bountytowels.com Open in urlscan Pro
152.199.21.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://towels.com/
Effective URL:
https://bountytowels.com/en-us
Submission: On August 26 via api (August 26th 2021, 6:30:43 am UTC) from DE

Summary HTTP 109 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 30 domains to perform 109 HTTP transactions. The main IP is 152.199.21.175, located in United States and belongs to EDGECAST, US. The main domain is bountytowels.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on February 25th 2021. Valid for: a year.

This is the only time bountytowels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	20.36.221.81 20.36.221.81	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	152.199.21.175 152.199.21.175	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a04:4e42:3::393 2a04:4e42:3::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	184.24.13.197 184.24.13.197	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1 4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:287::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
1	13.224.100.124 13.224.100.124	16509 (AMAZON-02) (AMAZON-02)
4	2.16.186.138 2.16.186.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.96.91 13.224.96.91	16509 (AMAZON-02) (AMAZON-02)
1	99.80.189.193 99.80.189.193	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2606:4700::68... 2606:4700::6810:51a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
109	37

1 20.36.221.81 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

towels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 152.199.21.175 (United States)

ASN15133 (EDGECAST, US)

bountytowels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:4e42:3::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.13.197 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-13-197.deploy.static.akamaitechnologies.com

cdn.pricespider.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.134 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f6.1e100.net

5644221.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5641743.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:287::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.100.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.186.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-138.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.189.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-189-193.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	bountytowels.com bountytowels.com	252 KB
14	cloudinary.com res.cloudinary.com	1 MB
12	lightboxcdn.com www.lightboxcdn.com s3.lightboxcdn.com	243 KB
7	doubleclick.net 2 redirects stats.g.doubleclick.net 5644221.fls.doubleclick.net 5641743.fls.doubleclick.net	1 KB
6	facebook.com www.facebook.com	693 B
5	google-analytics.com www.google-analytics.com	22 KB
4	pinterest.com ct.pinterest.com	2 KB
4	tiktok.com analytics.tiktok.com	67 KB
4	adsrvr.org 2 redirects js.adsrvr.org insight.adsrvr.org match.adsrvr.org	6 KB
4	crazyegg.com script.crazyegg.com	57 KB
4	tapad.com 1 redirects pixel.tapad.com pandg.tapad.com	2 KB
4	cookielaw.org cdn.cookielaw.org	106 KB
3	facebook.net connect.facebook.net	201 KB
3	google.com www.google.com adservice.google.com	623 B
2	gstatic.com fonts.gstatic.com	30 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	snapchat.com tr.snapchat.com	467 B
2	pinimg.com s.pinimg.com	18 KB
2	googletagmanager.com www.googletagmanager.com	137 KB
1	azurewebsites.net lightboxapi.azurewebsites.net	779 B
1	t.co t.co	454 B
1	twitter.com analytics.twitter.com	659 B
1	sc-static.net sc-static.net	6 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	pghub.io pghub.io	2 KB
1	google.de www.google.de	107 B
1	moatads.com z.moatads.com	253 B
1	pricespider.com cdn.pricespider.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com	10 KB
1	towels.com 1 redirects towels.com	890 B
109	30

	Domain	Requested by
20	bountytowels.com	bountytowels.com
14	res.cloudinary.com	bountytowels.com
10	www.lightboxcdn.com	bountytowels.com www.lightboxcdn.com
6	www.facebook.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	ct.pinterest.com	s.pinimg.com
4	analytics.tiktok.com	bountytowels.com analytics.tiktok.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	cdn.cookielaw.org	bountytowels.com cdn.cookielaw.org
3	5641743.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	5644221.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	pixel.tapad.com	1 redirects pandg.tapad.com
3	connect.facebook.net	bountytowels.com connect.facebook.net
2	s3.lightboxcdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.lightboxcdn.com
2	adservice.google.com	5641743.fls.doubleclick.net 5644221.fls.doubleclick.net
2	tr.snapchat.com
2	match.adsrvr.org	2 redirects
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.googletagmanager.com	bountytowels.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	t.co
1	analytics.twitter.com	static.ads-twitter.com
1	insight.adsrvr.org	js.adsrvr.org
1	pandg.tapad.com	pghub.io
1	sc-static.net	bountytowels.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	bountytowels.com
1	pghub.io	www.googletagmanager.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	z.moatads.com	bountytowels.com
1	cdn.pricespider.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	bountytowels.com
1	towels.com	1 redirects
109	37

This site contains links to these domains. Also see Links.

Domain
bountytowels.ca
www.bountytowels.ca
www.pggoodeveryday.com
www.instagram.com
www.facebook.com
www.youtube.com
www.bountytowels.com
shop.charmin.com
puffs.com
www.pg.com
www.bbb.org
www.goodhousekeeping.com

Subject Issuer	Validity	Valid
*.bountytowels.com Entrust Certification Authority - L1K	`2021-02-25` - `2022-02-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.pricespider.com DigiCert SHA2 Secure Server CA	`2020-12-18` - `2021-12-22`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-06` - `2022-06-30`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://bountytowels.com/en-us
Frame ID: 029DF5821C5A1B720EF0467261943879
Requests: 102 HTTP requests in this frame

Frame: https://5644221.fls.doubleclick.net/activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us
Frame ID: C9E3675F137CCCFC813EE387B1FC0B9E
Requests: 2 HTTP requests in this frame

Frame: https://5641743.fls.doubleclick.net/activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us
Frame ID: E36395FB59752D175B33819923A07D49
Requests: 2 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fbountytowels.com%2Fen-us&owner=P%26G&bp_id=firstp&data=%7B%22event%22%3A%22page_view%22%2C%22gaid%22%3A%22456728237.1629959426%22%2C%22mediaID%22%3A%22%22%7D
Frame ID: B9C793446F1802528F1EBEE846BE13E2
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=kfzmybk&ref=https%3A%2F%2Fbountytowels.com%2Fen-us&upid=5hfb2tm&upv=1.1.0
Frame ID: E0BCADF1B2E43FFF78813195D2537EFD
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=19b1af6a-ff71-4009-8431-fe35ffd0dd2e
Frame ID: B06C6AF0B91491FF5225D702159A0161
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 3346DD21907282DB6EF33D0CBEB1801D
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox_builder.js?cb=637592941718484296
Frame ID: 5FF39FF400A3E88F4E52CF43E1E4C6B7
Requests: 3 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox_builder.js?cb=637592941718484296
Frame ID: C65CD918BDB7C0DCA8AABC99EADE6867
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paper Towels And Napkins For The Quicker Picker Upper | Bounty

Page URL History Show full URLs

http://towels.com/ HTTP 301
https://bountytowels.com/en-us Page URL

Detected technologies

Azure CDN (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:ECAcc|ECS|ECD)/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Lightbox (JavaScript Libraries) Expand

Page Statistics

109
Requests

100 %
HTTPS

53 %
IPv6

30
Domains

37
Subdomains

37
IPs

4
Countries

2468 kB
Transfer

5923 kB
Size

4
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://bountytowels.ca/en-ca
Title: Canada - English

Search URL Search Domain Scan URL

URL: https://www.bountytowels.ca/fr-ca
Title: Canada - Français

Search URL Search Domain Scan URL

URL: https://www.pggoodeveryday.com/
Title: GO TO P&G EVERYDAY

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bountypapertowels/?hl=en

Search URL Search Domain Scan URL

URL: http://www.facebook.com/bounty

Search URL Search Domain Scan URL

URL: http://www.youtube.com/BountyBrand

Search URL Search Domain Scan URL

URL: https://www.bountytowels.com/es-us
Title: United States - Español

Search URL Search Domain Scan URL

URL: https://www.pggoodeveryday.com/?utm_source=bounty&utm_medium=referral&utm_campaign=brand_site

Search URL Search Domain Scan URL

URL: https://shop.charmin.com/?utm_source=bounty&utm_medium=referral&utm_campaign=brand_site

Search URL Search Domain Scan URL

URL: https://puffs.com/en-us?utm_source=bounty&utm_medium=referral&utm_campaign=brand_site

Search URL Search Domain Scan URL

URL: https://www.pg.com/es_US/terms_conditions/index.shtml
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.pg.com/privacy/english/privacy_statement.shtml
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.pg.com/privacy/english/privacy_statement.shtml#CCPA
Title: CA PRIVACY

Search URL Search Domain Scan URL

URL: https://www.pg.com/privacy/english/privacy_statement.shtml#iba
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.bbb.org/us/oh/cincinnati/profile/detergent/the-procter-gamble-company-0292-3036

Search URL Search Domain Scan URL

URL: https://www.goodhousekeeping.com/home-products/g29389533/best-paper-towel-brands-reviews/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://towels.com/ HTTP 301
https://bountytowels.com/en-us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://pixel.tapad.com/idsync/ex/receive?partner_id=3267&partner_device_id=456728237.1629959426&gtmcb=1160257979 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=456728237.1629959426&gtmcb=1160257979

Request Chain 64

https://5644221.fls.doubleclick.net/activityi;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us HTTP 302
https://5644221.fls.doubleclick.net/activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us

Request Chain 65

https://5641743.fls.doubleclick.net/activityi;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us HTTP 302
https://5641743.fls.doubleclick.net/activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us

Request Chain 77

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa&gdpr=&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e91cadbf-3347-4bfe-aaf7-57fb06cfee1d&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa

109 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en-us Show response
bountytowels.com/
Redirect Chain

http://towels.com/
https://bountytowels.com/en-us

83 KB
24 KB

154ms
24ms

Document
text/html

152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C3A) /

Resource Hash

e9e9aa29155f5d6dd3a1bb19e3908a7d6ea83ec6d834168b6bb03d4b5619a98e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:method: GET
:authority: bountytowels.com
:scheme: https
:path: /en-us
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-encoding: gzip
accept-ranges: bytes
age: 1282906
cache-control: public, max-age=31536000
content-type: text/html
date: Thu, 26 Aug 2021 06:30:25 GMT
etag: "0e27dd2348dd71:0"
last-modified: Mon, 09 Aug 2021 15:40:04 GMT
server: ECAcc (mil/6C3A)
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1;mode=block
content-length: 24199

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://bountytowels.com/en-us
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin: *
X-Frames-Options: SAMEORIGIN
X-UA-Compatible: IE=edge
X-Server: SCCDPN2
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Thu, 26 Aug 2021 06:30:24 GMT
Connection: keep-alive
Content-Length: 147
Set-Cookie: BIGipServer~cs~CD_subsite_pioneer_pool=!334dDk/glnqpkX5VX7aaCf9f4aOeyd9+HLilXLpRlsIGGwv8ew5icuylnbe8gXjqiNrEmZavxXGoe5vyKVwqdX3CPdOa+V8tspSZf7kCtig=; path=/; Httponly TS0112e387=0196e7103fdebf88d0dd253a75e9d054e4da6dac01aa28061651f574243f480d03a7e3c950895b526fe3277c45bcca7d284a2c61e5192eeb04a3c23ac34c8d9d80df8533ae; Path=/; HTTPOnly
Vary: User-Agent, Accept-Encoding

GET
H2 200 favicon.ico
bountytowels.com/static/images/ 1 KB
1 KB 35ms
33ms Image
image/x-icon 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bountytowels.com/static/images/favicon.ico

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C70) /

Resource Hash

ffc18eda67fa1b25133e70f7a6d56afa7a12678bf8a33447b8bf336caddd4cc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /static/images/favicon.ico
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C70)
age: 2197628
etag: "050bc73d85d71:0"
x-frame-options: DENY
x-cache: HIT
content-type: image/x-icon
cache-control: max-age=31536000,max-age=31536000
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1025
x-xss-protection: 1;mode=block

GET
H2 200 webpack-7c303585cb5246f8ad9c.js Show response
bountytowels.com/_next/static/chunks/ 2 KB
2 KB 31ms
29ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/webpack-7c303585cb5246f8ad9c.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C26) /

Resource Hash

f16f604b4e486058e83c7626116a85bae6a69a39db99501dc3010815434a4025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/webpack-7c303585cb5246f8ad9c.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 1611
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C26)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 framework.3105c3e333ee10fd9558.js Show response
bountytowels.com/_next/static/chunks/ 129 KB
42 KB 49ms
47ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/framework.3105c3e333ee10fd9558.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C8B) /

Resource Hash

4e0e1e988e01c390c4e977764e65b3d439b32641f6f80533a338b4e39c23267b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/framework.3105c3e333ee10fd9558.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2197628
x-cache: HIT
vary: Accept-Encoding
content-length: 42435
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C8B)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 commons.7b0e906348061a05fe03.js Show response
bountytowels.com/_next/static/chunks/ 46 KB
15 KB 46ms
44ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/commons.7b0e906348061a05fe03.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C30) /

Resource Hash

0c038b43640adfa825c172021dabcb65f4cb1910c571bddea9c8fa837844cb7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/commons.7b0e906348061a05fe03.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 15110
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C30)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 main-22dc2d75705d82d3c4d5.js Show response
bountytowels.com/_next/static/chunks/ 40 KB
13 KB 54ms
53ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/main-22dc2d75705d82d3c4d5.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C48) /

Resource Hash

d0a07b38cb3b494b62fca3371b079968ebc507c8285b24ae5ff075b11f63edde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/main-22dc2d75705d82d3c4d5.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 13329
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C48)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 e82996df.367d0d8ea8c2bee16f28.js Show response
bountytowels.com/_next/static/chunks/ 50 KB
14 KB 44ms
42ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/e82996df.367d0d8ea8c2bee16f28.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C4F) /

Resource Hash

2b3827a9ae11d9961848f311267cd89a7bcecb53e978af9f5b700858d85b69fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/e82996df.367d0d8ea8c2bee16f28.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 14760
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C4F)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 1d4db2a013633839112d07e4dfb7ce789f9f05f3.a2420411533832a4d894.js Show response
bountytowels.com/_next/static/chunks/ 104 KB
31 KB 56ms
55ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/1d4db2a013633839112d07e4dfb7ce789f9f05f3.a2420411533832a4d894.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BBD) /

Resource Hash

78a98bd01b3f55b7dc42742975fbc240eaf2438e28b9a042a74522ceb3750918

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/1d4db2a013633839112d07e4dfb7ce789f9f05f3.a2420411533832a4d894.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2197628
x-cache: HIT
vary: Accept-Encoding
content-length: 31806
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6BBD)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 15eb71e4cfa836db17811ce00982bb7d6da925b2.a59b5684ede4522701aa.js Show response
bountytowels.com/_next/static/chunks/ 36 KB
9 KB 32ms
30ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/15eb71e4cfa836db17811ce00982bb7d6da925b2.a59b5684ede4522701aa.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BAB) /

Resource Hash

23a50b9e9b8d499c355be46debe876ed84896145232d7ab454f81da7283b9436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/15eb71e4cfa836db17811ce00982bb7d6da925b2.a59b5684ede4522701aa.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 9603
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6BAB)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 5756f6f0a846a71bf4772b489d35d9394eafa046.ec54ece2c0f53ee47ffc.js Show response
bountytowels.com/_next/static/chunks/ 28 KB
8 KB 56ms
54ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/5756f6f0a846a71bf4772b489d35d9394eafa046.ec54ece2c0f53ee47ffc.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C93) /

Resource Hash

27504aaa38beea80d19cb0ec4ee4cb6ee93ebc1f9671c791cc062ad64a4aa5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/5756f6f0a846a71bf4772b489d35d9394eafa046.ec54ece2c0f53ee47ffc.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 8555
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C93)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 _app-75ed34bb54a27865a953.js Show response
bountytowels.com/_next/static/chunks/pages/ 183 KB
43 KB 34ms
32ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/pages/_app-75ed34bb54a27865a953.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C38) /

Resource Hash

6768cab2da0ad67d13a1dcfd89ff16447b638155f3ff4f81356808d0dc381ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/pages/_app-75ed34bb54a27865a953.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2197628
x-cache: HIT
vary: Accept-Encoding
content-length: 43653
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C38)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 e45724f3c88097f0b5db3266ceaa39ca93ce032f.014eebc3ba7d64da8dc5.js Show response
bountytowels.com/_next/static/chunks/ 81 KB
21 KB 59ms
58ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/e45724f3c88097f0b5db3266ceaa39ca93ce032f.014eebc3ba7d64da8dc5.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C17) /

Resource Hash

c3d42dcc196c40980d577f06ed157fc8915e9e7a73b46f5b7d8a5ab41128ba04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/e45724f3c88097f0b5db3266ceaa39ca93ce032f.014eebc3ba7d64da8dc5.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 906115
x-cache: HIT
vary: Accept-Encoding
content-length: 21789
x-xss-protection: 1;mode=block
last-modified: Mon, 09 Aug 2021 15:40:04 GMT
server: ECAcc (mil/6C17)
x-frame-options: DENY
etag: "0e27dd2348dd71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 b326c47f9b81d697bd36d5b552afbc86d552c7d1.8f904dac6bd2545464e5.js Show response
bountytowels.com/_next/static/chunks/ 13 KB
4 KB 60ms
59ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/b326c47f9b81d697bd36d5b552afbc86d552c7d1.8f904dac6bd2545464e5.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BAF) /

Resource Hash

aad79c44a45fecb4c3c5f7b64e3ea0e63c7f2fa9d80ed5d3dcdf15e03b22e45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/b326c47f9b81d697bd36d5b552afbc86d552c7d1.8f904dac6bd2545464e5.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 3966
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6BAF)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 %5Blang%5D-a660cb31be96a182e09e.js Show response
bountytowels.com/_next/static/chunks/pages/ 420 B
500 B 59ms
58ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/pages/%5Blang%5D-a660cb31be96a182e09e.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C1A) /

Resource Hash

bbd2f14ef532e67780d4518c6ccbd63da85be7cc7c5deae25460f9f695069e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/pages/%5Blang%5D-a660cb31be96a182e09e.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 423
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C1A)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 main.css
bountytowels.com/static/css/ 83 KB
16 KB 57ms
57ms Stylesheet
text/css 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/static/css/main.css

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BB5) /

Resource Hash

6845db95dae8f13ab7ef0ebad5652ac24d73ef525661527f8a6ed5e02acbd0ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /static/css/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2209546
x-cache: HIT
vary: Accept-Encoding
content-length: 16487
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6BB5)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 shadydom.min.js Show response
cdnjs.cloudflare.com/ajax/libs/shadydom/1.1.0/ 35 KB
10 KB 14ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/shadydom/1.1.0/shadydom.min.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e39c014ea11b8913cb167183ce67fc8a08b25d814017b5d58c995daa3fec03f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3592783
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10264
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcd-8ba3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RARQ0s2g2GGXPHtCNrauBHSBXRITjmASf1iEeVnOV9D2V4zfh%2B8CUiqKfr315YMoBtKgQz0zhArDlgq3ZiWzfW1%2FUdi4Yk9hQClcTUjypoWGB7l9M8rOcEBnakcYWdatYXRkxdHeIp%2FjB1NyKitc9rw4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 684b02ead9674351-FRA
expires: Tue, 16 Aug 2022 06:30:25 GMT

GET
H2 200 BTY_Logo_2XSize.png
res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/121j963WF82XaOaI3OUU0f/530cd393e1a345b352d353fd21781d6f/ 7 KB
7 KB 21ms
7ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/121j963WF82XaOaI3OUU0f/530cd393e1a345b352d353fd21781d6f/BTY_Logo_2XSize.png

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2c0d67c19f34f8d2918135d9b1787c403cff141a40f67689e55e05ba06196b67

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="BTY_Logo_2XSize.webp"
server-timing: fastly;dur=2;cpu=1;start=2021-08-26T06:30:25.813Z;desc=hit,rtt;dur=5
vary: DPR
content-length: 7232
last-modified: Thu, 15 Apr 2021 13:06:32 GMT
server: Cloudinary
etag: "39f06b7b929b4281d9df03331dc01192"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 BTY_Module1_CovidImage01.jpg
res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/29vGyvkJ286ID7GS8YuQXC/d61cf313040df3690dd01dcc392d5ef0/ 131 KB
131 KB 21ms
8ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/29vGyvkJ286ID7GS8YuQXC/d61cf313040df3690dd01dcc392d5ef0/BTY_Module1_CovidImage01.jpg

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8d0908e62b5d2cce617017a5894514dd4f1c561c77374711d9906c2b98d07f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="BTY_Module1_CovidImage01.webp"
server-timing: fastly;dur=2;cpu=0;start=2021-08-26T06:30:25.813Z;desc=hit,rtt;dur=5
vary: DPR
content-length: 134032
last-modified: Thu, 25 Mar 2021 08:33:45 GMT
server: Cloudinary
etag: "c725a50682e91fc0c1977588973b3dbf"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftTeams-image__2_.png
res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/19ktTlouCcVt98rx1pqFxs/6570e8940bcb6d1de90dc238e2399ff0/ 118 KB
119 KB 21ms
8ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/19ktTlouCcVt98rx1pqFxs/6570e8940bcb6d1de90dc238e2399ff0/MicrosoftTeams-image__2_.png

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0778c7129410167d36495563d1c4294d852c33db102a16482c66c9c1c05ffacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="MicrosoftTeams-image__2_.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.814Z;desc=hit,rtt;dur=5
vary: DPR
content-length: 121324
last-modified: Tue, 30 Mar 2021 14:53:16 GMT
server: Cloudinary
etag: "7659cd0e51f821f7cc27a71874c167db"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftTeams-image__4_.png
res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/3a7YVQ5uIE345dF0dAMzCO/20eae7c65b52807653b0a68c43cfc93c/ 135 KB
136 KB 21ms
8ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/3a7YVQ5uIE345dF0dAMzCO/20eae7c65b52807653b0a68c43cfc93c/MicrosoftTeams-image__4_.png

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

37dc59c5daab29401967f651049d82ec1265553d426ec484cf4a9c2baa1f5372

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="MicrosoftTeams-image__4_.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.813Z;desc=hit,rtt;dur=5
vary: DPR
content-length: 138712
last-modified: Wed, 31 Mar 2021 13:42:09 GMT
server: Cloudinary
etag: "74ccb5de3c0ccb67d449e426695b916f"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 MicrosoftTeams-image__3_.png
res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/CdAJqeYX5AcxVnPPazWCv/937dfe31e5dc5edb6d107e1c4a304ad6/ 178 KB
179 KB 20ms
7ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/CdAJqeYX5AcxVnPPazWCv/937dfe31e5dc5edb6d107e1c4a304ad6/MicrosoftTeams-image__3_.png

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c031d09da057e02fb5298a275010a77a661122c4ef19e5d9e13aedce60e83f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="MicrosoftTeams-image__3_.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.813Z;desc=hit,rtt;dur=5
vary: DPR
content-length: 182456
last-modified: Tue, 30 Mar 2021 14:53:25 GMT
server: Cloudinary
etag: "2a2c3139b1f48c112cf48baab834edc5"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 _buildManifest.js Show response
bountytowels.com/_next/static/D8od_sTLlxnjVgMkQLpky/ 1 KB
745 B 30ms
29ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/D8od_sTLlxnjVgMkQLpky/_buildManifest.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C7B) /

Resource Hash

8ae4fe36f1e56325397e8d98f8581259459fe97557b20bbe8d45c5461be3a190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/D8od_sTLlxnjVgMkQLpky/_buildManifest.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 906115
x-cache: HIT
vary: Accept-Encoding
content-length: 667
x-xss-protection: 1;mode=block
last-modified: Mon, 09 Aug 2021 15:40:04 GMT
server: ECAcc (mil/6C7B)
x-frame-options: DENY
etag: "0e27dd2348dd71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 _ssgManifest.js Show response
bountytowels.com/_next/static/D8od_sTLlxnjVgMkQLpky/ 164 B
279 B 24ms
23ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/D8od_sTLlxnjVgMkQLpky/_ssgManifest.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6BA8) /

Resource Hash

d5863036666ab64a438033e5fd1a62ed0736588db8497a468d7b833302f2fc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/D8od_sTLlxnjVgMkQLpky/_ssgManifest.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 906115
x-cache: HIT
vary: Accept-Encoding
content-length: 203
x-xss-protection: 1;mode=block
last-modified: Mon, 09 Aug 2021 15:40:04 GMT
server: ECAcc (mil/6BA8)
x-frame-options: DENY
etag: "0e27dd2348dd71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
82 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

60a894622e36a251859edc1747fb8d34dc236f1500900c8e3f4708fb3b7ed8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84001
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 06:30:25 GMT

GET
DATA 200
OK truncated
/ 279 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 678260cea291bb54c010739b302df581a9a3576b2bfe665f5e913e8312f3a8be

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 772 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2adac57af019b276372b8b2a9535c86e6254ae179d0189fb20462ce4b2378a3e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 835 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52e13f12838ba826ab907a369d89ec33b55ed960d907d69faac8638b65db2b1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 742 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46a2c24c145b3cb49bfa73316e33272fba05bb5b855dab279e008b56b44a91f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 760 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6b1d92a77ebbc707260c3569c8ad044c2fa682f719e9fcba777851a6767d4e8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 566 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eec4671ddbc5bec93db2b95c7d8ca58d755d8ef5f423b70f0aaf9c2a5c8d3cc6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 764 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e68ac53ad7b5ef4e6689a342c8d02893b9dca332f9af02207859f5eb36dd5255

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 766 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6bed834b830d0103af9631fd40002eca3fa5debf0d43198ef9c24d8ccf82d4a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Green_NavigationBarcompressed.jpg
res.cloudinary.com/mtree/image/upload/v1619767151/BOUNTY_US/ 9 KB
9 KB 18ms
13ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/image/upload/v1619767151/BOUNTY_US/Green_NavigationBarcompressed.jpg

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d35141477b2a2f02b4723477426ae7ef4523e2e9db28e148a65b274143636da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Apr 2021 07:19:12 GMT
server: Cloudinary
etag: "b22b58e586a29b71456d699650fe3350"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.814Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 8786

GET
H2 200 WorkSans-Medium.woff2
res.cloudinary.com/mtree/raw/upload/v1620365804/BOUNTY_US/ 83 KB
84 KB 20ms
6ms Font
application/octet-stream 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mtree/raw/upload/v1620365804/BOUNTY_US/WorkSans-Medium.woff2

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1292265e0065c643737c79874430ef92ec7886492f63054b2daca30188270cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://bountytowels.com
Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
last-modified: Fri, 07 May 2021 05:36:45 GMT
server: Cloudinary
etag: "aac1eff61c6c8ae442f8d172ecf8d97b"
strict-transport-security: max-age=604800
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
content-disposition: attachment; filename="WorkSans-Medium.woff2"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.826Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 85284

GET
H2 200 WorkSans-SemiBold.woff2
res.cloudinary.com/mtree/raw/upload/v1620365806/BOUNTY_US/ 83 KB
84 KB 32ms
19ms Font
application/octet-stream 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mtree/raw/upload/v1620365806/BOUNTY_US/WorkSans-SemiBold.woff2

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5095656a7563589c5f74dd9eb3c96508e8bfff32561b883976ff8296880c0dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://bountytowels.com
Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
last-modified: Fri, 07 May 2021 05:36:47 GMT
server: Cloudinary
etag: "125080efc3a6b8bb7e85f9a3b722defd"
strict-transport-security: max-age=604800
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
content-disposition: attachment; filename="WorkSans-SemiBold.woff2"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.826Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 85480

GET
H2 200 WorkSans-Regular.woff2
res.cloudinary.com/mtree/raw/upload/v1620365806/BOUNTY_US/ 80 KB
80 KB 19ms
7ms Font
application/octet-stream 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mtree/raw/upload/v1620365806/BOUNTY_US/WorkSans-Regular.woff2

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ca688252f152fa76e45b575d7f7002d0ddbbab58a67b9f848c01a9fe2370acb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://bountytowels.com
Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
last-modified: Fri, 07 May 2021 05:36:47 GMT
server: Cloudinary
etag: "1ef3755840e2bac44535d0645fcba549"
strict-transport-security: max-age=604800
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
content-disposition: attachment; filename="WorkSans-Regular.woff2"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.827Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 81760

GET
H2 200 CoreRhino65Bold.woff2
res.cloudinary.com/mtree/raw/upload/v1619762958/BOUNTY_US/ 33 KB
33 KB 19ms
7ms Font
application/octet-stream 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mtree/raw/upload/v1619762958/BOUNTY_US/CoreRhino65Bold.woff2

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

665497925761c3c79d097a5ca9987fc9edec30978675b854838bd325e6845d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://bountytowels.com
Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
last-modified: Fri, 30 Apr 2021 06:09:19 GMT
server: Cloudinary
etag: "815e8bc525c851e0870ca6dadad4b1dd"
strict-transport-security: max-age=604800
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
content-disposition: attachment; filename="CoreRhino65Bold.woff2"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.827Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 33928

GET
H2 200 WorkSans-Light.woff2
res.cloudinary.com/mtree/raw/upload/v1620365803/BOUNTY_US/ 83 KB
83 KB 19ms
7ms Font
application/octet-stream 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mtree/raw/upload/v1620365803/BOUNTY_US/WorkSans-Light.woff2

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

258828f1689e738faaa8d5f8f07e1f86cdce6f79f6468534109400d029c1e754

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://bountytowels.com
Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
last-modified: Fri, 07 May 2021 05:36:44 GMT
server: Cloudinary
etag: "1bfd1dca1ff1c71a6c9a8768d2852d9f"
strict-transport-security: max-age=604800
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
content-disposition: attachment; filename="WorkSans-Light.woff2"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.826Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 85116

GET
H2 200 WorkSans-Bold.woff2
res.cloudinary.com/mtree/raw/upload/v1620365801/BOUNTY_US/ 84 KB
84 KB 15ms
15ms Font
application/octet-stream 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/mtree/raw/upload/v1620365801/BOUNTY_US/WorkSans-Bold.woff2

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/static/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

53cd0ee28577663ce150d1ba6cd156e6603020954a2fc7907371abaeeabb0211

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Origin: https://bountytowels.com
Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
last-modified: Fri, 07 May 2021 05:36:42 GMT
server: Cloudinary
etag: "f0b8b2177eea7ffcaca9f6dd02780e02"
strict-transport-security: max-age=604800
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing
cache-control: public, no-transform, immutable, max-age=2592000
content-disposition: attachment; filename="WorkSans-Bold.woff2"
server-timing: fastly;dur=1;cpu=0;start=2021-08-26T06:30:25.839Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 85832

GET
H2 200 BTY_Desktop_Module2_RewardsImage.jpg
res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/2vgbbPk49kvjPGXsZooW94/620ef6c641004c559da90b890527b71c/ 113 KB
113 KB 92ms
92ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/q_auto:eco,f_auto,dpr_auto/BOUNTY_US/2vgbbPk49kvjPGXsZooW94/620ef6c641004c559da90b890527b71c/BTY_Desktop_Module2_RewardsImage.jpg

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c1dc8e3327843d322884e19feb443f3bab92256ecf88a3effca6b1c26544e771

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="BTY_Desktop_Module2_RewardsImage.webp"
server-timing: fastly;dur=80;cpu=1;start=2021-08-26T06:30:25.953Z;desc=hit,rtt;dur=5
vary: DPR
content-length: 115572
last-modified: Thu, 25 Mar 2021 09:22:30 GMT
server: Cloudinary
etag: "df35be3fdcea5903dc9a27733c4b6355"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ 726 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd01b70b42892d140958e528ede070f713da28875ca2bdf2c398458c403a1932

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 20.2b7115c8a65ef5d4fdf1.js Show response
bountytowels.com/_next/static/chunks/ 2 KB
1 KB 25ms
24ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/20.2b7115c8a65ef5d4fdf1.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/_next/static/chunks/webpack-7c303585cb5246f8ad9c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6CAE) /

Resource Hash

c5f90e8d61fc2a1de44706c83320258d0c06d488b9afad8b68c16045507d32bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/20.2b7115c8a65ef5d4fdf1.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 683064
x-cache: HIT
vary: Accept-Encoding
content-length: 1128
x-xss-protection: 1;mode=block
last-modified: Mon, 09 Aug 2021 15:40:04 GMT
server: ECAcc (mil/6CAE)
x-frame-options: DENY
etag: "0e27dd2348dd71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 22.af5208e7a5ff82ce9b39.js Show response
bountytowels.com/_next/static/chunks/ 1 KB
930 B 25ms
25ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/22.af5208e7a5ff82ce9b39.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/_next/static/chunks/webpack-7c303585cb5246f8ad9c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C4C) /

Resource Hash

6849cc53f2520b6a17a521cde6c32b4b7415ce688a759a4d5b5490c3609a07bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/22.af5208e7a5ff82ce9b39.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1979516
x-cache: HIT
vary: Accept-Encoding
content-length: 852
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C4C)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5902
date: Thu, 26 Aug 2021 04:52:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 26 Aug 2021 06:52:04 GMT

GET
H2 200 ps-widget.js Show response
cdn.pricespider.com/1/lib/ 5 KB
2 KB 72ms
20ms Script
application/x-javascript 184.24.13.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pricespider.com/1/lib/ps-widget.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.13.197 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-13-197.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 524100eb0ae8184a7507587ea04ec7b3338cc1ab3cc82431487b41bcd7f8b297

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 1825
last-modified: Tue, 18 Aug 2020 03:52:19 GMT
server: AkamaiNetStorage
etag: "ce3a437d07869c20d9c722fb52b2946e:1597724471.482865"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3320
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 26 Aug 2021 07:25:46 GMT

GET
H2 200 moatcontent.js Show response
z.moatads.com/pgcontent5123319733/ 0
253 B 89ms
35ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pgcontent5123319733/moatcontent.js
Requested by: Host: bountytowels.com
URL: https://bountytowels.com/en-us
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
last-modified: Mon, 08 Jun 2020 13:44:56 GMT
server: AmazonS3
x-amz-request-id: 1C2E5B70E0AC7118
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=13331
accept-ranges: bytes
content-length: 0
x-amz-id-2: JVXBUVSTcx70rNdW2oZU+94Ksg0ZDr1yG/VP+jPJPaqSDzV2fot3u861AmvhX/pzEH1KUbDO4Ho=

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 33ms
17ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 1597176
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 684b02ed6d3763b9-FRA

GET
H2 200 18.57df1d4cba5cd9493cd2.js Show response
bountytowels.com/_next/static/chunks/ 15 KB
5 KB 29ms
29ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://bountytowels.com/_next/static/chunks/18.57df1d4cba5cd9493cd2.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/_next/static/chunks/webpack-7c303585cb5246f8ad9c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.21.175 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (mil/6C86) /

Resource Hash

52090e5ef8a3ebc9bf08b8660221a2f1da09c1bc95b92cdc16137964d3329bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /_next/static/chunks/18.57df1d4cba5cd9493cd2.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bountytowels.com
referer: https://bountytowels.com/en-us
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bountytowels.com/en-us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1979517
x-cache: HIT
vary: Accept-Encoding
content-length: 5013
x-xss-protection: 1;mode=block
last-modified: Fri, 30 Jul 2021 12:18:40 GMT
server: ECAcc (mil/6C86)
x-frame-options: DENY
etag: "050bc73d85d71:0"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: public, max-age=31536000,immutable
accept-ranges: bytes

GET
H2 200 BTY_Desktop_Module3_EverydayPrintsImage.jpg
res.cloudinary.com/mtree/w_1440,q_auto:eco,f_auto,dpr_auto/BOUNTY_US/3EXDrheKcMgVIgFpw9qYtC/321ae2b66ddd166c13e616e06e51dafa/ 158 KB
158 KB 8ms
8ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/mtree/w_1440,q_auto:eco,f_auto,dpr_auto/BOUNTY_US/3EXDrheKcMgVIgFpw9qYtC/321ae2b66ddd166c13e616e06e51dafa/BTY_Desktop_Module3_EverydayPrintsImage.jpg

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

da20488d8ce0b94e306f5156c7052a0d53933c268520a98dd4a801faf93690ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=2;cpu=1;start=2021-08-26T06:30:26.151Z;desc=hit,rtt;dur=5
vary: DPR
content-length: 161908
last-modified: Thu, 25 Mar 2021 10:34:21 GMT
server: Cloudinary
etag: "71d58255c855b4f9ceab6948d49b219f"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
content-dpr: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1162
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 26 Aug 2021 07:11:04 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 710
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Thu, 26 Aug 2021 07:18:36 GMT

GET
H2 200 372a8196-d71d-474c-8a7f-aec7992cd7c4.json Show response
cdn.cookielaw.org/consent/372a8196-d71d-474c-8a7f-aec7992cd7c4/ 3 KB
2 KB 35ms
21ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/372a8196-d71d-474c-8a7f-aec7992cd7c4/372a8196-d71d-474c-8a7f-aec7992cd7c4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d4588d68ac8860aaa6bbbc5f121b381adf8aafd0f00e09b8b06673c0db6f4fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: hbQtPPWxajDrokAIZbj1XA==
age: 1595521
vary: Accept-Encoding
content-length: 1272
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 05:57:59 GMT
server: cloudflare
etag: 0x8D9410C2CB489CC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e23c4c8c-701e-0119-21c0-8bb2db000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 684b02ee5b6f431b-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27c2321a0b15373a1c5ac0e209976c70769a2e3dc28a4042b9565b1de331ad00

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2014152383&t=pageview&_s=1&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&dp=bountytowels.com%2Fen-us&ul=en-us&de=UTF-8&dt=Paper%20Towels%20And%20Napkins%20For%20The%20Quicker%20Picker%20Upper%20%7C%20Bounty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEArAAAAAC~&jid=388615603&gjid=1156052567&cid=456728237.1629959426&tid=UA-32663782-1&_gid=1015875712.1629959426&_r=1&gtm=2wg8n0N94XXFB&cd1=en-us&cd2=46602&cd3=US&cd4=Bounty&cd5=en&cd6=ModernWeb&cd7=prod&cd8=Azure&cd9=MINDTREE&cd10=Live&cd11=GTM-MK8CS22&cd12=UA-3866269-6&cd13=(not%20set)&cd14=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20used)&cd18=(not%20set)&cd19=72497941&cd20=1&cd21=372a8196-d71d-474c-8a7f-aec7992cd7c4&cd22=false&cd23=false&cd24=false&cd25=(not%20set)&cd26=(not%20set)&cd27=166386984275510&cd28=Price%20Spider&cd29=false&cd31=false&cd32=(not%20set)&cd33=(not%20set)&cd34=false&cd35=write%20a%20review&cd36=false&cd37=false&cd38=false&cd39=false&cd40=CCPA&cd42=(not%20set)&cd43=false&cd44=false&cd45=false&cd46=Advanced&cd47=(not%20set)&cd48=(not%20set)&cd49=(not%20set)&cd50=456728237.1629959426&z=2095984553

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bountytowels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2014152383&t=pageview&_s=1&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&dr=&dp=%2Fen-us&ul=en-us&de=UTF-8&dt=Paper%20Towels%20And%20Napkins%20For%20The%20Quicker%20Picker%20Upper%20%7C%20Bounty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEArAAAAAC~&jid=1610278228&gjid=1179479322&cid=456728237.1629959426&tid=UA-3866269-6&_gid=1015875712.1629959426&_r=1&gtm=2wg8n0N94XXFB&cd29=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F87.0.4280.49%20Safari%2F537.36&cd31=(not%20set)&cd32=(not%20set)&cd33=Home&cd34=(not%20set)&cd35=(not%20set)&cd36=(not%20set)&cd37=(not%20set)&cd38=(not%20set)&cd39=(not%20set)&cd40=(not%20set)&cd42=(not%20set)&cd43=(not%20set)&cd46=Advanced&cd47=yes&cd48=(not%20set)&cd50=456728237.1629959426&cd41=(not%20set)&cd52=anonymous&z=1416246062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bountytowels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 148 KB
54 KB 44ms
42ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MK8CS22

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47352c2b0e286e1e639dbf3a94bdddbdbfbcc186715df6bde981f5e2f8228d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55719
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Aug 2021 06:30:26 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-3866269-6&cid=456728237.1629959426&jid=1610278228&gjid=1179479322&_gid=1015875712.1629959426&_u=aGDAAEArAAAAAC~&z=457838086

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 26 Aug 2021 06:30:26 GMT
content-type: text/plain
access-control-allow-origin: https://bountytowels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 19ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 5169569
vary: Accept-Encoding
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Thu, 24 Jun 2021 12:22:20 GMT
server: cloudflare
etag: 0x8D9370AB6896F5E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1e85a95a-b01e-0126-433f-6b0507000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 684b02ee9d7863b9-FRA
expires: Fri, 03 Sep 2021 06:30:26 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
254 B 18ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3866269-6&cid=456728237.1629959426&jid=1610278228&_u=aGDAAEArAAAAAC~&z=798125541

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-3866269-6&cid=456728237.1629959426&jid=1610278228&_u=aGDAAEArAAAAAC~&z=798125541

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/372a8196-d71d-474c-8a7f-aec7992cd7c4/ae340920-14cf-4bf3-a455-ab3c4bad2fe5/ 53 KB
13 KB 12ms
12ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/372a8196-d71d-474c-8a7f-aec7992cd7c4/ae340920-14cf-4bf3-a455-ab3c4bad2fe5/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea144e965630f46af13adc67a6ae236ec600ec632dd67a7b4d354266cae673aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WJVnzf58Nd2cDnNwtzjo5w==
age: 1595520
vary: Accept-Encoding
content-length: 12657
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 05:58:00 GMT
server: cloudflare
etag: 0x8D9410C2D0A0CF6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 84e17182-601e-0009-45c0-8bc268000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 684b02eecc7a431b-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bountytowels.com
URL: https://bountytowels.com/en-us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99d9db36685f4473105170acb756d375a1bf6aa18a5f9453964ca7cae9083830

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25993
x-xss-protection: 0
pragma: public
x-fb-debug: 3m/dhhIG+ovQUfkk1aTRD+S0x7Ge4CsCVbXL8CGqE39+6Q40HO1HHy+tV7c0dHr2FsOQrOQqqY2iqEVEMpt4gA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 26 Aug 2021 06:30:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 4 KB
2 KB 47ms
12ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N94XXFB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 05:49:58 GMT
content-encoding: gzip
age: 2428
x-guploader-uploadid: ADPycdtkvHv7IpT6Dcl5bRqccoM05s-GPpJai3EYsOUzqBzV0MshNjLcsA0G4iilnPdVg2YonDhMl3yol-pLefiSDO9CLTjeoA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1482
last-modified: Wed, 07 Apr 2021 18:40:01 GMT
server: UploadServer
etag: "dd7e4933d35d1a7cb610442e9bea8b94"
vary: Accept-Encoding
x-goog-hash: crc32c=dtXWGA==, md5=3X5JM9NdGny2EEQum+qLlA==
x-goog-generation: 1617820801121016
cache-control: public,max-age=3600
x-goog-stored-content-length: 1482
accept-ranges: bytes
content-type: application/javascript

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3267&partner_device_id=456728237.1629959426&gtmcb=1160257979
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=456728237.1629959426&gtmcb=1160257979

95 B
425 B

27ms
26ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=456728237.1629959426&gtmcb=1160257979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3267&partner_device_id=456728237.1629959426&gtmcb=1160257979
date: Thu, 26 Aug 2021 06:30:26 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 9909.js Show response
script.crazyegg.com/pages/scripts/0025/ 5 KB
2 KB 30ms
13ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0025/9909.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK8CS22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce4e2661b53009b5f0b64aae706e54cb7677a768e02e243604624565b0a06f7

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 328
cf-polished: origSize=4899
cf-ray: 684b02ef79a5c29a-FRA
ce-version: 11.1.316
last-modified: Thu, 26 Aug 2021 06:24:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H3-29

200

activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A... Show response
5644221.fls.doubleclick.net/ Frame C9E3
Redirect Chain

https://5644221.fls.doubleclick.net/activityi;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%...
https://5644221.fls.doubleclick.net/activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountyto...

444 B
366 B

59ms
32ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5644221.fls.doubleclick.net/activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK8CS22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

37295dd69e2e9697409e826d3f6b677f723f641074afbc3aa3397435f7fb5b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5644221.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bountytowels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Aug 2021 06:30:26 GMT
expires: Thu, 26 Aug 2021 06:30:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 341
x-xss-protection: 0
set-cookie: IDE=AHWqTUnSDO3HSlAMXX8XZwe1KpOrgnEt2fmDP02SubOhtnfDldDtv46dYraAGWvdrGE; expires=Sat, 26-Aug-2023 06:30:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Aug 2021 06:30:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5644221.fls.doubleclick.net/activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%... Show response
5641743.fls.doubleclick.net/ Frame E363
Redirect Chain

https://5641743.fls.doubleclick.net/activityi;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=http...
https://5641743.fls.doubleclick.net/activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbounty...

446 B
365 B

64ms
36ms

Document
text/html

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5641743.fls.doubleclick.net/activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK8CS22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f6.1e100.net

Software

cafe /

Resource Hash

65f338d7bc0ccc530efd534cc827343d56c7787e5acbbee84bf368a88e8cf684

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5641743.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bountytowels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Aug 2021 06:30:26 GMT
expires: Thu, 26 Aug 2021 06:30:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 340
x-xss-protection: 0
set-cookie: IDE=AHWqTUlXDTKgS5cZ5Mn4rG5s0swjOfz4W9yodem2-Jt01Z7K0BdrNnG7vgO4LQ8-wqw; expires=Sat, 26-Aug-2023 06:30:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Aug 2021 06:30:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5641743.fls.doubleclick.net/activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 133ms
115ms Script
application/javascript 2a02:26f0:6c00:287::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK8CS22
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:287::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "d281f5ef4add283680ff41edc6dd28c4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 367932a3-2.16.186.126
accept-ranges: bytes
content-length: 584
access-control-expose-headers: X-CDN

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 64ms
19ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: bountytowels.com
URL: https://bountytowels.com/en-us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
via: 1.1 varnish
last-modified: Mon, 12 Jul 2021 23:59:25 GMT
age: 36178
etag: "65cf0c0ceb852397f0d1e6732cd3c533+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1958
x-timer: S1629959427.523754,VS0,VE0
x-served-by: cache-fra19167-FRA

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 42ms
12ms Script
application/x-javascript 13.224.100.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MK8CS22
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.100.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-100-124.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 22:04:35 GMT
Via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 30351
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: 4J3T20gCS-11-XJvJSIwJ4H-2gw-afPnHgs3fq9Fi8o9-T2QcqtB8w==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 113 KB
34 KB 243ms
185ms Script
application/javascript 2.16.186.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2IN5QVMU8QAJ3JEQ1K0&lib=ttq
Requested by: Host: bountytowels.com
URL: https://bountytowels.com/en-us
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 83b6d802aa090ce29898946d1e0ddfdbe5dfa984870b14badb85025d1635d8dd

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-akamai-request-id: 8163e2c3.33c3ad23
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-40-40-13.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-134.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 157,2.16.186.134
server-timing: cdn-cache; desc=MISS, edge; dur=153, origin; dur=4, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 20210826063026010245049183350044BE
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.40.40.13
x-tt-trace-host: 01b35a153a8f8235757cc9dcd260ea68fde9b7423071921715736591a5f85c53eebe83248f6e7dd9aa98b5853d5e9c9d61e2b6684ce976c72cad9461d479a28254132268f05ee3cc5fad55a6dc89f6463a8cb97333ae759044dd04ed17653cc05096cd74253310dfe41c3d705e6225c49d
expires: Thu, 26 Aug 2021 06:30:26 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 15 KB
6 KB 58ms
30ms Script
application/javascript 13.224.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: bountytowels.com
URL: https://bountytowels.com/en-us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-91.zrh50.r.cloudfront.net
Software: CloudFront /
Resource Hash: a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5873
via: 1.1 697e9166a29142e018dae0e083c25f18.cloudfront.net (CloudFront)
x-amz-cf-id: 5WvX7R2SqwohSdreidjLYQw8gFqM8pBBxEBEhiOEgK_YjNm0PMGdFg==

GET
H2 200 activityi;register_conversion=1;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbounty...
5644221.fls.doubleclick.net/ 0
0 86ms
26ms Image
text/html 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5644221.fls.doubleclick.net/activityi;register_conversion=1;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fboun...
5641743.fls.doubleclick.net/ 0
0 70ms
26ms Image
text/html 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5641743.fls.doubleclick.net/activityi;register_conversion=1;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 166386984275510 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 61ms
60ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/166386984275510?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72da104e9da1077ef64daf633529f7a71bf290c922bec00434a6b729d1597f83

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: VyLA95MjZz46N4Ezfe0iIyRYCr072cSWL/70Pv4buy2Am9cUWuoYnrahvEx2hkAH++CNoabXfv8UNDhM0vPzVg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 26 Aug 2021 06:30:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag Show response
pandg.tapad.com/ Frame B9C7 174 B
436 B 29ms
26ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fbountytowels.com%2Fen-us&owner=P%26G&bp_id=firstp&data=%7B%22event%22%3A%22page_view%22%2C%22gaid%22%3A%22456728237.1629959426%22%2C%22mediaID%22%3A%22%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

5ea17bdd4eee0bfd3990e2fbf7b176a840b74c29960b500bfb82d7e39d19af03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pandg.tapad.com
:scheme: https
:path: /tag?referrer_url=&page_url=https%3A%2F%2Fbountytowels.com%2Fen-us&owner=P%26G&bp_id=firstp&data=%7B%22event%22%3A%22page_view%22%2C%22gaid%22%3A%22456728237.1629959426%22%2C%22mediaID%22%3A%22%22%7D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bountytowels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TapAd_TS=1629959426469; TapAd_DID=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://bountytowels.com/

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1629959426469;Expires=Mon, 25 Oct 2021 06:30:26 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa;Expires=Mon, 25 Oct 2021 06:30:26 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-length: 174
via: 1.1 google
alt-svc: clear

GET
H2 200 9909.json Show response
script.crazyegg.com/pages/data-scripts/0025/ 361 KB
17 KB 26ms
13ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0025/9909.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/9909.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38c81bdec0e82d1f12d70164d1926e739c9f260da4d22eabdd295b7a65f65ac

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 329
ce-version: 11.1.316
content-length: 16728
timing-allow-origin: *
last-modified: Thu, 26 Aug 2021 06:24:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 684b02efa8524db2-FRA

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame E0BC 0
182 B 125ms
40ms Document
text/html 99.80.189.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=kfzmybk&ref=https%3A%2F%2Fbountytowels.com%2Fen-us&upid=5hfb2tm&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.189.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-189-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=kfzmybk&ref=https%3A%2F%2Fbountytowels.com%2Fen-us&upid=5hfb2tm&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bountytowels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://bountytowels.com/

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame B9C7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa&gdpr=&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e91cadbf-3347-4bfe-aaf7-57fb06cfee1d&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa

95 B
419 B

27ms
27ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e91cadbf-3347-4bfe-aaf7-57fb06cfee1d&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa

Requested by

Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fbountytowels.com%2Fen-us&owner=P%26G&bp_id=firstp&data=%7B%22event%22%3A%22page_view%22%2C%22gaid%22%3A%22456728237.1629959426%22%2C%22mediaID%22%3A%22%22%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=e91cadbf-3347-4bfe-aaf7-57fb06cfee1d&ttd_puid=9b4e44eb-63ab-4c2b-9bf7-47d69e087aaa
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

GET
H2 200 11.1.316.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 102 KB
34 KB 15ms
15ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/11.1.316.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0025/9909.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95ac7ad515871924e7af8aa58f7a5fbfb3646cd3bf1b91d806919fd202d819d9

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 15:28:40 GMT
server: cloudflare
age: 45348
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 684b02efca29c29a-FRA
content-length: 34636

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame B06C 0
262 B 62ms
32ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=19b1af6a-ff71-4009-8431-fe35ffd0dd2e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=19b1af6a-ff71-4009-8431-fe35ffd0dd2e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bountytowels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://bountytowels.com/

Response headers

server: nginx/1.17.3
date: Thu, 26 Aug 2021 06:30:26 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 170ms
125ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2vie&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fbountytowels.com%2Fen-us

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 26 Aug 2021 06:30:26 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 99f435be3ba5ddede05a08593b141a58dda0eae86b365df1e6eff70c4f2081db
x-transaction: f1bfb08eae8dacf8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 168ms
130ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2vie&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fbountytowels.com%2Fen-us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Thu, 26 Aug 2021 06:30:26 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: eaf01a31e246818570f222190dbf5b22b44ef17660a238150d58bc69060a1c8d
x-transaction: 81bf6b54f9da766c
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 9909.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0025/ 24 KB
4 KB 14ms
14ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0025/9909.json?t=452766
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/11.1.316.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d67afd9db5b317bccc058c1a785b55254909b3c30896c576fb3c7f051e76b6

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 329
ce-version: 11.1.316
content-length: 3992
timing-allow-origin: *
last-modified: Thu, 26 Aug 2021 06:24:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 684b02eff8f84db2-FRA

POST
H2 200 p Show response
tr.snapchat.com/ Frame 3346 0
205 B 47ms
37ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 231
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://bountytowels.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bountytowels.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://bountytowels.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://bountytowels.com/

Response headers

server: nginx/1.17.3
date: Thu, 26 Aug 2021 06:30:26 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIQHC6d0S8guNtjV5Tr4lXukQx5GSG4OqjPmys1W0Y5GQMtH7RAw8bMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 407448993207071 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/407448993207071?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b3e4900cd86c97bbf390c6dfd9cdb96593c88c9220f8d43a671f1567e301c96

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: c8psL3V2h6P1VibZ7OYCyPU/+3cbhlTuEonWytsqsdag0BKcsoGLb1uOlBpNZoUEs0Gz8TFhN5K8YYZPtC6TXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 26 Aug 2021 06:30:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=166386984275510&ev=PageView&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&rl=&if=false&ts=1629959426584&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1629959426582.1159615632&it=1629959426480&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 26 Aug 2021 06:30:26 GMT

GET
H2 200 main.89cd5bf4.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 108ms
108ms Script
application/javascript 2a02:26f0:6c00:287::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:287::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6deee3ea7ecc4a5d9687c1bd57018c16"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 36793357-2.16.186.126
accept-ranges: bytes
content-length: 17418
access-control-expose-headers: X-CDN

GET
H2 200 dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=*;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us
adservice.google.com/ddm/fls/z/ Frame E363 42 B
262 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=*;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us

Requested by

Host: 5641743.fls.doubleclick.net
URL: https://5641743.fls.doubleclick.net/activityi;dc_pre=CNar94SIzvICFW8z0wodqocNlQ;src=5641743;type=btyprall;cat=bount0;ord=5481974214318;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5641743.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=*;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us
adservice.google.com/ddm/fls/z/ Frame C9E3 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=*;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us

Requested by

Host: 5644221.fls.doubleclick.net
URL: https://5644221.fls.doubleclick.net/activityi;dc_pre=CJen-ISIzvICFQc10wodTQ0LpQ;src=5644221;type=btyall;cat=bount0;ord=6870917894248;gtm=2wg8n0;auiddc=930938631.1629959426;u1=https%3A%2F%2Fbountytowels.com%2Fen-us;ps=1;~oref=https%3A%2F%2Fbountytowels.com%2Fen-us?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5644221.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=407448993207071&ev=PageView&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&rl=&if=false&ts=1629959426661&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1629959426582.1159615632&it=1629959426480&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 26 Aug 2021 06:30:26 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=166386984275510&ev=ViewContent&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&rl=&if=false&ts=1629959426662&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1629959426582.1159615632&it=1629959426480&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 26 Aug 2021 06:30:26 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
90 B 9ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=407448993207071&ev=ViewContent&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&rl=&if=false&ts=1629959426663&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1629959426582.1159615632&it=1629959426480&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 26 Aug 2021 06:30:26 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 443 B
812 B 149ms
106ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612467859696&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1629959426721

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

45eb4a06b8ac41231cacdee781d6a1175ed0dc544c3982b708305b281feaaab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.9d6656b8.1629959426.63d8c05
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1565967211825783
pin-unauth: dWlkPU9EY3lZbUZtTnprdFpUSXpOeTAwTjJObExUaGhOalV0TWpFeFl6azFOakl3TmpkaQ
access-control-allow-origin: https://bountytowels.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 331
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 154ms
112ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612467859696&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1629959426722

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9d6656b8.1629959426.63d8c07
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 4397725393786632
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
574 B 152ms
111ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2612467859696&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1629959426723

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:26 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9d6656b8.1629959426.63d8c08
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1459219201949419
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 187ms
187ms Script
application/javascript 2.16.186.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2IN5QVMU8QAJ3JEQ1K0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-akamai-request-id: f0b1cfb1.33c3ae46
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-44-4-38.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-134.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 158,2.16.186.134
server-timing: cdn-cache; desc=MISS, edge; dur=156, origin; dur=4, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 2021082606302601024503714413003DBD
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.44.4.38
x-tt-trace-host: 01b35a153a8f8235757cc9dcd260ea68fde9b7423071921715736591a5f85c53eec885bd7be035623ac0cbf6925443e8d98e1e3eb96599dafe452fdaeb5f809b86fa20402ce8e845a397da6a5d639bb8738c0198ab223af0689309807e428ee054428d99cc5b4b9375ca47d95aa9626056
expires: Thu, 26 Aug 2021 06:30:26 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 712 B
1 KB 187ms
187ms Script
application/javascript 2.16.186.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C2IN5QVMU8QAJ3JEQ1K0&hostname=bountytowels.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2IN5QVMU8QAJ3JEQ1K0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ca86e28aecb44436142ef8cb5da6fce1c5e0d74062a185c99bcdfec8c0640e3c

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-akamai-request-id: 7d346849.33c3ae61
date: Thu, 26 Aug 2021 06:30:26 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-40-40-70.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-134.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 156,2.16.186.134
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=4, inner; dur=0
content-length: 334
pragma: no-cache
server: nginx
x-tt-logid: 202108260630260102450621923F004E6F
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,23.40.40.70
x-tt-trace-host: 01b35a153a8f8235757cc9dcd260ea68fde9b7423071921715736591a5f85c53ee973048ec4e152ef4a7dcad1bf3a2985bffb95306650500126795d7290cd2e3e25243bd670edb334c890af865cff9174154dc18a8ff57c409bdf9c250a5eb7e29d70f25e944e0ff4d46e65ea1524b2941
expires: Thu, 26 Aug 2021 06:30:26 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
274 B 152ms
112ms XHR
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Aug 2021 06:30:27 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.9d6656b8.1629959426.63d8c50
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 7477385881105997
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
706 B 192ms
192ms Ping
application/octet-stream 2.16.186.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2IN5QVMU8QAJ3JEQ1K0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-138.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8e65b610.33c3af7d
date: Thu, 26 Aug 2021 06:30:27 GMT
x-cache-remote: TCP_MISS from a23-44-4-53.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-134.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-parent-response-time: 162,2.16.186.134
server-timing: cdn-cache; desc=MISS, edge; dur=155, origin; dur=7, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2021082606302701024504521314004768
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.44.4.53
x-tt-trace-host: 01b35a153a8f8235757cc9dcd260ea68fde9b7423071921715736591a5f85c53eebb6d41c8187d0e9df3740fabe0aeecd9382efe3ef90262ec8b19412d5506c05bc050b39820b7c6d6e40659d16502bc81bec86f44474588f619ec6a7e4d1301055168b7f587eac0f0010c320e525479f6
expires: Thu, 26 Aug 2021 06:30:27 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/ 326 B
441 B 358ms
334ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox.js?mb=1629959426973
Requested by: Host: bountytowels.com
URL: https://bountytowels.com/en-us
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c4b56ef63714ea52237728fc1c4f13f3701f084908b973815ed47bf8f53a485

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:27 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 684b02f2ba125c2c-FRA

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=166386984275510&ev=Microdata&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&rl=&if=false&ts=1629959427087&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paper%20Towels%20And%20Napkins%20For%20The%20Quicker%20Picker%20Upper%20%7C%20Bounty%22%2C%22meta%3Akeywords%22%3A%22Bounty%2C%20Bounty%20Towels%22%2C%22meta%3Adescription%22%3A%22Bounty%20paper%20towels%20and%20paper%20napkins%20are%20strong%20enough%20and%20can%20handle%20everyday%20spill%20and%20mess.%20Start%20cleaning%20effortlessly%20with%20absorbent%2C%20quicker%20picker%20up%20today.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Bounty%22%2C%22url%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%22%2C%22logo%22%3A%22https%3A%2F%2Fazcdn.pioneer.pgsitecore.com%2Fen-us%2F-%2Fmedia%2FBounty%2FImages%2FLogos%2FDesktop%2FBTY_BountyLogo.png%3Fh%3D65%26la%3Den-US%26w%3D81%26v%3D1-201806050904%22%2C%22parentorganization%22%3A%22Procter%20%26%20Gamble%22%2C%22sameAs%22%3A%5B%22http%3A%2F%2Fwww.facebook.com%2Fbounty%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fbountypapertowels%2F%3Fhl%3Den%22%2C%22http%3A%2F%2Ftwitter.com%2Fbounty%22%2C%22http%3A%2F%2Fwww.youtube.com%2FBountyBrand%22%5D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Bounty%22%2C%22alternateName%22%3A%22Bounty%20Paper%20Towels%22%2C%22url%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%2Fsearch%3Fterm%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1629959426582.1159615632&it=1629959426480&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 26 Aug 2021 06:30:27 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=407448993207071&ev=Microdata&dl=https%3A%2F%2Fbountytowels.com%2Fen-us&rl=&if=false&ts=1629959427163&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Paper%20Towels%20And%20Napkins%20For%20The%20Quicker%20Picker%20Upper%20%7C%20Bounty%22%2C%22meta%3Akeywords%22%3A%22Bounty%2C%20Bounty%20Towels%22%2C%22meta%3Adescription%22%3A%22Bounty%20paper%20towels%20and%20paper%20napkins%20are%20strong%20enough%20and%20can%20handle%20everyday%20spill%20and%20mess.%20Start%20cleaning%20effortlessly%20with%20absorbent%2C%20quicker%20picker%20up%20today.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22Bounty%22%2C%22url%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%22%2C%22logo%22%3A%22https%3A%2F%2Fazcdn.pioneer.pgsitecore.com%2Fen-us%2F-%2Fmedia%2FBounty%2FImages%2FLogos%2FDesktop%2FBTY_BountyLogo.png%3Fh%3D65%26la%3Den-US%26w%3D81%26v%3D1-201806050904%22%2C%22parentorganization%22%3A%22Procter%20%26%20Gamble%22%2C%22sameAs%22%3A%5B%22http%3A%2F%2Fwww.facebook.com%2Fbounty%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fbountypapertowels%2F%3Fhl%3Den%22%2C%22http%3A%2F%2Ftwitter.com%2Fbounty%22%2C%22http%3A%2F%2Fwww.youtube.com%2FBountyBrand%22%5D%7D%2C%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22name%22%3A%22Bounty%22%2C%22alternateName%22%3A%22Bounty%20Paper%20Towels%22%2C%22url%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fbountytowels.com%2Fen-us%2Fsearch%3Fterm%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1629959426582.1159615632&it=1629959426480&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 26 Aug 2021 06:30:27 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/ 645 KB
137 KB 28ms
28ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/user.js?cb=637646298475424155
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox.js?mb=1629959426973
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fc45989d00b3274e40b1844dea9f2087decd0417b3b91b32dae491d92309c1

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:27 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: OkS5IIgTiRaFecChKSkg4w==
age: 294658
cf-polished: origSize=1099330
last-modified: Mon, 14 Jun 2021 19:02:52 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 2a6e59db-901e-0082-3ff8-91f491000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 684b02f4df0f5c2c-FRA
expires: Fri, 26 Aug 2022 06:30:27 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 14ms
14ms Stylesheet
text/css 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637592941718484296
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/user.js?cb=637646298475424155
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:27 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 35450
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: be586eb4-b01e-00f3-475a-6186a8000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 684b02f538415c2c-FRA
expires: Fri, 26 Aug 2022 06:30:27 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42771/bountytowels.com/jsonp/ 526 B
779 B 600ms
139ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42771/bountytowels.com/jsonp/z?cb=1629959427408&callback=jQuery171002074121867402745_1629959427392&_=1629959427409
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/user.js?cb=637646298475424155
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 497402758a611c7f02a8fe7b1d501924f214d21911525dee6626656890b152bf

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 06:30:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
260 B 14ms
14ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1629959427399&h=bountytowels.com&e=p&u=42771
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:27 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1416422
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 98f468b3-801e-0096-0e5e-1f37f5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 684b02f548715c2c-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox/794da2d7-8498-48bf-96a7-8c21af402dc9/ 5 KB
4 KB 15ms
14ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox/794da2d7-8498-48bf-96a7-8c21af402dc9/settings.js?cb=637592941718484296
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/user.js?cb=637646298475424155
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2f412aea5849563c37c65126a51e96ea910b508bf61564359c8bfce7e51f18

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:28 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: +xViWOSA+aEZHA71O8zK+A==
age: 294657
cf-polished: origSize=5578
last-modified: Wed, 12 May 2021 01:54:40 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 7c0eba21-c01e-00fc-39c6-916b5e000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 684b02f95b345c2c-FRA
expires: Fri, 26 Aug 2022 06:30:28 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/ Frame 5FF3 219 KB
33 KB 21ms
21ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox_builder.js?cb=637592941718484296
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/user.js?cb=637646298475424155
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4960192f134e2598fd9b15bce8f46828effc64c65b46565443f40c2d480dfa98

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:28 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 0GiZ53RAfOCAlYZDH9ACjQ==
age: 6770
cf-polished: origSize=360811
last-modified: Tue, 29 Jun 2021 21:28:51 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: a18b7538-a01e-0064-461a-72e561000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 684b02f96b4e5c2c-FRA
expires: Fri, 26 Aug 2022 06:30:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5FF3 2 KB
672 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro&display=fallback

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox_builder.js?cb=637592941718484296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e6585fdbb3d099c635f47f1caddb3c3728d121a08c1bebc7b06253916b99a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 06:30:28 GMT
server: ESF
date: Thu, 26 Aug 2021 06:30:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 06:30:28 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
106 B 13ms
13ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1629959428169&h=bountytowels.com&e=i&u=42771&b=212641&v=empty&s=empty
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:28 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1416423
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 98f468b3-801e-0096-0e5e-1f37f5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 684b02fa2cf55c2c-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 5FF3 16 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bountytowels.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 13:27:21 GMT
x-content-type-options: nosniff
age: 147787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 13:27:21 GMT

GET
H2 200 settings.js Show response
www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox/f1d0cf56-9412-4745-b7c2-81c9fb252146/ 9 KB
7 KB 16ms
16ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox/f1d0cf56-9412-4745-b7c2-81c9fb252146/settings.js?cb=637592941718484296
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/user.js?cb=637646298475424155
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c98994a9c75e06d6cc646f25777754631c22c9988d8a9320e6d3b6d8536d45

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:31 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: m2sLGHSxISZPCwGK7rO4+A==
age: 6770
cf-polished: origSize=8774
last-modified: Wed, 12 May 2021 01:56:23 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: dd5b43b4-401e-0047-0abc-618aaa000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 684b030c08c65c2c-FRA
expires: Fri, 26 Aug 2022 06:30:31 GMT

GET
H2 200 lightbox_builder.js Show response
www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/ Frame C65C 219 KB
33 KB 29ms
28ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox_builder.js?cb=637592941718484296
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/user.js?cb=637646298475424155
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4960192f134e2598fd9b15bce8f46828effc64c65b46565443f40c2d480dfa98

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:31 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: 0GiZ53RAfOCAlYZDH9ACjQ==
age: 6773
cf-polished: origSize=360811
last-modified: Tue, 29 Jun 2021 21:28:51 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: a18b7538-a01e-0064-461a-72e561000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 684b030c08cd5c2c-FRA
expires: Fri, 26 Aug 2022 06:30:31 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame C65C 5 KB
697 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Lato|Open+Sans+Condensed|Montserrat&display=fallback

Requested by

Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/ab147fa5-dac1-41b4-8b76-079042b9dde6/lightbox_builder.js?cb=637592941718484296

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48606f18ccf2846769ecdd60bd8a33faff320eb253716632f42f2dcde8c6de47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 06:30:31 GMT
server: ESF
date: Thu, 26 Aug 2021 06:30:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 06:30:31 GMT

GET
H2 200 9a6aaee31d684685991958eb192a6140.png
s3.lightboxcdn.com/vendors/ab147fa5-dac1-41b4-8b76-079042b9dde6/uploads/ab523036-098c-4a41-bf10-ea95b02ab1ac/ Frame C65C 25 KB
26 KB 31ms
20ms Image
image/webp 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.lightboxcdn.com/vendors/ab147fa5-dac1-41b4-8b76-079042b9dde6/uploads/ab523036-098c-4a41-bf10-ea95b02ab1ac/9a6aaee31d684685991958eb192a6140.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35c698bf3771d1796ef4e0cd007826709ad23d134b3d328c75cd35f7fda9e5d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:31 GMT
cf-cache-status: HIT
age: 1769644
cf-polished: origFmt=png, origSize=51764
cf-ray: 684b030caa735c2c-FRA
last-modified: Wed, 11 Nov 2020 20:36:41 GMT
content-disposition: inline; filename="9a6aaee31d684685991958eb192a6140.webp"
content-length: 26046
x-amz-id-2: ryjhJcRZq99u0ZAeCVUX4zPHdg/QjrK312EQsSHwFCr3unZLTrC+AYKzitdKps7LSIfgm4RM0y0=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "1dc2795c1c022814e0df9089054bfe8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: EEW6JYTR3ZH8YXBR
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/webp
expires: Fri, 26 Aug 2022 06:30:31 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ Frame C65C 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Lato|Open+Sans+Condensed|Montserrat&display=fallback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bountytowels.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 00:29:56 GMT
x-content-type-options: nosniff
age: 194435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 00:29:56 GMT

GET
H2 200 CloseSVG.png
s3.lightboxcdn.com/vendors/ab147fa5-dac1-41b4-8b76-079042b9dde6/uploads/e8da8dda-e196-4496-a813-feee248f4aa8/ Frame C65C 84 B
347 B 14ms
14ms Image
image/webp 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.lightboxcdn.com/vendors/ab147fa5-dac1-41b4-8b76-079042b9dde6/uploads/e8da8dda-e196-4496-a813-feee248f4aa8/CloseSVG.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fad6662c5eb93d66fb72a7b9e196afc01934689444808a0cb4d02cadb191082a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 06:30:31 GMT
cf-cache-status: HIT
age: 1089488
cf-polished: origFmt=png, origSize=225
cf-ray: 684b030cbaae5c2c-FRA
last-modified: Fri, 25 Sep 2020 15:39:58 GMT
content-disposition: inline; filename="CloseSVG.webp"
content-length: 84
x-amz-id-2: lqPz1Qq0SzM7qXCSpFwWPCbhwxngJuwKtMBuNlQAOXu2WBPKOkDRe0TIzE1mSu2o74dIoWszMG4=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "e2d38e8562901e4b7651d1fb0949faa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 4463KJ43NM3N539G
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: image/webp
expires: Fri, 26 Aug 2022 06:30:31 GMT

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
176 B 16ms
16ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1629959431168&h=bountytowels.com&e=i&u=42771&b=208862&v=empty&s=empty
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://bountytowels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 26 Aug 2021 06:30:31 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1416426
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 98f468b3-801e-0096-0e5e-1f37f5000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 684b030ccad15c2c-FRA
cf-bgj: imgq:85,h2pri

Verdicts & Comments Add Verdict or Comment

285 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bountytowels.com/	1970-01-19 20:45:59	Name: _gat_UA-3866269-6 Value: 1
.bountytowels.com/	1970-01-19 20:45:59	Name: _gat_UA-32663782-1 Value: 1
.bountytowels.com/	1970-01-19 20:47:25	Name: _gid Value: GA1.2.1015875712.1629959426
.bountytowels.com/	1970-01-20 14:17:11	Name: _ga Value: GA1.2.456728237.1629959426

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://bountytowels.com/_next/static/chunks/pages/_app-75ed34bb54a27865a953.js(Line 1) Message: Contentful connection created
console-api	log	(Line 3) Message: Google Analytics Standard Events Library Loaded
console-api	log	(Line 1) Message: Price Spider Loaded
console-api	log	(Line 1) Message: Google Analytics Adjusted Bounce Rate Loaded
console-api	log	(Line 1) Message: Moat Loaded
console-api	log	(Line 1) Message: OneTrust Consent Loaded: 372a8196-d71d-474c-8a7f-aec7992cd7c4
console-api	log	(Line 1) Message: Facebook Remarketing Pixel Loaded: 166386984275510
console-api	log	(Line 2) Message: campaing on 1st page direct
console-api	log	(Line 1) Message: Tapad Loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5641743.fls.doubleclick.net
5644221.fls.doubleclick.net
adservice.google.com
analytics.tiktok.com
analytics.twitter.com
bountytowels.com
cdn.cookielaw.org
cdn.pricespider.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
js.adsrvr.org
lightboxapi.azurewebsites.net
match.adsrvr.org
pandg.tapad.com
pghub.io
pixel.tapad.com
res.cloudinary.com
s.pinimg.com
s3.lightboxcdn.com
sc-static.net
script.crazyegg.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
towels.com
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lightboxcdn.com
z.moatads.com
104.244.42.195
104.244.42.5
104.75.88.209
13.224.100.124
13.224.96.91
13.248.242.197
151.101.12.157
152.199.21.175
184.24.13.197
2.16.186.138
2.18.235.40
20.36.221.81
20.40.202.0
216.58.212.134
2606:4700::6810:135e
2606:4700::6810:51a5
2606:4700::6810:9440
2606:4700::6813:9308
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9c
2a02:26f0:6c00:287::1931
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::393
35.186.226.184
35.227.248.159
35.241.45.217
99.80.189.193
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0778c7129410167d36495563d1c4294d852c33db102a16482c66c9c1c05ffacf
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0c038b43640adfa825c172021dabcb65f4cb1910c571bddea9c8fa837844cb7e
0ce4e2661b53009b5f0b64aae706e54cb7677a768e02e243604624565b0a06f7
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1292265e0065c643737c79874430ef92ec7886492f63054b2daca30188270cfd
23a50b9e9b8d499c355be46debe876ed84896145232d7ab454f81da7283b9436
258828f1689e738faaa8d5f8f07e1f86cdce6f79f6468534109400d029c1e754
27504aaa38beea80d19cb0ec4ee4cb6ee93ebc1f9671c791cc062ad64a4aa5ed
27c2321a0b15373a1c5ac0e209976c70769a2e3dc28a4042b9565b1de331ad00
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
2adac57af019b276372b8b2a9535c86e6254ae179d0189fb20462ce4b2378a3e
2b3827a9ae11d9961848f311267cd89a7bcecb53e978af9f5b700858d85b69fb
2c0d67c19f34f8d2918135d9b1787c403cff141a40f67689e55e05ba06196b67
2e6585fdbb3d099c635f47f1caddb3c3728d121a08c1bebc7b06253916b99a5a
35c698bf3771d1796ef4e0cd007826709ad23d134b3d328c75cd35f7fda9e5d2
37295dd69e2e9697409e826d3f6b677f723f641074afbc3aa3397435f7fb5b42
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37dc59c5daab29401967f651049d82ec1265553d426ec484cf4a9c2baa1f5372
3c4b56ef63714ea52237728fc1c4f13f3701f084908b973815ed47bf8f53a485
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
443d41c905362e5073c79212ec86c5f69ddcfbc38f5530c6409b73c604e74259
44d67afd9db5b317bccc058c1a785b55254909b3c30896c576fb3c7f051e76b6
45eb4a06b8ac41231cacdee781d6a1175ed0dc544c3982b708305b281feaaab3
46a2c24c145b3cb49bfa73316e33272fba05bb5b855dab279e008b56b44a91f2
47352c2b0e286e1e639dbf3a94bdddbdbfbcc186715df6bde981f5e2f8228d1c
48606f18ccf2846769ecdd60bd8a33faff320eb253716632f42f2dcde8c6de47
4960192f134e2598fd9b15bce8f46828effc64c65b46565443f40c2d480dfa98
497402758a611c7f02a8fe7b1d501924f214d21911525dee6626656890b152bf
4e0e1e988e01c390c4e977764e65b3d439b32641f6f80533a338b4e39c23267b
5095656a7563589c5f74dd9eb3c96508e8bfff32561b883976ff8296880c0dfa
52090e5ef8a3ebc9bf08b8660221a2f1da09c1bc95b92cdc16137964d3329bd3
524100eb0ae8184a7507587ea04ec7b3338cc1ab3cc82431487b41bcd7f8b297
52e13f12838ba826ab907a369d89ec33b55ed960d907d69faac8638b65db2b1d
53cd0ee28577663ce150d1ba6cd156e6603020954a2fc7907371abaeeabb0211
5c2f412aea5849563c37c65126a51e96ea910b508bf61564359c8bfce7e51f18
5ea17bdd4eee0bfd3990e2fbf7b176a840b74c29960b500bfb82d7e39d19af03
60a894622e36a251859edc1747fb8d34dc236f1500900c8e3f4708fb3b7ed8cf
65f338d7bc0ccc530efd534cc827343d56c7787e5acbbee84bf368a88e8cf684
665497925761c3c79d097a5ca9987fc9edec30978675b854838bd325e6845d24
6768cab2da0ad67d13a1dcfd89ff16447b638155f3ff4f81356808d0dc381ad5
678260cea291bb54c010739b302df581a9a3576b2bfe665f5e913e8312f3a8be
6845db95dae8f13ab7ef0ebad5652ac24d73ef525661527f8a6ed5e02acbd0ce
6849cc53f2520b6a17a521cde6c32b4b7415ce688a759a4d5b5490c3609a07bd
6b3e4900cd86c97bbf390c6dfd9cdb96593c88c9220f8d43a671f1567e301c96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4588d68ac8860aaa6bbbc5f121b381adf8aafd0f00e09b8b06673c0db6f4fc
72da104e9da1077ef64daf633529f7a71bf290c922bec00434a6b729d1597f83
78a98bd01b3f55b7dc42742975fbc240eaf2438e28b9a042a74522ceb3750918
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b6d802aa090ce29898946d1e0ddfdbe5dfa984870b14badb85025d1635d8dd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ae4fe36f1e56325397e8d98f8581259459fe97557b20bbe8d45c5461be3a190
8d0908e62b5d2cce617017a5894514dd4f1c561c77374711d9906c2b98d07f14
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95ac7ad515871924e7af8aa58f7a5fbfb3646cd3bf1b91d806919fd202d819d9
99d9db36685f4473105170acb756d375a1bf6aa18a5f9453964ca7cae9083830
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839
a92b99b413aa8afe65e9a4943c148fdedab142e7b913dafc52a040d850a5b197
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aad79c44a45fecb4c3c5f7b64e3ea0e63c7f2fa9d80ed5d3dcdf15e03b22e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b6b1d92a77ebbc707260c3569c8ad044c2fa682f719e9fcba777851a6767d4e8
bbd2f14ef532e67780d4518c6ccbd63da85be7cc7c5deae25460f9f695069e14
c031d09da057e02fb5298a275010a77a661122c4ef19e5d9e13aedce60e83f63
c1dc8e3327843d322884e19feb443f3bab92256ecf88a3effca6b1c26544e771
c3d42dcc196c40980d577f06ed157fc8915e9e7a73b46f5b7d8a5ab41128ba04
c5f90e8d61fc2a1de44706c83320258d0c06d488b9afad8b68c16045507d32bb
ca688252f152fa76e45b575d7f7002d0ddbbab58a67b9f848c01a9fe2370acb2
ca86e28aecb44436142ef8cb5da6fce1c5e0d74062a185c99bcdfec8c0640e3c
cd01b70b42892d140958e528ede070f713da28875ca2bdf2c398458c403a1932
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
d0a07b38cb3b494b62fca3371b079968ebc507c8285b24ae5ff075b11f63edde
d1fc45989d00b3274e40b1844dea9f2087decd0417b3b91b32dae491d92309c1
d35141477b2a2f02b4723477426ae7ef4523e2e9db28e148a65b274143636da8
d5863036666ab64a438033e5fd1a62ed0736588db8497a468d7b833302f2fc35
da20488d8ce0b94e306f5156c7052a0d53933c268520a98dd4a801faf93690ff
da556df4dc2e8a01fc001ae2a2446328a6615e19a40e9113a8718f0ac018d2c4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e39c014ea11b8913cb167183ce67fc8a08b25d814017b5d58c995daa3fec03f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68ac53ad7b5ef4e6689a342c8d02893b9dca332f9af02207859f5eb36dd5255
e9e9aa29155f5d6dd3a1bb19e3908a7d6ea83ec6d834168b6bb03d4b5619a98e
ea144e965630f46af13adc67a6ae236ec600ec632dd67a7b4d354266cae673aa
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eec4671ddbc5bec93db2b95c7d8ca58d755d8ef5f423b70f0aaf9c2a5c8d3cc6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16f604b4e486058e83c7626116a85bae6a69a39db99501dc3010815434a4025
f38c81bdec0e82d1f12d70164d1926e739c9f260da4d22eabdd295b7a65f65ac
f6bed834b830d0103af9631fd40002eca3fa5debf0d43198ef9c24d8ccf82d4a
f9c98994a9c75e06d6cc646f25777754631c22c9988d8a9320e6d3b6d8536d45
fad6662c5eb93d66fb72a7b9e196afc01934689444808a0cb4d02cadb191082a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffc18eda67fa1b25133e70f7a6d56afa7a12678bf8a33447b8bf336caddd4cc9

bountytowels.com Open in urlscan Pro 152.199.21.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

53 %IPv6

30 Domains

37 Subdomains

37 IPs

4 Countries

2468 kBTransfer

5923 kBSize

4 Cookies

16 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bountytowels.com Open in urlscan Pro
152.199.21.175 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

53 %
IPv6

30
Domains

37
Subdomains

37
IPs

4
Countries

2468 kB
Transfer

5923 kB
Size

4
Cookies

109 HTTP transactions
10 data transactions