findrebatesonline.com Open in urlscan Pro
172.67.180.155 Public Scan

Software

Google Tag Manager /

Resource Hash

c807c2eb3c638883c68792e664082ea39d600de57e0c8190a8c3253fc52f31d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73601
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 07:07:28 GMT

GET
H2 200 logo.jpg
findrebatesonline.com/form/v8_0/images/ 10 KB
11 KB 28ms
28ms Image
image/jpeg 172.67.180.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://findrebatesonline.com/form/v8_0/images/logo.jpg
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.180.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9dd9394fe3e9fc5c17da44a3ad298983ebda0b8c5d6944512da0b36c0c8bb81b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 377
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 10562
last-modified: Tue, 15 Jun 2021 21:26:37 GMT
server: cloudflare
etag: "60c91b0d-2942"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9qBdRtt9K9w%2FCNID7HM7N5mMYwgKb4iyQMOyoBEiy6vkg2xJ95SXUdmhD2VqNtE2ueem3TDcIBSPRjiXGdeFUmbLiGb75b%2BgAsJAczJ%2Fot%2BTlWLZoGq1Tr4HPnFCPeZ8SO5Z8BaXS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 875256ad2c215bf2-SYD

GET
H2 200 powerwall.jpeg
findrebatesonline.com/form/v8_0/images/ 141 KB
142 KB 22ms
22ms Image
image/jpeg 172.67.180.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://findrebatesonline.com/form/v8_0/images/powerwall.jpeg
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.180.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 136a7b5f37ffccc0a0b15075d3c4491c4dcb28d4b771ff1d51c44cd072f62e7a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 377
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400
content-length: 144615
last-modified: Sat, 23 Mar 2024 12:44:57 GMT
server: cloudflare
etag: "65fecec9-234e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jluxMg3r6yekI8rUpg1Fb9LUdG758INLBqOgECYT35g3isF57PP%2BJA9gBkHzSrKB4mPcX2b%2F8cuMgeBtFRvaHWHiFao6hJ2SEm9m3QRI6rB%2FSMXj0iL4UXeAYsBgbBnlkblXcW5idq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 875256ad2c225bf2-SYD

GET
H3 200 email-decode.min.js Show response
findrebatesonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 5ms
4ms Script
application/javascript 172.67.180.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://findrebatesonline.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.180.155 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6610342c-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEvN1ewKZlU7uUn4A7%2FRjWzttFuhvG%2FhaJnLDxcUxz2Gf8OqSwAi%2Fi1CKRyvcpfRaEsXbId8KdjJIsZi%2B1LG4T0GIMSgAv6IO%2Bov7v4yNVBP2za%2BWzHCOESagvhE6bSVSWPCTH1VtUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 875256ad5be8a7ff-SYD
expires: Thu, 18 Apr 2024 07:07:28 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 234 KB
77 KB 556ms
152ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyD5xegKwLqdFjdyEBv_VfBdmBMXr4JUApk&libraries=places&callback=initAutocomplete

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5c27f5e370968ffc9bf99eaba4c549b7651f2d959a8c12fd52b817664f7c666c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78058
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 279 KB
95 KB 510ms
120ms Script
application/javascript 142.251.221.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCV9375

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05927893171f6b05809c31ca07273011b8060fc0878836e575b8996dbe0c8f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96897
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 07:07:28 GMT

GET
H3 200 SF-Pro-Display-Bold.woff
findrebatesonline.com/form/v8_0/fonts/ 133 KB
134 KB 13ms
13ms Font
application/font-woff 172.67.180.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://findrebatesonline.com/form/v8_0/fonts/SF-Pro-Display-Bold.woff
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/css/style.css?ref=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 33c16e370e6ce821308b6aeeb6cfede66e1421bdef9e4d0350bdceb197a24f32

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/form/v8_0/css/style.css?ref=1
Origin: https://findrebatesonline.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 21:26:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4923
etag: W/"60c91b0d-215a8"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGzYdGFM2140q451cabseMqbOTLZU9IPqWSdGMqxbPd%2Fb2Ajx%2FyyvwwvgJJavcq4g03u2Sm3CH%2FCdQNe3XPcTXXWb3slZZYRJdSj1k9FAjjmWPJUFm0Vaso1uBfvGx%2BXQJqxTdwmCEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 875256ad8c28a7ff-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 SF-Pro-Display-Regular.woff
findrebatesonline.com/form/v8_0/fonts/ 122 KB
122 KB 25ms
25ms Font
application/font-woff 172.67.180.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://findrebatesonline.com/form/v8_0/fonts/SF-Pro-Display-Regular.woff
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/css/style.css?ref=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5935c7e2dc97bbabce41d04115dbf28b15a7ddbf3a3957f1033e8ee0b60b8a25

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/form/v8_0/css/style.css?ref=1
Origin: https://findrebatesonline.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 21:26:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4923
etag: W/"60c91b0d-1e674"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1VgGNwh9i6RmNNhE9rNjF39oE7F1eiszAmcr8JfT%2FHqvI1idAbe4mmRmjNyIbphnxC43BQlfWJHEySiKhlq7V9qX54VQh6ZixzllAOiek5TAqKTxaGuJD35XRf25uF7QwWVhqb4Oq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 875256ad8c2ea7ff-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
89 KB 117ms
116ms Script
application/javascript 142.251.221.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TPR7EEMQRC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111132258-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c362a812abd57ba2a22ecae4d2aaad0343d573aeba156eaeeaa705463f0cf4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 07:07:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 355ms
2ms Script
text/javascript 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111132258-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Apr 2024 05:20:00 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6449
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Apr 2024 07:20:00 GMT

OPTIONS
H2 204 event
capi.instylesolar.com/api/ 0
0 223ms
4ms Preflight 13.237.201.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.instylesolar.com/api/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.237.201.187 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-237-201-187.ap-southeast-2.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://findrebatesonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://findrebatesonline.com
content-length: 0
date: Tue, 16 Apr 2024 07:07:29 GMT
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 204 event
capi.instylesolar.com/api/ 0
0 218ms
4ms Preflight 13.237.201.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.instylesolar.com/api/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.237.201.187 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-237-201-187.ap-southeast-2.compute.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://findrebatesonline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://findrebatesonline.com
content-length: 0
date: Tue, 16 Apr 2024 07:07:29 GMT
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
101 KB 184ms
184ms Script
application/javascript 142.251.221.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L0G9EE18HL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCV9375

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Google Tag Manager /

Resource Hash

0074c5dd916c72b976926b2466dfd40d6710d580d0c3cc036644c1f013676a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Apr 2024 07:07:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 315ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 07:07:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1314, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: f6OoeDAvBhvxi4CN4s+/Ftupc8EwSaBx64QQjzH3cS8QupjNOgS7YxEyTF6iiYCcCAzOH8K4dUeJI5q/E18UZw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 event Show response
capi.instylesolar.com/api/ 151 B
654 B 305ms
304ms XHR
application/json 13.237.201.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.instylesolar.com/api/event

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.237.201.187 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-237-201-187.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

4aa371f64f6c2fb7fd45eb67ba4d7a039a16ce56ce691c6c0f3c15ece24e443b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 151
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"97-MR40T6S6JswEKkKbwuvcsU7xJR4"
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://findrebatesonline.com
x-download-options: noopen

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 208ms
207ms Script
application/javascript 142.251.221.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-765930124

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCV9375

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.72 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-13-237-201-187.ap-southeast-2.compute.amazonaws.com

Software

Google Tag Manager /

Resource Hash

2cfc20a88d07b6de9e37ed849f9aee6fd39cc1afd65abf504fc04e03f9a360a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80862
x-xss-protection: 0
last-modified: Tue, 16 Apr 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Apr 2024 07:07:29 GMT

POST
H2 200 event Show response
capi.instylesolar.com/api/ 151 B
215 B 363ms
362ms XHR
application/json 13.237.201.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.instylesolar.com/api/event

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.237.201.187 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

fb9903f504529e92cf3205117590bda8c4e22bf70530ccb12446e308210dd033

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-length: 151
x-xss-protection: 0
referrer-policy: no-referrer
etag: W/"97-buYj98e7EKgsG2QahJOXQsJX8O0"
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://findrebatesonline.com
x-download-options: noopen

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 27 KB
8 KB 13ms
3ms Script
application/x-javascript 23.46.33.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.33.181 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-33-181.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ca4e94d0060925c51f32a6514711294c5178cce4df4d22baaefc1f7c41988d72

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 07:07:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2024 10:17:24 GMT
Server: AkamaiNetStorage
ETag: "474f6d8f126de84f58e1c0ecc6078736:1710757214.036926"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: OC
Cache-Control: max-age=1200
X-CC: AU
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8259
Expires: Tue, 16 Apr 2024 07:27:28 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 305ms
214ms Script
application/javascript 23.219.64.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3IQG3PM4B6L4J2EAS6G&lib=ttq
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.64.73 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-64-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 40335704f1306661f44063ae575beeee3fcbbb4b72609f4bb55a4850b90d4c0b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 6887d187.148f1ac9
date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416070729BD2F5AEDA06570510BF3-05CAA38B59A0AA89-00
x-cache: TCP_MISS from a23-219-64-69.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 206,23.219.64.69
server-timing: cdn-cache; desc=MISS, edge; dur=199, origin; dur=7, inner; dur=4
content-length: 1534
pragma: no-cache
server: nginx
x-tt-logid: 20240416070729BD2F5AEDA06570510BF3
x-cache-remote: TCP_MISS from a23-15-7-190.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55329865) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.15.7.190
x-tt-trace-host: 0191e8760827107b1a54aa4255d2f112a9959a3dac5c5b654fb5c0e3d9a203efbc76ad9fd9218421174d12d4b6daea6edffaea54b7baa4d3b589e1253af7a58ecd2898943aab87bd1adc3b33734897af6f3fd9e96b1d0636e94c6702cc0dc354538d9c513a3ac97528451b20c7d6e6ef06
expires: Tue, 16 Apr 2024 07:07:29 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 15ms
2ms Script
application/javascript 151.101.28.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.28.157 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:28 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2024 20:58:07 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200117-IAD, cache-syd10143-SYD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 28 KB
9 KB 313ms
3ms Script
application/javascript 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Feb 2024 20:38:48 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8702

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 602ms
150ms Ping
image/gif 38.133.127.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08234847634926541&referrer=&cht=gtm&marketerId=002c0f86375ccd453ee52dd39779c8b8ae&name=PAGE_VIEW&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.133.127.95 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 07:07:29 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 73e7b6902c29fd48946c4adb9746aa7b
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 593ms
149ms Script
application/javascript 38.133.127.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=002c0f86375ccd453ee52dd39779c8b8ae

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.133.127.95 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: deaa668be1c1b30203f6d8c82a82943a
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 002c0f86375ccd453ee52dd39779c8b8ae Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 13ms
4ms Script
text/html 23.46.33.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/002c0f86375ccd453ee52dd39779c8b8ae

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.46.33.181 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-46-33-181.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Tue, 16 Apr 2024 07:07:28 GMT
ob-sent-time: 1713215506274
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: OC
Cache-Control: max-age=60
X-CC: AU
Connection: keep-alive
X-TraceId: 33a05c99d61652f9302ffb652c441836
Content-Length: 22
Expires: Tue, 16 Apr 2024 07:08:28 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 704ms
291ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=514ccc4c-6e2f-447a-9061-8ba3c3721f80&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=efa303e5-db18-45ae-b3e5-5fc56417e8f6&tw_document_href=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&tw_iframe_status=0&txn_id=oby7z&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 145
date: Tue, 16 Apr 2024 07:07:29 GMT
strict-transport-security: max-age=0
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: 89bef9026f3b656b
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: f79ebb0b7022fda9c63d04e3a002a0183c2a9806e8c38abd1d496b031371840c
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 620ms
289ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=514ccc4c-6e2f-447a-9061-8ba3c3721f80&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=efa303e5-db18-45ae-b3e5-5fc56417e8f6&tw_document_href=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&tw_iframe_status=0&txn_id=oby7z&type=javascript&version=2.3.30

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_r /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 145
date: Tue, 16 Apr 2024 07:07:28 GMT
strict-transport-security: max-age=631138519
server: tsa_r
content-type: image/gif;charset=utf-8
x-transaction-id: 8db97133c196b683
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 03dbc90aca91b3d3eb79f7e1b816dba801a9ae5a67894ba190f90acbd42f8202
content-length: 43

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 206ms
105ms XHR
application/json 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD5xegKwLqdFjdyEBv_VfBdmBMXr4JUApk&libraries=places&callback=initAutocomplete

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://findrebatesonline.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/ 256 KB
56 KB 8ms
7ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD5xegKwLqdFjdyEBv_VfBdmBMXr4JUApk&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3de9e27e5f673102cf68b3b47f221fb56e6bab74e18b2b1e0b3afb9ee5c2db1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57431
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:31:02 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/ 182 KB
56 KB 7ms
6ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD5xegKwLqdFjdyEBv_VfBdmBMXr4JUApk&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

384db0b0107b2a5d55d7b19dd1ba914624ca9e299c3440c3fec795180fe4ad2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:31:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57065
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:31:02 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/ 93 KB
25 KB 6ms
5ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD5xegKwLqdFjdyEBv_VfBdmBMXr4JUApk&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34e534c6c7fb285c4a3d34ca0081909096b072140bf1887c5cb87ca338a0d627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:31:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24946
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:31:04 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/ 57 KB
18 KB 9ms
9ms Script
text/javascript 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/8/intl/en_au/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyD5xegKwLqdFjdyEBv_VfBdmBMXr4JUApk&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a100c9b7b7671bc5d4b07fb7367b70bff248bd903224bc26105ede63f5fd49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 17:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 480534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18178
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 17:51:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Apr 2025 17:38:34 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
166 B 166ms
102ms Ping
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TPR7EEMQRC&gtm=45je44f0v9119012521za200&_p=1713251248235&gcd=13l3l3l3l1&npa=0&dma=0&cid=1615286411.1713251249&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1713251249&sct=1&seg=0&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&dt=See%20If%20You%20Qualify%20-%20FRO&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1384
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TPR7EEMQRC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTFhN2NkNDczMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 410 KB
109 KB 9ms
9ms Script
application/javascript 23.219.64.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3IQG3PM4B6L4J2EAS6G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.64.73 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-64-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: baec6367becf496f2902d48ae7ea62aeac35e7973ea76461e6a2ada66e74d12f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 148f1bfe
date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124644C72ABD2B70704AC3ECEA
x-tt-trace-id: 00-240408124644C72ABD2B70704AC3ECEA-1F4EC15B25103368-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-219-64-69.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017edae43c27a9c60c2533a9d11e7c81e31560a04d2942dbc87b4ea3d3b2824c548b6f1423d7076905e7a7610da4e7ab04fcadb6611ff8e17f2920b3ff43c8ab6757745d551ab9f4e656a44ecd49f103e46541a6bf0b170b5214a6009723510248
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
content-length: 111290

GET
H2 200 t2_snihmrbj_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 316ms
10ms XHR
application/json 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_snihmrbj_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 12ms
3ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1713251249239&id=t2_snihmrbj&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=8cf3ae03-6318-4ccd-a9c6-5f92bbb7e107&aaid=&em=0000000000000000000000000000000000000000000000000000000000000001&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_c9439d84&dpm=&dpcc=&dprc=
Requested by: Host: findrebatesonline.com
URL: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 98ms
98ms XHR
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=135615275&t=pageview&_s=1&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&ul=en-au&de=UTF-8&dt=See%20If%20You%20Qualify%20-%20FRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1223577806&gjid=339393449&cid=1615286411.1713251249&tid=UA-111132258-7&_gid=691415047.1713251249&_r=1&gtm=457e44f0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=2049402161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 98ms
98ms XHR
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=135615275&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&ul=en-au&de=UTF-8&dt=See%20If%20You%20Qualify%20-%20FRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20View&ea=Form&_u=YADAAUABAAAAACAAI~&jid=1330732478&gjid=1455374663&cid=1615286411.1713251249&tid=UA-111132258-2&_gid=691415047.1713251249&_r=1&_slc=1&gtm=45He44f0n81WCV9375v78772245za200&gcd=13l3l3l3l1&dma=0&z=1199091935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 99ms
98ms XHR
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=135615275&t=pageview&_s=1&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&ul=en-au&de=UTF-8&dt=See%20If%20You%20Qualify%20-%20FRO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABBAAAACAAI~&jid=457267957&gjid=347758138&cid=1615286411.1713251249&tid=UA-111132258-2&_gid=691415047.1713251249&_r=1&z=1489152160

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 238987623343687 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 4ms
4ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/238987623343687?v=2.9.153&r=stable&domain=findrebatesonline.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3f642f1b2cb7e9676918591cc72fd7adbffa7b13bb98db7c6884c0a573eec1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 07:07:29 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11854
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=63, mss=1314, tbw=63062, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 7D+FU3DpHYP92hT5KhBwqxde3kZxBBXu/PJk+sf1Ec//0HxDSbpAKGTlnjRHZFf6Ips55LNo/gbZ2IbkZJS/ag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_38a7e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 23ms
23ms Script
application/javascript 23.219.64.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.64.73 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-64-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 148f1c77
date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124623EC6C267DFDC9F5C616EE
x-tt-trace-id: 00-240408124623EC6C267DFDC9F5C616EE-59992C362A6C3256-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-219-64-69.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0184164970946c705b02e74081ca27f87c8e7f673642fd91ba33831c4f7f7e6ffbe8979910853217d1e87907f6059ac550e40979c28297afaac57b8e42767d33903f1c69e52efde6e7e7569d3061e1b6e9060cd90f8b28352395f31706bef5d6ee
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37117

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
968 B 583ms
239ms Ping
text/plain 23.223.199.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.223.199.185 Los Angeles, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-223-199-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: eb5c7f09.2a7f085b
date: Tue, 16 Apr 2024 07:07:29 GMT
x-bytefaas-request-id: 20240416070729EE9DBA6A474F8250BC72
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416070729EE9DBA6A474F8250BC72-51EF9ADDF9F0E4A3-00
x-cache: TCP_MISS from a23-223-199-181.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55502997) (-)
x-parent-response-time: 72,23.223.199.181
server-timing: cdn-cache; desc=MISS, edge; dur=62, origin; dur=10, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240416070729EE9DBA6A474F8250BC72
x-cache-remote: TCP_MISS from a23-54-205-238.deploy.akamaitechnologies.com (AkamaiGHost/11.4.4.1-55336823) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.10
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0191e8760827107b1a54aa4255d2f112a9acc5ccde098dae727d03283b82d395ac888befec2387170f8afea5be8b8201feeeb9c909f9717e11977fbf5ba02439d890b2afaa5e1856ba0650d79970c6fc7f9d583b4d8ad1d5db20d67ca8c0b805200c4898bc0b0bc6d8354c9dadcdebfea1
x-origin-response-time: 10,23.54.205.238
access-control-allow-headers: *
expires: Tue, 16 Apr 2024 07:07:29 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 244ms
244ms Ping
text/plain 23.219.64.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.64.73 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-64-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d352c058.148f1cae
date: Tue, 16 Apr 2024 07:07:29 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240416070729190BBAB42EB57E4E6F9B-5F65F086243B80DF-00
x-cache: TCP_MISS from a23-219-64-69.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 232,23.219.64.69
server-timing: cdn-cache; desc=MISS, edge; dur=204, origin; dur=35, inner; dur=32
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240416070729190BBAB42EB57E4E6F9B
x-cache-remote: TCP_MISS from a23-48-200-40.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.48.200.40
x-tt-trace-host: 0191e8760827107b1a54aa4255d2f112a9959a3dac5c5b654fb5c0e3d9a203efbcd8f7c6f7573b7211d4702fa075587eef4ba32c8df5c71a969da3099e66c582ff908fcb0a0715443735919c5b336edda0041671f70704bbcdd6447e34c56e77f4a0659dc1bcfe54e2f8b77bf019b97eb5
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 07:07:29 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/765930124/ 3 KB
2 KB 206ms
105ms Script
text/javascript 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765930124/?random=1713251249367&cv=11&fst=1713251249367&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&hn=www.googleadservices.com&frm=0&tiba=See%20If%20You%20Qualify%20-%20FRO&npa=0&pscdl=noapi&auid=1450361830.1713251249&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-765930124

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

9e8fbc4141363b87f68cbf9c000d0700b08f2c0aa3c24e102489462e18d5e97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1529
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 500ms
101ms Image
image/png 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 16 Apr 2024 07:07:29 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
4 KB 498ms
99ms Image
image/png 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3351
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 16 Apr 2024 07:07:29 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
357 B 589ms
95ms XHR
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111132258-2&cid=1615286411.1713251249&jid=1330732478&gjid=1455374663&_gid=691415047.1713251249&_u=YADAAUABAAAAACAAI~&z=1928475605

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
74 B 590ms
97ms XHR
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111132258-2&cid=1615286411.1713251249&jid=457267957&gjid=347758138&_gid=691415047.1713251249&_u=YCDAAUABBAAAACAAI~&z=1804754120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 502ms
98ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-L0G9EE18HL&gtm=45je44f0v9104184842z878772245za200&_p=1713251248235&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1615286411.1713251249&ul=en-au&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713251249&sct=1&seg=0&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&dt=See%20If%20You%20Qualify%20-%20FRO&en=page_view&_fv=1&_ss=1&tfd=1669
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L0G9EE18HL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 558ms
98ms Ping
text/plain 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L0G9EE18HL&cid=1615286411.1713251249&gtm=45je44f0v9104184842z878772245za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L0G9EE18HL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://findrebatesonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 201ms
101ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L0G9EE18HL&cid=1615286411.1713251249&gtm=45je44f0v9104184842z878772245za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=85080452

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 123491246483733 Show response
connect.facebook.net/signals/config/ 28 KB
5 KB 5ms
4ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/123491246483733?v=2.9.153&r=stable&domain=findrebatesonline.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

10fc32492c95f611418e9ca01277661e07eba988d4ea4612f4dc9aaedf377b52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Apr 2024 07:07:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4725
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4613, tp=11, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: RFF6X3nhvw2HGHwUZu3CeaBa1gNV9prGHUvAHJeEMcZNRwiZheKufuUl2LLkDgcUHn/KN2G5t2XyIAaquALJzg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 315ms
4ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238987623343687&ev=PageView&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&rl=&if=false&ts=1713251249460&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbc=fb.1.1713251248912.PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&fbp=fb.1.1713251249459.172910188&ler=empty&cdl=API_unavailable&it=1713251249272&coo=false&eid=0712e552-6f38-4a05-b7ba-1ec4bea60a40&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1314, tbw=2811, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 07:07:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 287ms
4ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238987623343687&ev=FormView&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&rl=&if=false&ts=1713251249463&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbc=fb.1.1713251248912.PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&fbp=fb.1.1713251249459.172910188&ler=empty&cdl=API_unavailable&it=1713251249272&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1314, tbw=2811, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 07:07:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 261ms
4ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=238987623343687&ev=ViewContent&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&rl=&if=false&ts=1713251249465&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbc=fb.1.1713251248912.PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&fbp=fb.1.1713251249459.172910188&ler=empty&cdl=API_unavailable&it=1713251249272&coo=false&eid=93847689-ba7e-43b8-a794-143d7386b257&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1314, tbw=2811, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 07:07:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 204ms
4ms Image
text/plain 157.240.8.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=123491246483733&ev=PageView&dl=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&rl=&if=false&ts=1713251249494&sw=1600&sh=1200&v=2.9.153&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbc=fb.1.1713251248912.PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&fbp=fb.1.1713251249459.172910188&ler=empty&cdl=API_unavailable&cs_est=true&it=1713251249272&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1314, tbw=2811, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Apr 2024 07:07:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/765930124/ 42 B
64 B 207ms
106ms Image
image/gif 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/765930124/?random=1713251249367&cv=11&fst=1713250800000&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&frm=0&tiba=See%20If%20You%20Qualify%20-%20FRO&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqSkBpM-msVeRBiyKCzL5iRKm9GksDww&random=37212234&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/765930124/ 42 B
64 B 104ms
104ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/765930124/?random=1713251249367&cv=11&fst=1713250800000&bg=ffffff&guid=ON&async=1&gtm=45be44f0za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffindrebatesonline.com%2Fform%2Fv8_0%2F%3Futm_medium%3Dpaid%26utm_source%3Dig%26utm_id%3D120206553848940171%26utm_content%3D120207901660130171%26utm_term%3D120207267211780171%26utm_campaign%3D120206553848940171%26fbclid%3DPAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz&frm=0&tiba=See%20If%20You%20Qualify%20-%20FRO&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqSkBpM-msVeRBiyKCzL5iRKm9GksDww&random=37212234&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:29 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
849 B 1817ms
1817ms Ping
text/plain 23.219.64.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.219.64.73 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-219-64-73.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a5623773.148f1e9b
date: Tue, 16 Apr 2024 07:07:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404160707302CF27DE7B2EF7E517B88-261FDF734F7E0EA9-00
x-cache: TCP_MISS from a23-219-64-69.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
x-parent-response-time: 1799,23.219.64.69
server-timing: cdn-cache; desc=MISS, edge; dur=214, origin; dur=1594, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404160707302CF27DE7B2EF7E517B88
x-cache-remote: TCP_MISS from a23-48-200-48.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 1594,23.48.200.48
x-tt-trace-host: 0191e8760827107b1a54aa4255d2f112a9959a3dac5c5b654fb5c0e3d9a203efbc4c50706695ab812cf84682e58b4168887f8b5c46955f3d12d3bf69edfbef4b5e2d48f1d5dca5edcb1244cfe82098f05996d27fed97fe538eeff11cfb43eb24e15d7bf1b67c679b5583693b7b15981b9f
access-control-allow-headers: Authorization,*
expires: Tue, 16 Apr 2024 07:07:31 GMT

GET
H3 200 favicon.ico
findrebatesonline.com/form/v8_0/ 91 KB
19 KB 18ms
17ms Other
image/vnd.microsoft.icon 172.67.180.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://findrebatesonline.com/form/v8_0/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.155 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 65b065440e4b4a0f05b52469d62555a93f3734ce5574f893fbc2b26ef9c041b4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/form/v8_0/?utm_medium=paid&utm_source=ig&utm_id=120206553848940171&utm_content=120207901660130171&utm_term=120207267211780171&utm_campaign=120206553848940171&fbclid=PAAaZViJdFFboYaEsvwlgwT-pFxaxxQithwLeUyGHtWw0tVkWnGxKi8bI2Hk8_aem_AVGDJhVVbmmBhoJeUUPw0PxAtTLIpbwBbHv0K-asfSPsDXMq3tl3QjlraYWqt1MgQaoTS7HqWVdS_Oc7-yPpCkXz
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 07:07:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Jun 2021 21:26:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4919
etag: W/"60c91b0d-16c0e"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9NBPSTeGq%2BC1u20rpKs36p4W4lGB72CkGg9%2FvIygWEAFzU41tD%2BMGko4qaNTuWqybQF%2FA0vDkP4CDhr3%2BLwliVll7jdzo0TzMHxhGLBy6bvxu0yla%2FxXPU8n1seABzUcFpgacHlUUNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 875256b82923a7ff-SYD
alt-svc: h3=":443"; ma=86400

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 103ms
101ms Image
image/gif 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111132258-2&cid=1615286411.1713251249&jid=1330732478&_u=YADAAUABAAAAACAAI~&z=321288559

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 101ms
100ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111132258-2&cid=1615286411.1713251249&jid=1330732478&_u=YADAAUABAAAAACAAI~&z=321288559

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 104ms
103ms Image
image/gif 172.217.167.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111132258-2&cid=1615286411.1713251249&jid=457267957&_u=YCDAAUABBAAAACAAI~&z=1272229737

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://findrebatesonline.com/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 16 Apr 2024 07:07:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 101ms
99ms Image
image/gif 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111132258-2&cid=1615286411.1713251249&jid=457267957&_u=YCDAAUABBAAAACAAI~&z=1272229737

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS