urlscan.io logo urlscan.io
SecurityTrails logo

iwin.rewardsadvisor.com Open in urlscan Pro
2a0b:4d07:101::1  Public Scan

Go To Rescan Add Verdict Report
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer...
Submission: On January 31 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 40 HTTP transactions. The main IP is 2a0b:4d07:101::1, located in Switzerland and belongs to PROINITY PROINITY, CH. The main domain is iwin.rewardsadvisor.com. The Cisco Umbrella rank of the primary domain is 859227.
TLS certificate: Issued by R3 on December 4th 2022. Valid for: 3 months.
This is the only time iwin.rewardsadvisor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a0b:4d07:101::1 44239 (PROINITY ...)
9 2a0b:4d07:401::1 44239 (PROINITY ...)
3 2a00:1450:400... 15169 (GOOGLE)
4 52.38.238.78 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.231.226.144 16509 (AMAZON-02)
3 52.56.170.143 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 65.9.94.89 16509 (AMAZON-02)
1 3.229.47.106 14618 (AMAZON-AES)
40 15
2    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
iwin.rewardsadvisor.com
9    2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
impressure-c630.kxcdn.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    52.38.238.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-238-78.us-west-2.compute.amazonaws.com
events.impressure.io
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    54.231.226.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    52.56.170.143 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-170-143.eu-west-2.compute.amazonaws.com
script.anura.io
4    2606:4700::6812:1e97 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:10::6816:46e7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aimtell.io
4    65.9.94.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-89.prg50.r.cloudfront.net
djk97zng6lbya.cloudfront.net
1    3.229.47.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-47-106.compute-1.amazonaws.com
stats.pusher.com
Apex Domain
Subdomains		 Transfer
9 kxcdn.com
impressure-c630.kxcdn.com
165 KB
4 cloudfront.net
djk97zng6lbya.cloudfront.net
103 KB
4 aimtell.com
signals.aimtell.com — Cisco Umbrella Rank: 4388
2 KB
4 impressure.io
events.impressure.io
2 KB
3 anura.io
script.anura.io — Cisco Umbrella Rank: 62205
20 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 295
7 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 aimtell.io
cdn.aimtell.io — Cisco Umbrella Rank: 7504
1 KB
2 gstatic.com
fonts.gstatic.com
16 KB
2 rewardsadvisor.com
iwin.rewardsadvisor.com — Cisco Umbrella Rank: 859227
72 KB
1 pusher.com
stats.pusher.com — Cisco Umbrella Rank: 6321
75 B
1 amazonaws.com
s3.amazonaws.com
13 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
27 KB
0 aramistrk.com Failed
go.aramistrk.com Failed
40 14
Domain Requested by
9 impressure-c630.kxcdn.com iwin.rewardsadvisor.com
impressure-c630.kxcdn.com
4 djk97zng6lbya.cloudfront.net
4 signals.aimtell.com iwin.rewardsadvisor.com
s3.amazonaws.com
signals.aimtell.com
4 events.impressure.io iwin.rewardsadvisor.com
impressure-c630.kxcdn.com
3 script.anura.io iwin.rewardsadvisor.com
script.anura.io
3 www.google-analytics.com iwin.rewardsadvisor.com
www.google-analytics.com
2 cdn.aimtell.io s3.amazonaws.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com impressure-c630.kxcdn.com
ajax.googleapis.com
2 iwin.rewardsadvisor.com impressure-c630.kxcdn.com
1 stats.pusher.com impressure-c630.kxcdn.com
1 ajax.googleapis.com impressure-c630.kxcdn.com
1 s3.amazonaws.com iwin.rewardsadvisor.com
1 cdnjs.cloudflare.com impressure-c630.kxcdn.com
0 go.aramistrk.com Failed impressure-c630.kxcdn.com
40 15

This site contains no links.

Subject Issuer Validity Valid
iwin.rewardsadvisor.com
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.kxcdn.com
Thawte RSA CA 2018		 2022-07-28 -
2023-07-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
impressure.io
Amazon		 2022-07-26 -
2023-08-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
script.anura.io
Amazon		 2022-07-12 -
2023-08-10		 a year crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2022-05-09 -
2023-05-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.pusher.com
Gandi Standard SSL CA 2		 2022-04-07 -
2023-04-21		 a year crt.sh

This page contains 2 frames:

Frame: https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=-102371247425422124993112021216-107929-012&aff_sub3=035274bf-bf1f-4e03-a5f9-7f9cd062026c&aff_sub4=2042&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3-generic-0
Frame ID: CCE6832DE874731811B9C784A42EB19A
Requests: 40 HTTP requests in this frame

Frame: https://signals.aimtell.com/traverse
Frame ID: 0A27B6AC549D51E6BC824B65441B8A53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rewards Advisor

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.aimtell\.\w+/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

64 %
IPv6

14
Domains

15
Subdomains

15
IPs

4
Countries

451 kB
Transfer

1452 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2042&aff_sub2=-102371247425422124993112021216-107929-012&aff_sub3=035274bf-bf1f-4e03-a5f9-7f9cd062026c&aff_sub4=2042 HTTP 302
  • https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=-102371247425422124993112021216-107929-012&aff_sub3=035274bf-bf1f-4e03-a5f9-7f9cd062026c&aff_sub4=2042&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3-generic-0

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
iwin.rewardsadvisor.com/ 		404 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8227654d0a36318da1caa09bfc6854059af49b67a9615a32a2ac84afbe82d2c3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
br
content-length
68536
content-type
text/html
date
Tue, 31 Jan 2023 18:40:39 GMT
etag
"207dc7458098d6f2e82d1bbd48524f1a"
last-modified
Tue, 31 Jan 2023 16:00:19 GMT
server
keycdn-engine
x-amz-version-id
blrwJjTlEZsU9bfdDyi7TGiBaTrNHQYy
x-cache
HIT
x-cache-status
HIT
x-edge-location
defr
presenter.ae7ecc5.css
impressure-c630.kxcdn.com/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:40 GMT
content-encoding
br
x-amz-request-id
HP135FANDAGB8YRE
x-edge-location
atvi
x-cache
HIT
content-length
4919
x-amz-id-2
DBL8lCgz6N8VCKwXpEjg/5x8HWajUGDxYwyv/znBOqVURhGOJpl4rjAle3cEU6Gxgi0zEggVrwA=
last-modified
Tue, 23 Aug 2022 19:45:30 GMT
server
keycdn-engine
etag
"c8ba4cfb85a21500b78f527fec541e40"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:40 GMT
presenter.482eb53.js
impressure-c630.kxcdn.com/ 		408 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/presenter.482eb53.js
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
107d3772239ee34312267c8d1fcb39319a78f5aacdd19b0feaa02b85a59e4e2a

Request headers

Referer
https://iwin.rewardsadvisor.com/
Origin
https://iwin.rewardsadvisor.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:40 GMT
content-encoding
br
x-amz-request-id
VPCAK09WWPX8T9SN
x-edge-location
atvi
x-cache
HIT
content-length
106522
x-amz-id-2
x5vLX6C5mAYUge+KXisdE7Yhhem5B6ooGTOoGX4wjva9a5K1/zS1yoNXuuzWS8UfqQFNtqhdkL4=
last-modified
Tue, 15 Nov 2022 22:43:17 GMT
server
keycdn-engine
etag
"264c420f31e2e81c576f58c26b4e03eb"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Jan 2023 16:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6350
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 31 Jan 2023 18:54:50 GMT
info
events.impressure.io/ 		682 B
996 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.impressure.io/info?v=2&nonce=12982865283188624&userId=
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.238.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-238-78.us-west-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
af6623346e09d4388a714c9c1c46e0f1ada5fe3432fa6b83342bf5b432d51265
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 18:40:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
ETag
W/"2aa-cB19zUa38a+VCHOVe2dtHiazHus"
X-Powered-By
Express
Vary
Accept-Encoding, Origin
P3P
CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin
https://iwin.rewardsadvisor.com
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
521
truncated
/ 		21 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/jpeg
loading.d78985d5a90c42d31aaaf9203cddb569.gif
impressure-c630.kxcdn.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:40 GMT
content-encoding
gzip
x-amz-request-id
VPCF8H5DFCMX4G0R
x-edge-location
atvi
x-cache
HIT
content-length
1315
x-amz-id-2
7EizN41wK6x5qfrSiSbt1gc9IEbA1X6SyaGevrBOpw8hVIaYTUjVSxrXMGeh4dhi6srbLTelkwA=
last-modified
Tue, 21 Aug 2018 14:21:48 GMT
server
keycdn-engine
etag
W/"d78985d5a90c42d31aaaf9203cddb569"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:40 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
497822
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26983
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v23g1LtwzE1CMP0kFj0yJ%2BLIl1rnymVI7i1qhT33hw97nPxReNyZIDNVcGzGTiHXwZK0OmepSD%2BK3YAIsj0hzV6ErbucOQqA5p%2FUe0VrCiuMjBAz7xkg7ncjJ4IpS91bXpqUS7s3%2BkG3EYwDtezWAcx9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
792493c2c9240f5a-MXP
expires
Sun, 21 Jan 2024 18:40:41 GMT
css2
fonts.googleapis.com/ 		2 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500;800&display=swap
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4dd6ecdbe8ca863a0b4f2466b23a41e9157ebf8323286ece740d5d2eb78f42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 18:40:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Jan 2023 18:40:41 GMT
trackpush.min.js
s3.amazonaws.com/trackpush/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.226.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 31 Jan 2023 18:40:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Nov 2022 18:51:50 GMT
Server
AmazonS3
x-amz-request-id
ZDT2EPQ9D04H443E
ETag
"cbd14612441d2cca730df2e3c9f185c1"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13264
x-amz-id-2
nCCttoAMXgrnfbYKI5R2HMkQrBsnqNEgDC4UppiI6qqhTxlXepohKqZfE5Oie6vjf8TXnMu1U+c=
request.js
script.anura.io/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=2383107219&source=107929-74698&campaign=2017&variable=optionalResponseObjectVariable&889235664509
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.170.143 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-170-143.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
52170449702a276e4cd2ccc3122d8f0de5c4b68d053537b7e538a561b0e69fc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
track.js
signals.aimtell.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signals.aimtell.com/track.js
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
gzip
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtMJE8iK_PgcAzMwc5lwbvzGdz48t37uVWTd7sB6Dc9LZoy7LT8SHmx1QCgq6mvm84oUGaTnt2sXmxRx38ZzT8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Fri, 10 Sep 2021 18:50:33 GMT
server
cloudflare
etag
W/"e9cc12470321b3946d361c51f89f737a"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1631299833653847
content-type
text/javascript
x-goog-hash
crc32c=VcSEVw==, md5=6cwSRwMhs5RtNhxR+J9zeg==
cache-control
public, max-age=14400
x-goog-stored-content-length
3188
cf-ray
792493c35846e8eb-MXP
expires
Tue, 31 Jan 2023 22:40:41 GMT
8c34da45-8d1c-40ef-a9c5-368ad3b9e641.js
iwin.rewardsadvisor.com/chunk/189928/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iwin.rewardsadvisor.com/chunk/189928/8c34da45-8d1c-40ef-a9c5-368ad3b9e641.js
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
93f310f8edfa0dc1af2ef5a908e596a8b758c9f2ab5cb58ddad0a98840945a12

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
br
x-amz-version-id
_sPcZWo8ttuZ4NFo0qAqdRsgik97AW9S
last-modified
Tue, 31 Jan 2023 16:00:16 GMT
server
keycdn-engine
x-edge-location
defr
etag
"4a6a95f2155ba182c40f1a3ccf068b14"
x-cache-status
REVALIDATED
x-cache
MISS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, must-revalidate, max-age=0
accept-ranges
bytes
content-length
4868
lists
events.impressure.io/ 		31 B
424 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.impressure.io/lists?id=0&q=192.145.127.217%C2%ABaf259db141b1893e3b54918d59313501&v=4
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.238.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-238-78.us-west-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817

Request headers

accept
application/json
Referer
https://iwin.rewardsadvisor.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 31 Jan 2023 18:40:41 GMT
Server
nginx
ETag
W/"1f-w2zQu5TAHledxtxl6Y4gzn1Q0XY"
X-Powered-By
Express
Vary
Origin
P3P
CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin
https://iwin.rewardsadvisor.com
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
31
chunk.4.e1ba812.css
impressure-c630.kxcdn.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/chunk.4.e1ba812.css
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
br
x-amz-request-id
S6EC2B7PPS8E3BK4
x-edge-location
atvi
x-cache
HIT
content-length
784
x-amz-id-2
YB9nEe6FvpBrCQFxZ0YLZ7/ZhujDDVZxZB47BiXJxSeZxVV+vwXDcu5Ml+RYgHGP/MCLg7Lh1vk=
last-modified
Tue, 23 Aug 2022 19:45:27 GMT
server
keycdn-engine
etag
"1d4504cd8eb1a924fa3877af155e3acb"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:41 GMT
chunk.4.632257f.js
impressure-c630.kxcdn.com/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/chunk.4.632257f.js
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
br
x-amz-request-id
S6E2Q72NY87ZNFVH
x-edge-location
atvi
x-cache
HIT
content-length
13564
x-amz-id-2
3N5N0ajPv4WXgW28Kx2ZlpHXhV/QmUuSfWlbdk+AJdrwfhTTdQUofV9tI0OEYtPcFT/LOtHz4Fw=
last-modified
Tue, 23 Aug 2022 19:45:33 GMT
server
keycdn-engine
etag
"b1ded3ed49dd625cfd1196fd4bf192df"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:41 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 06:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388060
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 06:53:01 GMT
chunk.7.b6c5ab6.css
impressure-c630.kxcdn.com/ 		1 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/chunk.7.b6c5ab6.css
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
br
x-amz-request-id
S6E8322F2SEVW239
x-edge-location
atvi
x-cache
HIT
content-length
537
x-amz-id-2
gzuJnI0sE95rtFXpSV8tY8cCO2QaYBTKkWbyAHslUipIbVQ4c0ZM2ExzvYMS5yNA338vriJDak4=
last-modified
Tue, 23 Aug 2022 19:45:30 GMT
server
keycdn-engine
etag
"1f2e32f2ccbe4956bd43b676c6acbdc8"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:41 GMT
chunk.7.9b4f67e.js
impressure-c630.kxcdn.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/chunk.7.9b4f67e.js
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
br
x-amz-request-id
S6EFNZDQNQ0VP0DK
x-edge-location
atvi
x-cache
HIT
content-length
3350
x-amz-id-2
sOfJI9CLjIUTSOX9jTUSJoKZEqML3QiRKoRDJY0jjrPa+Eje1Kwxig34osG+ZZZNSPjEmutr4XM=
last-modified
Tue, 23 Aug 2022 19:45:33 GMT
server
keycdn-engine
etag
"aab16c3901aa85bf6cbd3d12fb635424"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:41 GMT
chunk.13.7a5258a.js
impressure-c630.kxcdn.com/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/chunk.13.7a5258a.js
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
content-encoding
br
x-amz-request-id
TTPG0GW3SXPCMSGJ
x-edge-location
atvi
x-cache
HIT
content-length
5065
x-amz-id-2
QKhJGwZnLwNMbRMqmawWuRh4gMZWdBQGPL/bg9eo+0+4Bdk+/fbiuf675a+Nc75Kl2dksntej5A=
last-modified
Tue, 23 Aug 2022 19:45:26 GMT
server
keycdn-engine
etag
"04b6f9c350e90de6b9711301bf2c2b72"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:41 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iwin.rewardsadvisor.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 13:07:32 GMT
x-content-type-options
nosniff
age
365590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 13:07:32 GMT
collect
www.google-analytics.com/j/ 		2 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1416247839&t=pageview&_s=1&dl=https%3A%2F%2Fiwin.rewardsadvisor.com%2F%3Futm_content%3Dwalmartvstarget_250%26transaction_id%3D102371247425422124993112021216%26aff_id%3D2042%26offer_id%3D3284%26url_id%3D%7Burl_id%7D%26aff_sub%3D107929%26aff_sub2%3D74698%26aff_sub3%3Db0ecb242-a196-11ed-827a-a3126dd2db83%26aff_sub4%3Dd0184bb3150%26aff_sub5%3D28865%26i%3D%7Bi%7D%26aff_click_id%3D9549f2ed20dad9556fbcb9f70812da43%26clickid%3D9549f2ed20dad9556fbcb9f70812da43&dp=%2F&ul=en-us&de=UTF-8&dt=Mcdonalds%20vs%20Burger%20KIng%20&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAAABAAAAACACAC~&jid=2101557531&gjid=1343493304&cid=810741328.1675190440&tid=UA-204685638-1&_gid=1811031065.1675190440&_r=1&_slc=1&cd1=107929&z=1271449161
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iwin.rewardsadvisor.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 31 Jan 2023 18:40:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://iwin.rewardsadvisor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
events.impressure.io/ 		72 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.impressure.io/events
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.238.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-238-78.us-west-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
0942d4a1b9b1ee70d9eda1357e1ba38511cce395643e13e5770130e1cec840b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://iwin.rewardsadvisor.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 31 Jan 2023 18:40:42 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
W/"48-7R8lIse4p7OeuOZPk+nOwILBge0"
X-Powered-By
Express
Vary
Origin
P3P
CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin
https://iwin.rewardsadvisor.com
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
72
pageview
signals.aimtell.com/ 		43 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signals.aimtell.com/pageview?id_site=24312&v=3.974&support=1&state=default&wl=1
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:41 GMT
aimtell-hash-exists
0
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
https://iwin.rewardsadvisor.com
aimtell-traverse
1
access-control-expose-headers
Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials
true
cf-ray
792493c65c16e8eb-MXP
access-control-allow-headers
Content-Type, *
content-length
43
24312-041e2bdba891.json
cdn.aimtell.io/config/optin/ 		626 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/optin/24312-041e2bdba891.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1bd1ad33d4d45a78f3c69783b61ee489bfdba30136d010686a65cd1c1b9e74

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:42 GMT
content-encoding
gzip
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
MXP63-P2
x-cache
Miss from cloudfront
content-length
424
last-modified
Mon, 02 May 2022 17:56:33 GMT
server
cloudflare
etag
"ad9357b4d852b54d407519c4f7bfd01e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
cf-ray
792493c6a801bb23-MXP
x-amz-cf-id
2RfEHTl7UXUIX7H_0ttOvbxDjeH0sr4pl7u33eLzmFyx0wiTGVZfdA==
collect
www.google-analytics.com/ 		35 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1416247839&t=timing&_s=2&dl=https%3A%2F%2Fiwin.rewardsadvisor.com%2F%3Futm_content%3Dwalmartvstarget_250%26transaction_id%3D102371247425422124993112021216%26aff_id%3D2042%26offer_id%3D3284%26url_id%3D%7Burl_id%7D%26aff_sub%3D107929%26aff_sub2%3D74698%26aff_sub3%3Db0ecb242-a196-11ed-827a-a3126dd2db83%26aff_sub4%3Dd0184bb3150%26aff_sub5%3D28865%26i%3D%7Bi%7D%26aff_click_id%3D9549f2ed20dad9556fbcb9f70812da43%26clickid%3D9549f2ed20dad9556fbcb9f70812da43&ul=en-us&de=UTF-8&dt=Rewards%20Advisor&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=530&pdt=49&dns=0&rrt=0&srt=24&tcp=127&dit=236&clt=492&_gst=184&_gbt=280&_u=aEBAAAABAAAAACACAC~&jid=&gjid=&cid=810741328.1675190440&tid=UA-204685638-1&_gid=1811031065.1675190440&cd1=107929&z=1246111854
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jan 2023 16:06:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9271
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
564fac38-4ebc-4569-8d84-0cadfad0d7f9.png
djk97zng6lbya.cloudfront.net/2021/08/11/16/37/53/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://djk97zng6lbya.cloudfront.net/2021/08/11/16/37/53/564fac38-4ebc-4569-8d84-0cadfad0d7f9.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
755158b8ec87a849abf410abd4f21887243ce6975e6aeff7cdd5d1fd3a2780cd

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 22:09:33 GMT
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified
Wed, 11 Aug 2021 16:37:54 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
765070
etag
"59fe4cfd2c2f6d7878dd42219052f91b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-meta-json
accept-ranges
bytes
content-length
8523
x-amz-cf-id
8iQ_4wnkRS-rJIc0lWhbQVWIoVFfPRzNxZ9WGovfMm876o8FpGiIwA==
5261b31c-ee95-4bca-be4b-ea6da6e144b6.png
djk97zng6lbya.cloudfront.net/2021/08/17/23/03/02/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://djk97zng6lbya.cloudfront.net/2021/08/17/23/03/02/5261b31c-ee95-4bca-be4b-ea6da6e144b6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4067b20d452e31be404f856db1e0d3cdc1eee2123b227ec3de8a9a53f457cdd2

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 16:05:54 GMT
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified
Tue, 17 Aug 2021 23:03:03 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
95689
etag
"a2e9632f5d13b04a09a8e6ec5e348a80"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-meta-json
accept-ranges
bytes
content-length
52846
x-amz-cf-id
MBw2Ms2RnnSgfcvSca9FqIcVgSHdZh87t_QlJS9H9jHu7V69K0--Sw==
traverse
signals.aimtell.com/ Frame 0A27 		30 B
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://signals.aimtell.com/traverse
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19

Request headers

Referer
https://iwin.rewardsadvisor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, *
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
cf-ray
792493c69c7de8eb-MXP
content-length
30
content-type
text/html;charset=UTF-8
date
Tue, 31 Jan 2023 18:40:42 GMT
server
cloudflare
vary
Accept-Encoding
56c1cd15-09c1-4f87-8194-684064f6ec66.jpg
djk97zng6lbya.cloudfront.net/2022/05/05/20/01/38/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://djk97zng6lbya.cloudfront.net/2022/05/05/20/01/38/56c1cd15-09c1-4f87-8194-684064f6ec66.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b87365862477ec4a647ddbec411ab33af6b040a0bf85ec08896f44928c2ee958

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:17:47 GMT
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 20:01:39 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
336176
etag
"9b06d930c3c0f8dc2c77fc36c94a14e3"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-meta-json
accept-ranges
bytes
content-length
15949
x-amz-cf-id
9_DJfd2WKac4Mtm87uJF2mose82tetIipHkVOAKYBGQBv-06wimDEg==
0a46d2dc-d869-43df-9e41-2fd782154b56.png
djk97zng6lbya.cloudfront.net/2021/09/30/06/55/35/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://djk97zng6lbya.cloudfront.net/2021/09/30/06/55/35/0a46d2dc-d869-43df-9e41-2fd782154b56.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-89.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
346e206b005b833ce3f40e9cf6f6c85420b9799fddfbba6036e13064bb553d20

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:17:47 GMT
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified
Thu, 30 Sep 2021 06:55:36 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
336176
etag
"bd052afabeaf44ba526f2afcdc2eb8bb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-meta-json
accept-ranges
bytes
content-length
26868
x-amz-cf-id
Cl-LlTPyC0d2QP93inRo-QFa8NQn6b0gXccvGyAXZjENVTyUPrN_eg==
fetch
signals.aimtell.com/ 		70 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signals.aimtell.com/fetch?t=c2lnbmFsc2Rtcw&show=1
Requested by
Host: signals.aimtell.com
URL: https://signals.aimtell.com/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
670e7b2fabfd277f6fad2d6c182b9a03cafde387d2fe5155fbebdab1b95299d6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:42 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://iwin.rewardsadvisor.com
access-control-allow-credentials
true
cf-ray
792493c6ccb3e8eb-MXP
access-control-allow-headers
Content-Type, *
css
fonts.googleapis.com/ 		1003 B
516 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 31 Jan 2023 18:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 16:46:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Jan 2023 18:40:42 GMT
chunk.1.24bd7cb.js
impressure-c630.kxcdn.com/ 		119 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://impressure-c630.kxcdn.com/chunk.1.24bd7cb.js
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
ee3dc6dae29a50c2a6a7b77a5d8f5be706488215ddeda2dfef10ddc31da5956a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:42 GMT
content-encoding
br
x-amz-request-id
WZSQXA66XYE3PBFY
x-edge-location
atvi
x-cache
HIT
content-length
29129
x-amz-id-2
EJHk0lhYzI3Nueznc9SyGceYaxHqSCoZeitbDJRa+0H9LmuTBw/h6EgAoa1ay4RsfZswLBqLOcA=
last-modified
Tue, 23 Aug 2022 19:45:26 GMT
server
keycdn-engine
etag
"2bc0ccd647e1f04eec548e8319d94de8"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
expires
Tue, 07 Feb 2023 18:40:42 GMT
events
events.impressure.io/ 		75 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.impressure.io/events
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.238.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-238-78.us-west-2.compute.amazonaws.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://iwin.rewardsadvisor.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 31 Jan 2023 18:40:43 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
W/"4b-hrnxL1kMqQf9zjhMQVsoXAi62fE"
X-Powered-By
Express
Vary
Origin
P3P
CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin
https://iwin.rewardsadvisor.com
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
75
response.json
script.anura.io/ 		126 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2383107219&source=107929-74698&campaign=2017&variable=optionalResponseObjectVariable&889235664509
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.170.143 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-170-143.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
7eaf2d9679e170a1b4e8404992f6e7ff7378d15c74aae3c41cd051042a9367b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iwin.rewardsadvisor.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Jan 2023 18:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://iwin.rewardsadvisor.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 09:31:17 GMT
x-content-type-options
nosniff
age
378565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 09:31:17 GMT
result.json
script.anura.io/ 		76 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/result.json
Requested by
Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.56.170.143 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-56-170-143.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8d3ebe3bcf8b8eb03b92f626bb4c982fb149bd1527d133d7c99da5e379807cc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iwin.rewardsadvisor.com/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 31 Jan 2023 18:40:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
1
stats.pusher.com/timeline/v2/jsonp/ 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=NDQzNzIxOTA4&bundle=MQ%3D%3D&key=NTAyODM0YTg1MjU1MGVlNDZkZjk%3D&lib=anM%3D&version=NC40LjA%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2NzUxOTA0NDIxNzl9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjc1MTkwNDQyMTgwfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjc1MTkwNDQyMTgwfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY3NTE5MDQ0MjE4MH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY3NTE5MDQ0MjE4MX0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY3NTE5MDQ0MjU1NH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI0NDUyMjEuNzkzMDQ4In0sInRpbWVzdGFtcCI6MTY3NTE5MDQ0MjU1NX1d
Requested by
Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/chunk.1.24bd7cb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.47.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-47-106.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:42 GMT
server
awselb/2.0
content-length
0
content-type
application/javascript; charset=utf-8
24312-041e2bdba891.json
cdn.aimtell.io/config/ 		95 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/24312-041e2bdba891.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://iwin.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 18:40:43 GMT
content-encoding
gzip
via
1.1 bd4e114ece87e9cf66a7eccfeb6c9c4a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
MXP63-P2
x-cache
Miss from cloudfront
content-length
104
last-modified
Fri, 13 Aug 2021 18:56:17 GMT
server
cloudflare
etag
"2e9a47727caf9c4def7ceb9e72845ea1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
cache-control
max-age=86400
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
cf-ray
792493cb8aeabb23-MXP
x-amz-cf-id
Ie53GIGlRPfVRCGOxbbDSQcrv9uq_zHqQokkIvQUQ2IX-_RI6WjHhg==
aff_c
go.aramistrk.com/
Redirect Chain
  • http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2042&aff_sub2=-102371247425422124993112021216-107929-012&aff_sub3=035274bf-bf1f-4e03-a5f9...
  • https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=-102371247425422124993112021216-107929-012&aff_sub3=035274bf-bf1f-4e03-a5f9-7f9cd062026c&aff_sub4=2042&aff_sub...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
go.aramistrk.com
URL
https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=-102371247425422124993112021216-107929-012&aff_sub3=035274bf-bf1f-4e03-a5f9-7f9cd062026c&aff_sub4=2042&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3-generic-0

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| __info object| Impressure function| ga function| loadCSS object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| __core-js_shared__ object| core function| Mousetrap function| $ function| jQuery object| _at function| _aimtellReady function| _aimtellPermissionGranted object| aramis function| x object| utilities object| _atSignal object| optionalResponseObjectVariable undefined| _aimtellPushToken boolean| _aimtellRanScript string| _aimtellSubscriberID undefined| _aimtellRefreshResult object| trackData object| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted string| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel string| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker string| _aimtellCurrentPage object| _aimtellPromptConfiguration object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellSPAOptinHelper function| _aimtellPromptConfig function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellSignal function| _aimtellInitWorker function| _aimtellForceRefreshSW object| WebFont function| Pusher

8 Cookies

Domain/Path Name / Value
.iwin.rewardsadvisor.com/ Name: _ga
Value: GA1.3.810741328.1675190440
.iwin.rewardsadvisor.com/ Name: _gid
Value: GA1.3.1811031065.1675190440
.rewardsadvisor.com/ Name: _user_time
Value: 1675190440217|1675190440217
iwin.rewardsadvisor.com/ Name: _user_random
Value: 0.6521871836590589
.rewardsadvisor.com/ Name: _user_id
Value: a0fb9a1f-de7d-40f4-a3f2-2234e3bec823-Q0PpMTbKCcgq1WDFj6ob9eI8slaZ5CSWX+KJD+4hr0
.iwin.rewardsadvisor.com/ Name: _gat
Value: 1
signals.aimtell.com/ Name: s0
Value: 9add2df9-812f-f6e7-daf5-c2efd0d98680
iwin.rewardsadvisor.com/ Name: _aimtellSubscriberID
Value: 84e59181-e37d-4868-1595-7e85f0c79866

1 Console Messages

Source Level URL
Text
other error URL: https://iwin.rewardsadvisor.com/?utm_content=walmartvstarget_250&transaction_id=102371247425422124993112021216&aff_id=2042&offer_id=3284&url_id={url_id}&aff_sub=107929&aff_sub2=74698&aff_sub3=b0ecb242-a196-11ed-827a-a3126dd2db83&aff_sub4=d0184bb3150&aff_sub5=28865&i={i}&aff_click_id=9549f2ed20dad9556fbcb9f70812da43&clickid=9549f2ed20dad9556fbcb9f70812da43
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.aimtell.io
cdnjs.cloudflare.com
djk97zng6lbya.cloudfront.net
events.impressure.io
fonts.googleapis.com
fonts.gstatic.com
go.aramistrk.com
impressure-c630.kxcdn.com
iwin.rewardsadvisor.com
s3.amazonaws.com
script.anura.io
signals.aimtell.com
stats.pusher.com
www.google-analytics.com
go.aramistrk.com
2606:4700:10::6816:46e7
2606:4700::6811:180e
2606:4700::6812:1e97
2a00:1450:4001:80e::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a0b:4d07:101::1
2a0b:4d07:401::1
3.229.47.106
52.38.238.78
52.56.170.143
54.231.226.144
65.9.94.89
0942d4a1b9b1ee70d9eda1357e1ba38511cce395643e13e5770130e1cec840b2
107d3772239ee34312267c8d1fcb39319a78f5aacdd19b0feaa02b85a59e4e2a
1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d
1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20
346e206b005b833ce3f40e9cf6f6c85420b9799fddfbba6036e13064bb553d20
39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7
3a1bd1ad33d4d45a78f3c69783b61ee489bfdba30136d010686a65cd1c1b9e74
4067b20d452e31be404f856db1e0d3cdc1eee2123b227ec3de8a9a53f457cdd2
4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52170449702a276e4cd2ccc3122d8f0de5c4b68d053537b7e538a561b0e69fc9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054
6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199
6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817
670e7b2fabfd277f6fad2d6c182b9a03cafde387d2fe5155fbebdab1b95299d6
755158b8ec87a849abf410abd4f21887243ce6975e6aeff7cdd5d1fd3a2780cd
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7eaf2d9679e170a1b4e8404992f6e7ff7378d15c74aae3c41cd051042a9367b8
80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8227654d0a36318da1caa09bfc6854059af49b67a9615a32a2ac84afbe82d2c3
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0
8c4dd6ecdbe8ca863a0b4f2466b23a41e9157ebf8323286ece740d5d2eb78f42
8d3ebe3bcf8b8eb03b92f626bb4c982fb149bd1527d133d7c99da5e379807cc9
93f310f8edfa0dc1af2ef5a908e596a8b758c9f2ab5cb58ddad0a98840945a12
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
af6623346e09d4388a714c9c1c46e0f1ada5fe3432fa6b83342bf5b432d51265
b87365862477ec4a647ddbec411ab33af6b040a0bf85ec08896f44928c2ee958
cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3dc6dae29a50c2a6a7b77a5d8f5be706488215ddeda2dfef10ddc31da5956a
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0
faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39