a14e4eefa7ec7e56ea05507c85ffa97f1c
71d29817ccc89f5d51c79aefcb62f23c28e0300ab5702adc6e4b5c3d461e7922
7baba10dbe0046b49b22fc70055a9553ba58cf519675614831a387beae662034
7e41707c371cbc006907bf72e50e4fcfb03716f4fd1bff985397a704b8d81b08
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87a2729abe4d824617c1cf16d8cd2aa780095253d7b237655e654f926872d58e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7bba7deb64ff95e98f7ac8cd0d3b675a4bcf02f302e57edc5a1d6fa3d6cf94
8e53665cfe89ea53a2883832bdbb6a1fa2b3f3fd3646c6877961134f40bdfaa2
9101bbe838915c3ee398c630c99ecd3ae7817f9e4c79d218955c93e444281dbc
940814c81f66bbc6074e23d64a49d45c5946d3e93c5c6807dc6c30f52e99b690
98d69c5eb04cbd747cd6a4343f9cd2bed117304c525bf5c5dfe9b2a62ea97bda
9f68a41bd701e49dfdb3c4ae493f679d9269a3e694647dc6d0644525693da0c7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a482b239be36ea3db3ad631da4bc6063d490196c0d17de3d85c3a03d86faef75
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b334d45d548960adaaaeaddac5c6dea70cd04d2b4351537bd133950fc182faff
b4e13931ab40de24157618e15c0acf8709db66a56f5924bebb3834c5f632105d
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b68d488d29312ae3e813f96ad63c805f8bac6a561dfa870d2aedd9a4802c7635
b94af5a5be53424e948d36a705a1169d952ba6b23761aea3098967a643765454
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd2224568ea7256886fe270d87325fd43ebdab856afc9c0d7653371bf45672d9
bfb745758c9ec0195071fcaabd9791a08bffbe4315a3c80739b084d37e087369
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2
c84344a3c708d08bc2ea198350bf37eb9b2e6080b1be1568b78e4736b6f774d8
c8cb723056209dec3150bfb06892a920763a08b3e9d132abba47b564e26270a3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe6b3f2587a9ea5f31db67a0a0fb19a8279d43e35a04332678b7749eb041ad0
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d417952c1aee9d78d81a444a5e30ff9a2ecb26b4f224e650c12da801b411d96a
d7cc3c57f9bda4c6dcb83bb3c19f2f2aa86ecec6274e243cd4ec315ae8e30101
dd27513c109ea36402ee7ea51a54c79d5883f2f0bc510500268a6b7834dcaf5c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eecf79260d8f028750a84724431257a261ac8532aaae3d2bf81c907c6deae9ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f1f020da93f336a0656a556ac29b66e82f67285b67164509d157350b02d435
f842a97e69f92f840786c99d7ce9ecc186c63ab17e14da444942ea175a6e8a57
fd1d48c6172c4a60339397890b7687cdcb03b45261d095304888c79e959714fb
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.e-rewards.com Open in urlscan Pro 2600:9000:206f:2e00:3:68f9:62c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

99 %HTTPS

20 %IPv6

64 Domains

82 Subdomains

63 IPs

9 Countries

1416 kBTransfer

2782 kBSize

14 Cookies

2 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.e-rewards.com Open in urlscan Pro
2600:9000:206f:2e00:3:68f9:62c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

99 %
HTTPS

20 %
IPv6

64
Domains

82
Subdomains

63
IPs

9
Countries

1416 kB
Transfer

2782 kB
Size

14
Cookies

114 HTTP transactions
0 data transactions