urlscan.io logo urlscan.io
SecurityTrails logo

www.mrrebates.com Open in urlscan Pro
64.106.178.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.travis.com/
Effective URL: https://www.mrrebates.com/Default.asp
Submission: On January 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 58 HTTP transactions. The main IP is 64.106.178.205, located in United States and belongs to DATAPIPE, US. The main domain is www.mrrebates.com. The Cisco Umbrella rank of the primary domain is 587330.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 27th 2022. Valid for: a year.
This is the only time www.mrrebates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 69.163.153.22 26347 (DREAMHOST-AS)
3 22 64.106.178.205 14492 (DATAPIPE)
2 2a00:1450:400... 15169 (GOOGLE)
14 52.217.235.232 16509 (AMAZON-02)
16 52.217.67.102 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.14.184.154 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
58 9
1    69.163.153.22 (Brea, United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-igloo.chehalem.dreamhost.com
www.travis.com
22    64.106.178.205 (United States)

ASN14492 (DATAPIPE, US)
www.mrrebates.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    52.217.235.232 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
16    52.217.67.102 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.us-east-1.amazonaws.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    185.14.184.154 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
eu.cookie-script.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
30 amazonaws.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 3512
220 KB
22 mrrebates.com
www.mrrebates.com — Cisco Umbrella Rank: 587330
221 KB
3 gstatic.com
fonts.gstatic.com
68 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
ajax.googleapis.com — Cisco Umbrella Rank: 520
35 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 424
17 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
430 B
1 cookie-script.com
eu.cookie-script.com — Cisco Umbrella Rank: 169471
4 KB
1 travis.com
www.travis.com
154 B
58 8
Domain Requested by
22 www.mrrebates.com 3 redirects www.mrrebates.com
16 s3.us-east-1.amazonaws.com www.mrrebates.com
14 s3.amazonaws.com www.mrrebates.com
3 fonts.gstatic.com fonts.googleapis.com
2 ssl.google-analytics.com 1 redirects www.mrrebates.com
2 fonts.googleapis.com www.mrrebates.com
1 stats.g.doubleclick.net www.mrrebates.com
1 eu.cookie-script.com www.mrrebates.com
1 ajax.googleapis.com www.mrrebates.com
1 www.travis.com 1 redirects
58 10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
cookie-script.com
Subject Issuer Validity Valid
mrrebates.com
Go Daddy Secure Certificate Authority - G2		 2022-10-27 -
2023-10-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-18 -
2023-09-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.mrrebates.com/Default.asp
Frame ID: BDA553D7C5707B16D3F73AC927CAA51C
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mr. Rebates - Cash Back Shopping at 3000+ Stores

Page URL History Show full URLs

  1. https://www.travis.com/ HTTP 302
    http://www.mrrebates.com/?refid=444459 HTTP 302
    https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
    http://www.mrrebates.com/ HTTP 302
    https://www.mrrebates.com/Default.asp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

564 kB
Transfer

1056 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.travis.com/ HTTP 302
    http://www.mrrebates.com/?refid=444459 HTTP 302
    https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
    http://www.mrrebates.com/ HTTP 302
    https://www.mrrebates.com/Default.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=532680279&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr.%20Rebates%20-%20Cash%20Back%20Shopping%20at%203000%2B%20Stores&utmhid=338232641&utmr=-&utmp=%2FDefault.asp&utmht=1673357030884&utmac=UA-2785414-1&utmcc=__utma%3D144528489.2114193236.1673357031.1673357031.1673357031.1%3B%2B__utmz%3D144528489.1673357031.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=544181137&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=2114193236.1673357031&jid=544181137&_v=5.7.2&z=532680279

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Default.asp
www.mrrebates.com/
Redirect Chain
  • https://www.travis.com/
  • http://www.mrrebates.com/?refid=444459
  • https://www.mrrebates.com/Default.asp?refid=444459
  • http://www.mrrebates.com/
  • https://www.mrrebates.com/Default.asp
31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
a0a8351324488190ce546620fdd8419be62e8833e2c266d188253fc8987eb898
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
7492
Content-Type
text/html
Date
Tue, 10 Jan 2023 13:23:48 GMT
Server
Microsoft-IIS/7.0
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET

Redirect headers

Cache-Control
private
Content-Length
158
Content-Type
text/html
Date
Tue, 10 Jan 2023 13:23:48 GMT
Location
https://www.mrrebates.com/Default.asp
Server
Microsoft-IIS/7.0
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
autocomplete.css
www.mrrebates.com/css/ 		2 KB
857 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/css/autocomplete.css
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:48 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Oct 2017 05:05:29 GMT
Server
Microsoft-IIS/7.0
ETag
"80b2c4daa44d31:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
536
foundation.css
www.mrrebates.com/css/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/css/foundation.css
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Oct 2017 05:05:38 GMT
Server
Microsoft-IIS/7.0
ETag
"0fd2113aa44d31:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
13904
foundation-icons.css
www.mrrebates.com/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/css/foundation-icons.css
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Oct 2017 05:04:59 GMT
Server
Microsoft-IIS/7.0
ETag
"80fe3fba944d31:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3641
app_06_20_22.css
www.mrrebates.com/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/css/app_06_20_22.css
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
8b23bf553156bcc6f98e0d59a9b3219011ff459f803847692b5d454f131e1042
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2022 20:14:58 GMT
Server
Microsoft-IIS/7.0
ETag
"0cdcd69e284d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4780
motion-ui.css
www.mrrebates.com/css/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/css/motion-ui.css
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Oct 2017 05:05:26 GMT
Server
Microsoft-IIS/7.0
ETag
"0effabaa44d31:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1581
balloon.css
www.mrrebates.com/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/css/balloon.css
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Nov 2019 19:59:31 GMT
Server
Microsoft-IIS/7.0
ETag
"8053cbd9caa3d51:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1140
css
fonts.googleapis.com/ 		7 KB
877 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
adbf541589e53494de940d17e3cd18a7c95438a49fefc8239f420536def049ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Jan 2023 13:23:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 Jan 2023 13:23:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Jan 2023 13:23:49 GMT
css
fonts.googleapis.com/ 		1 KB
984 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Baloo+Paaji
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8eb0f03cf4eedb3de632c3f2805fdbf36304d7b3dfc12fa2dc1180499acf8fd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Jan 2023 13:23:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 10 Jan 2023 13:23:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Jan 2023 13:23:49 GMT
common_functions.js
www.mrrebates.com/includes/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/includes/common_functions.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Oct 2018 20:08:29 GMT
Server
Microsoft-IIS/7.0
ETag
"eed23a538c70d41:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
984
MrRebates_SmBlackGrn3.gif
s3.amazonaws.com/mr.basics/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.basics/MrRebates_SmBlackGrn3.gif
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7908da05a461f55cdf943e69bacc4fb8c21e112354b432905ea961cfd0cc971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 11 Nov 2019 21:06:10 GMT
Server
AmazonS3
x-amz-request-id
M3X58QBAV493JCF6
ETag
"e091e923ef5c74f624b04d58add00ec2"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6772
x-amz-id-2
09yPPqpGEyZ7ThvyuDhZkX5c4BgkyU+yf228xRVC6KWs54lx9ToG7NXVjrxmY2x6c45+tAQcsac=
x-amz-meta-s3b-last-modified
20161101T032100Z
walmart_120_60.png
s3.amazonaws.com/mr.logos.2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.2/walmart_120_60.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 01 Feb 2021 05:50:33 GMT
Server
AmazonS3
x-amz-request-id
M3X36WERNEE18BJT
ETag
"bc2a78fb6eb378037206d501d7f82048"
x-amz-meta-sha256
0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3921
x-amz-id-2
/+HmLL/jyaE5LLfMnpfcdZaNBIhNK+QdA+55A8eSOiCoG7MQDG+WK/PBBCclcAuxKiUyDl6V4DI=
x-amz-meta-s3b-last-modified
20210201T055027Z
macys_120_60.png
s3.amazonaws.com/mr.logos.2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.2/macys_120_60.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 02 Dec 2019 01:36:39 GMT
Server
AmazonS3
x-amz-request-id
M3X0Q4BR5JK9DWQA
ETag
"ac947845bd19df687f4a3a22272cbb37"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2932
x-amz-id-2
BpDt6ZtkbufJcgRAlzCUCIW01yBnZ+hTezwMHMpQEyhH9DrS0AkTulnEZoLLJISmhrJGKi52kJA=
x-amz-meta-s3b-last-modified
20191202T013542Z
ebay.gif
s3.amazonaws.com/mr.logos.2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.2/ebay.gif
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 07 Oct 2019 23:32:56 GMT
Server
AmazonS3
x-amz-request-id
M3X6C4X2QWGA6SME
ETag
"9b744c7988833ef3f9a1f06d391402f1"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
5165
x-amz-id-2
C6geEkdUPdLbQ37QU7dTXk/dtwwiMWBTcD5oFeJS081P1OefrZr/aEEwlusgvHmDRo52MP2hO0k=
x-amz-meta-s3b-last-modified
20161031T161200Z
default_splash_large.png
s3.amazonaws.com/mr.basics/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.basics/default_splash_large.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
94ff552a3ed464e2f926cef32831ead100c8f7440edd8f74d0e86857de7dc2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 11 Nov 2019 20:50:27 GMT
Server
AmazonS3
x-amz-request-id
M3X6D9BWGDH4W1F6
ETag
"9d2b14ca5a76f5c07a3efbff91b88fbd"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
19552
x-amz-id-2
nLWv5HJuDXGogusoOcgG9JNhsFtjZP4rg4miOOzNlQRK8FpDk5YUKzKreGaH6IE2JfemEutGxGc=
x-amz-meta-s3b-last-modified
20190124T230000Z
default_splash_medium.png
s3.amazonaws.com/mr.basics/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.basics/default_splash_medium.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
14e201c29cbdde20437efc6ef0435f4cd99e4110a720a8866130ee8200255ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 11 Nov 2019 20:50:27 GMT
Server
AmazonS3
x-amz-request-id
M3X1QV526WRJMWX4
ETag
"5da00e353a990f6955890606caeeebef"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
13973
x-amz-id-2
B2DQrJL4mwKoeDRsY9hO/hCrh4JX+M/DFSSNzgqqtRDsci3H/xKJjNuqZT0OSTlgDq4EL0FBE64=
x-amz-meta-s3b-last-modified
20190124T230000Z
default_splash_small.png
s3.amazonaws.com/mr.basics/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.basics/default_splash_small.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d395131eb0423d0ab744514b3519df008038a5438c08cd33f748e68ce6fff9f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 11 Nov 2019 20:50:28 GMT
Server
AmazonS3
x-amz-request-id
M3XC4KWW2BC5D272
ETag
"f49e79d3c155045883900de0abc8aa31"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
12522
x-amz-id-2
iiUYPKXcFTEauI7zumxJLLEJM6ZIMaSf76zeYkLSBpashoa7HwCluSxH7lWmyPh3nNicnnNULqA=
x-amz-meta-s3b-last-modified
20190124T230000Z
hsn_01102023.jpg
s3.us-east-1.amazonaws.com/mr.hero/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.hero/hsn_01102023.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a6b326845a38987eec16bae46ddb82adb92e5c241289c590c6c3fc483d5f4c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Fri, 06 Jan 2023 20:50:44 GMT
Server
AmazonS3
x-amz-request-id
M3X99Q8DE04RMC95
ETag
"91c97b38844e4d7a028aac19e03ead47"
x-amz-meta-sha256
a6b326845a38987eec16bae46ddb82adb92e5c241289c590c6c3fc483d5f4c2b
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
30878
x-amz-id-2
XPU0JMUoMcrDqvRzsM/SOrkGpVvqaErsTJe6t6VLUgL/H8BWKbyFZi0V7OHqGHlEj/jzAB3DiX8=
x-amz-meta-s3b-last-modified
20230106T203600Z
bloomingdales.gif
s3.amazonaws.com/mr.logos.2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.2/bloomingdales.gif
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5ca2c966eab56fcec3bafc6f7fb3b9e5ee7be60770011c50d01772a213bda9b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 07 Oct 2019 23:31:55 GMT
Server
AmazonS3
x-amz-request-id
M3XD3EJY2KTRP89M
ETag
"0c0be2c7e4301946d97e945196f8ed63"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2154
x-amz-id-2
I2pIIo07Zq1uhCASrNPrlxh4bUP7Vf3pI1P6Xl0Rs0PA53UknMNNKv/ShTKHo9AIARSAQhO6Yx0=
x-amz-meta-s3b-last-modified
20161026T223900Z
ihg_hotels_resorts_120x60.png
s3.amazonaws.com/mr.logos.2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.2/ihg_hotels_resorts_120x60.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1b2d87042736b98b6c5a6b808dfca1a355a36c5fd70ea7d7d432d082ed9e4e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 16 Feb 2021 22:44:34 GMT
Server
AmazonS3
x-amz-request-id
M3X5KYPXF9T75MM1
ETag
"aad458accc8b2f1c2b3e5f7cdaead062"
x-amz-meta-sha256
1b2d87042736b98b6c5a6b808dfca1a355a36c5fd70ea7d7d432d082ed9e4e24
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2535
x-amz-id-2
nkukEn2ykhB6NqKEAL8W48nQ61wSstTQkw5YWErmEAmu5VOebkYfW49CIhdSmHXfFuDMjGELxIM=
x-amz-meta-s3b-last-modified
20210216T224237Z
uniqlo_logo.png
s3.us-east-1.amazonaws.com/mr.newsletter/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.newsletter/uniqlo_logo.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2835d845173f23524c73c47d8f8a6f0173a8c5304da768d207b5f0dcfb67bff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Wed, 15 Dec 2021 17:16:51 GMT
Server
AmazonS3
x-amz-request-id
M3X7ARGWYYV6D5TH
ETag
"223a82664e647f08b961d703516befd0"
x-amz-meta-sha256
2835d845173f23524c73c47d8f8a6f0173a8c5304da768d207b5f0dcfb67bff4
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1325
x-amz-id-2
ZnKwEOJyRgw/017FfToFBJ21WtDQEakyEY2NGC1+yA24M3njuLCLG5lWnFUAgfcoqouxuu0s0Ao=
x-amz-meta-s3b-last-modified
20211215T170900Z
farfetch_01092023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/farfetch_01092023.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1ab7335e6fdfb08c11cdfac093c831d27fa6866205dcca835127565015eac0b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Thu, 05 Jan 2023 21:21:54 GMT
Server
AmazonS3
x-amz-request-id
M3XCRZ6N5KS1QYJS
ETag
"34c585b01f6b14259fc3b0feb5197af4"
x-amz-meta-sha256
1ab7335e6fdfb08c11cdfac093c831d27fa6866205dcca835127565015eac0b5
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
5627
x-amz-id-2
+yaq0jmjSYxtEVeFZr3tTDz+UMxZ+zx25XbXBXkIi59+0QvNycGLJhvDqi/DZEZkkBfTkjO86k8=
x-amz-meta-s3b-last-modified
20230105T212121Z
sams_club_logo_2019.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/sams_club_logo_2019.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
608c741d90aeddbe75ba154c3939f0ff93889e0a47cbcd062b9add1954f096f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Fri, 11 Oct 2019 18:31:22 GMT
Server
AmazonS3
x-amz-request-id
M3X6F622WNYB3WGC
ETag
"aa39cc88de1cb87a626d8f6d77201101"
x-amz-meta-sha256
608c741d90aeddbe75ba154c3939f0ff93889e0a47cbcd062b9add1954f096f4
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4561
x-amz-id-2
y7xUqtyOLQyUMMROpVgBuRn53OZzaOq1mrhSeME8XJ9K4lxZzPk1IgE0tJntXmtccIRDZJhIXtk=
x-amz-meta-s3b-last-modified
20191011T183059Z
qvc_01092023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/qvc_01092023.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
93b1419f0dff06830a9b6263098bf438556b891a556baf1b2acbcdc93c6d2c9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Thu, 05 Jan 2023 21:13:37 GMT
Server
AmazonS3
x-amz-request-id
M3XB8ES7QDVB95T2
ETag
"fa75c3ebc86b8b2977c5c24d63888508"
x-amz-meta-sha256
93b1419f0dff06830a9b6263098bf438556b891a556baf1b2acbcdc93c6d2c9d
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
29762
x-amz-id-2
hxkCGjXaKTC93yP4MPbzPWvFp7nZFCswIreGuD1cw2O3WC6H96Umv/wdsDJHReg2BO/nQDEA3wQ=
x-amz-meta-s3b-last-modified
20230105T211000Z
blue_mercury_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/blue_mercury_logo.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c3578188447f0f73304df65e4350df39c77e57f6d56d93b831e1f74497f575b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 20:20:18 GMT
Server
AmazonS3
x-amz-request-id
M3X0WCB7TW9R7Y1Q
ETag
"36e3e92fcc8304bc9b6c7e570ccb562d"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
4133
x-amz-id-2
alZBIucxrR9N83q7Z/8Tt3uetDiKfzioyyIZ3j7UXDJpYG2LN3mLwhWhNOevv3y1Mt8wGDzaNUw=
x-amz-meta-s3b-last-modified
20190531T213100Z
perricone_logo.gif
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/perricone_logo.gif
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Wed, 06 Nov 2019 20:42:47 GMT
Server
AmazonS3
x-amz-request-id
M3X57JE2QWXZV0Q3
ETag
"135b9afa93ecc58a4bdabf8a918a2f98"
x-amz-meta-sha256
3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
2836
x-amz-id-2
sr2ofXhA+hPSvVmPteXv1jgiFSSHrtF2cAad2Ext4G0OaVwFUBeKXnb8sIC2iH6C/MtODI3halE=
x-amz-meta-s3b-last-modified
20170120T202800Z
michael_kors_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/michael_kors_logo.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0bf3b91af0a370fc755132557ae84fbe69ab11367c846eb762d2928daa9260ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 20:20:44 GMT
Server
AmazonS3
x-amz-request-id
M3X3VK4TXR40KCSG
ETag
"d3858b8e08d1682b2d3b91da82c987de"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
6146
x-amz-id-2
eKo7+x2P4BybQFmUQnGcicRfUtcmcpSWu8GvfhfUiNMF/0dx/8vLXo1rt4zX4hVcbSl93l/hHb4=
x-amz-meta-s3b-last-modified
20181019T231300Z
home_depot_logo_2018.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/home_depot_logo_2018.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ea29bb23409df6f6bfa3314b80f195edccbf845a80204cd33fe48a9907f2e1a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 20:20:35 GMT
Server
AmazonS3
x-amz-request-id
M3XF0NSCQ238BE9X
ETag
"bddcf867bf28ed9bc03cff680a732d2e"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
7822
x-amz-id-2
gbszb59HQ5sQrkjt/xBbSCIY2B15jHxJw6oM9n3WsU6rwxkTOJm00yGt7uBzhZTnNwPxu8ZsQ0U=
x-amz-meta-s3b-last-modified
20181015T233400Z
ihg_logo_2021.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/ihg_logo_2021.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Fri, 30 Apr 2021 19:24:47 GMT
Server
AmazonS3
x-amz-request-id
M3X8KKZNRKDCHT11
ETag
"d16595a6fb197d881aacffded688e43f"
x-amz-meta-sha256
ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
3336
x-amz-id-2
5JlSUOYBp+vb8vEmKIyaDMMrYKIrl2HDIIJl8LchOdaBqShKGyFsa6gG/PrtyBiE0llVpWNUpeA=
x-amz-meta-s3b-last-modified
20210430T192439Z
foreo_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/foreo_logo.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5011efc890d0b05c1cfaf166c4cbc524ad16ff24fddd9cf57507dfe1d0e0d66f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 20:20:31 GMT
Server
AmazonS3
x-amz-request-id
M3X775S2F75PE4BF
ETag
"921f363c2d819687535fe42d57c6a589"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
23158
x-amz-id-2
r/zSEKly5rGIcMJQrhx10LZvRz2ESrPnfAGQt5xuN7HOsrKIiFWsx3nOggSkQG5T+QiTOhGWKLw=
x-amz-meta-s3b-last-modified
20181123T213000Z
mountain_steals_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/mountain_steals_logo.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
959ab9ec5db43c1bf36a23cd6738f812ea200af71d4d31e5e39d480b6ca1c2a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Fri, 28 Feb 2020 22:26:06 GMT
Server
AmazonS3
x-amz-request-id
M3X6A399826R969A
ETag
"52f44f71fcdd8500972aeb633f7aebdb"
x-amz-meta-sha256
959ab9ec5db43c1bf36a23cd6738f812ea200af71d4d31e5e39d480b6ca1c2a8
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
7404
x-amz-id-2
ZZebqQApaOUrFQrxyQ7xELtGrer7b/s2/Fp88Hcv+Fd+RCNAJksgIaae0uMq+5jMtlALbRjSn8E=
x-amz-meta-s3b-last-modified
20200120T222039Z
moosejaw_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.weekly.deals/moosejaw_logo.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ef7f4fbb977f1abb7f000d0963ec49ebc25aea4145489099d79d331ad462210c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 20:20:44 GMT
Server
AmazonS3
x-amz-request-id
M3XB8751KV20SW2K
ETag
"f54c26e1467d668cd5ee808261ddcda3"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
2032
x-amz-id-2
8XouY0msOhvLJ6zTtwWm9P+sdC9I1cUrn3wLC5OyqttV6KI5WlmoWt/v0fXI2By0cjrxkWzzwj4=
x-amz-meta-s3b-last-modified
20190412T193700Z
heartland_vet_supply_88x31.gif
s3.amazonaws.com/mr.logos.1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.1/heartland_vet_supply_88x31.gif
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8e90680f1d367087654b0a4fffe5d22d9dd20712ede0978bf141b7316dcf3079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 05:02:19 GMT
Server
AmazonS3
x-amz-request-id
M3X2FHFV11DTG758
ETag
"e41bca2ab9adfebe763ddb987f6f6431"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
1681
x-amz-id-2
SGUZBiuMdk2Dv+qvEq+nAIQBc1ecGEfWVfkgkoReF6hTYd1SosOrTg3jM8/pkOrAad8tc6Wr2ao=
x-amz-meta-s3b-last-modified
20180117T202500Z
forsake_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.logos.1/forsake_88x31.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
54e65263fb3807d5262799930ce52abf405d7121da81f6e78d1a6a8d197bc89e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Thu, 05 Jan 2023 16:54:07 GMT
Server
AmazonS3
x-amz-request-id
M3XB91HP6TCZ52FY
ETag
"2533b002c1565026aca500ffea741776"
x-amz-meta-sha256
54e65263fb3807d5262799930ce52abf405d7121da81f6e78d1a6a8d197bc89e
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1721
x-amz-id-2
Wrh7lInQscHmSoiLAxIX32AFT++UfeNtU4fwPmqepGYzWjC3Qb+kJA8UWMThRhlLWSpLWGVQ7cg=
x-amz-meta-s3b-last-modified
20230105T165317Z
scan_my_photos_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.logos.1/scan_my_photos_88x31.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
809ad796fb5d511336069f24c92cfa684d37c1f5d7aae2e7a70123ffac56393f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 03 Jan 2023 22:35:30 GMT
Server
AmazonS3
x-amz-request-id
M3XCP3SHCXNRY2CY
ETag
"8fa00abb26a55de0740a5d1e813a0165"
x-amz-meta-sha256
809ad796fb5d511336069f24c92cfa684d37c1f5d7aae2e7a70123ffac56393f
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2754
x-amz-id-2
GIqfN66Cxpg2ICR+OHEo7sZXZb32R+MPqenSEnXqJeb9SBfWwv9TJXRvS/GaBQnlrN8qI3XOKwQ=
x-amz-meta-s3b-last-modified
20230103T223443Z
spine_align.png
s3.amazonaws.com/mr.logos.1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.1/spine_align.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
67b447d387d0948ae923d8e0d55ab83c80fd48b21594929b03871118c72ade37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 05:07:57 GMT
Server
AmazonS3
x-amz-request-id
M3XCT8YHDH2XB3FB
ETag
"ccdae15bcc37ccd673f04a6774742d0b"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2796
x-amz-id-2
TmomHqsH634EO8RHJvXSvAaI3YzpyM2Pwg3rPUpMq6D5+FMDZ8JUXma96G42Wk74bI8sgUDnrUY=
x-amz-meta-s3b-last-modified
20190729T222100Z
marathon_sports_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 		831 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.us-east-1.amazonaws.com/mr.logos.1/marathon_sports_88x31.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.67.102 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
d117bc0d50b4412ee2c3cf5f2a2abf5b866fe2f721c629bd8bd9c9271cc9ae70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Wed, 14 Dec 2022 21:21:14 GMT
Server
AmazonS3
x-amz-request-id
M3XBQ7KX33TE6CGA
ETag
"119309b357c60c38992cc4cf884ac292"
x-amz-meta-sha256
d117bc0d50b4412ee2c3cf5f2a2abf5b866fe2f721c629bd8bd9c9271cc9ae70
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
831
x-amz-id-2
3lNZf6Gw5xYfOBnpZIHTXq7Qs5WNuY+xLNtCFzjcvjKxBI8hyIZAzwz4XW0rzOVCrwiNtldLx+I=
x-amz-meta-s3b-last-modified
20221214T212104Z
brandless_88x31.jpg
s3.amazonaws.com/mr.logos.1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.logos.1/brandless_88x31.jpg
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
64c0295ac11b003cae232121b9326f7a102d66787f856b32232e0314f15e046a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Tue, 08 Oct 2019 04:58:35 GMT
Server
AmazonS3
x-amz-request-id
M3X56WPGGAGQY5SY
ETag
"3f759facfb0fb959e56bd1b711ea3d94"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1857
x-amz-id-2
NhdPBJ2DROKtKg39DrQCy9e2KIJ7vLFbrn31KyXatI2vapmCMErJFVyCtrnl6y3NHkvHrFGE1Xs=
x-amz-meta-s3b-last-modified
20181101T192200Z
Chrome_Icon_tiny.png
s3.amazonaws.com/mr.basics/ 		493 B
897 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.basics/Chrome_Icon_tiny.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Mon, 11 Nov 2019 21:11:58 GMT
Server
AmazonS3
x-amz-request-id
M3XE1YJ2J0K3JWT4
ETag
"2dd7917117914767d869c2100764e9e6"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
493
x-amz-id-2
mC0IU5oxjnImp4CpfNsCdJpg0HqEBlISPci5+urrTz2BqRryM3X0mpvyjg4ohBTHv4dbeMPn4C8=
x-amz-meta-s3b-last-modified
20171201T203000Z
jquery.js
www.mrrebates.com/js/vendor/ 		83 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/vendor/jquery.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:28:03 GMT
Server
Microsoft-IIS/7.0
ETag
"4792cb55f833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
38298
jquery.min.js
www.mrrebates.com/js/vendor/ 		82 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/vendor/jquery.min.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:28:02 GMT
Server
Microsoft-IIS/7.0
ETag
"e7d83055f833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
37750
what-input.min.js
www.mrrebates.com/js/vendor/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/vendor/what-input.min.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:28:01 GMT
Server
Microsoft-IIS/7.0
ETag
"871f9654f833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
995
foundation.min.js
www.mrrebates.com/js/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/foundation.min.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:27:18 GMT
Server
Microsoft-IIS/7.0
ETag
"2722493bf833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
31728
app.js
www.mrrebates.com/js/ 		25 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/app.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:27:20 GMT
Server
Microsoft-IIS/7.0
ETag
"27b1403cf833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
142
foundation.equalizer.js
www.mrrebates.com/js/foundation/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/foundation/foundation.equalizer.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:27:45 GMT
Server
Microsoft-IIS/7.0
ETag
"c78584bf833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1260
foundation.dropdown.js
www.mrrebates.com/js/foundation/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/foundation/foundation.dropdown.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:27:46 GMT
Server
Microsoft-IIS/7.0
ETag
"e784f74bf833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
3589
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 05 Jan 2023 11:25:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33576
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Jan 2024 11:25:14 GMT
jquery.autocompleter.js
www.mrrebates.com/js/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/jquery.autocompleter.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:27:17 GMT
Server
Microsoft-IIS/7.0
ETag
"8720a03af833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
8889
ac_stores.js
www.mrrebates.com/js/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/ac_stores.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
d1a5577d110e49e7c37b926f39a39329ea1ec2198af54c469559899d4ccdecf5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:47:58 GMT
Server
Microsoft-IIS/7.0
ETag
"fb38e562e924d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
29878
ac_create.js
www.mrrebates.com/js/ 		1 KB
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/js/ac_create.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/Default.asp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Nov 2016 04:27:19 GMT
Server
Microsoft-IIS/7.0
ETag
"67acc93bf833d21:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
457
43b83f81b3c085a4cb6db4ed98b96827.js
eu.cookie-script.com/s/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.cookie-script.com/s/43b83f81b3c085a4cb6db4ed98b96827.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.14.184.154 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 10 Jan 2023 13:23:49 GMT
content-encoding
gzip
last-modified
Mon, 09 Jan 2023 13:53:37 GMT
x-cache-status
HIT
content-length
3709
content-type
application/javascript
mrjoinnow_back.png
s3.amazonaws.com/mr.basics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mr.basics/mrjoinnow_back.png
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/css/app_06_20_22.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.235.232 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8d6ca7215271d6591cdc77453bff45189926b0e64d4513ade7a25c090ad3ec63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:51 GMT
Last-Modified
Thu, 05 Nov 2020 01:32:13 GMT
Server
AmazonS3
x-amz-request-id
M3X80Y3HWHHQM98C
ETag
"023463bc1c98c9979780d45985c79318"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1036
x-amz-id-2
vbLVhGExl+xB7qAy6b5Gr0Xhqb8zreibmlTr0kD8y0G98PCNMb7RDln1WL3AjB/kfcrL+5xCuDg=
x-amz-meta-s3b-last-modified
20161111T183900Z
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrrebates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 06 Jan 2023 06:43:52 GMT
x-content-type-options
nosniff
age
369598
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26100
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:41:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jan 2024 06:43:52 GMT
8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2
fonts.gstatic.com/s/baloopaaji/v21/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baloopaaji/v21/8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baloo+Paaji
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrrebates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 08 Jan 2023 14:15:50 GMT
x-content-type-options
nosniff
age
169680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25900
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:14:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 08 Jan 2024 14:15:50 GMT
foundation-icons.woff
www.mrrebates.com/css/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mrrebates.com/css/foundation-icons.woff
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/css/foundation-icons.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
64.106.178.205 , United States, ASN14492 (DATAPIPE, US),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.mrrebates.com/css/foundation-icons.css
Origin
https://www.mrrebates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 10 Jan 2023 13:23:49 GMT
Last-Modified
Sat, 14 Oct 2017 05:05:37 GMT
Server
Microsoft-IIS/7.0
ETag
"a386913aa44d31:0"
X-Powered-By
ASP.NET
X-Frame-Options
SAMEORIGIN
Content-Type
application/x-font-woff
Accept-Ranges
bytes
Content-Length
32020
u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2
fonts.gstatic.com/s/cabin/v26/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v26/u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrrebates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 07 Jan 2023 18:07:42 GMT
x-content-type-options
nosniff
age
242168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16732
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:42:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 18:07:42 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mrrebates.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 10 Jan 2023 12:21:39 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3731
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 10 Jan 2023 14:21:39 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=532680279&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr....
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=2114193236.1673357031&jid=544181137&_v=5.7.2&z=532680279
35 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=2114193236.1673357031&jid=544181137&_v=5.7.2&z=532680279
Requested by
Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol
H2
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrrebates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 10 Jan 2023 13:23:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 10 Jan 2023 13:23:50 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=2114193236.1673357031&jid=544181137&_v=5.7.2&z=532680279
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
368
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| pu function| popInfo function| popQCInfo function| fb function| ef function| rs function| rrs function| asf function| acf function| NewWindow function| $ function| jQuery object| whatInput object| Foundation object| stores string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal function| csCookies object| cookieScriptWindow object| cookieScripts string| cookieScriptSrc function| cookieQuery string| cookieScriptPosition string| cookieScriptSide string| cookieScriptSource string| cookieScriptDomain string| cookieScriptReadMore string| cookieId number| cookieScriptDebug boolean| cookieScriptShowBadge string| cookieScriptCurrentUrl string| cookieScriptTitle string| cookieScriptDesc string| cookieScriptAccept string| cookieScriptMore string| cookieScriptReject string| cookieScriptCopyrights function| cookieScriptLoadJavaScript function| InjectCookieScript undefined| Cookies number| cookieScriptDropfromFlag number| cookieScriptDroptoFlag string| cookieScriptStatsDomain function| cookieScriptCreateCookie function| cookieScriptReadCookie function| cookieScriptAddBox object| cookieScriptCurrentValue

0 Cookies

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.mrrebates.com/Default.asp(Line 600)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.mrrebates.com/Default.asp(Line 600)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
eu.cookie-script.com
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.mrrebates.com
www.travis.com
185.14.184.154
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
2a00:1450:400d:806::2008
2a00:1450:4025:401::9c
52.217.235.232
52.217.67.102
64.106.178.205
69.163.153.22
074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d
0bf3b91af0a370fc755132557ae84fbe69ab11367c846eb762d2928daa9260ce
0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14e201c29cbdde20437efc6ef0435f4cd99e4110a720a8866130ee8200255ca4
19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48
1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9
1ab7335e6fdfb08c11cdfac093c831d27fa6866205dcca835127565015eac0b5
1b2d87042736b98b6c5a6b808dfca1a355a36c5fd70ea7d7d432d082ed9e4e24
1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca
2835d845173f23524c73c47d8f8a6f0173a8c5304da768d207b5f0dcfb67bff4
3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e
3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8
40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be
4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9
439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375
49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2
5011efc890d0b05c1cfaf166c4cbc524ad16ff24fddd9cf57507dfe1d0e0d66f
54e65263fb3807d5262799930ce52abf405d7121da81f6e78d1a6a8d197bc89e
55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90
5ca2c966eab56fcec3bafc6f7fb3b9e5ee7be60770011c50d01772a213bda9b5
608c741d90aeddbe75ba154c3939f0ff93889e0a47cbcd062b9add1954f096f4
610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8
64c0295ac11b003cae232121b9326f7a102d66787f856b32232e0314f15e046a
67b447d387d0948ae923d8e0d55ab83c80fd48b21594929b03871118c72ade37
70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e
809ad796fb5d511336069f24c92cfa684d37c1f5d7aae2e7a70123ffac56393f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b23bf553156bcc6f98e0d59a9b3219011ff459f803847692b5d454f131e1042
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8d6ca7215271d6591cdc77453bff45189926b0e64d4513ade7a25c090ad3ec63
8e90680f1d367087654b0a4fffe5d22d9dd20712ede0978bf141b7316dcf3079
8eb0f03cf4eedb3de632c3f2805fdbf36304d7b3dfc12fa2dc1180499acf8fd9
93b1419f0dff06830a9b6263098bf438556b891a556baf1b2acbcdc93c6d2c9d
94ff552a3ed464e2f926cef32831ead100c8f7440edd8f74d0e86857de7dc2d7
959ab9ec5db43c1bf36a23cd6738f812ea200af71d4d31e5e39d480b6ca1c2a8
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801
9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e
a0a8351324488190ce546620fdd8419be62e8833e2c266d188253fc8987eb898
a6b326845a38987eec16bae46ddb82adb92e5c241289c590c6c3fc483d5f4c2b
adbf541589e53494de940d17e3cd18a7c95438a49fefc8239f420536def049ad
aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee
c3578188447f0f73304df65e4350df39c77e57f6d56d93b831e1f74497f575b9
d117bc0d50b4412ee2c3cf5f2a2abf5b866fe2f721c629bd8bd9c9271cc9ae70
d1a5577d110e49e7c37b926f39a39329ea1ec2198af54c469559899d4ccdecf5
d395131eb0423d0ab744514b3519df008038a5438c08cd33f748e68ce6fff9f5
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9
e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3
e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3
ea29bb23409df6f6bfa3314b80f195edccbf845a80204cd33fe48a9907f2e1a3
ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
ef7f4fbb977f1abb7f000d0963ec49ebc25aea4145489099d79d331ad462210c
f7908da05a461f55cdf943e69bacc4fb8c21e112354b432905ea961cfd0cc971
f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde