urlscan.io logo urlscan.io
SecurityTrails logo

cashbackalert.net Open in urlscan Pro
2606:4700:3033::ac43:a5ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fmbankmarinette.com/
Effective URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Submission: On July 06 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3033::ac43:a5ab, located in United States and belongs to CLOUDFLARENET, US. The main domain is cashbackalert.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.
This is the only time cashbackalert.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
fmbankmarinette.com
2    108.168.193.189 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
mybetterck.com
p374591.mybetterck.com
6    2606:4700:3033::ac43:a5ab (United States)

ASN13335 (CLOUDFLARENET, US)
cashbackalert.net
1    2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t1.gstatic.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t2.gstatic.com
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t3.gstatic.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t0.gstatic.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.186.241.51 (None, )

ASN- ()
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
8 gstatic.com
t1.gstatic.com
t2.gstatic.com
t3.gstatic.com
t0.gstatic.com
fonts.gstatic.com
44 KB
7 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3472
72 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 8
1 KB
6 cashbackalert.net
cashbackalert.net
8 KB
2 mybetterck.com
mybetterck.com — Cisco Umbrella Rank: 66229
p374591.mybetterck.com
1 KB
1 mixpanel.com
api-js.mixpanel.com
372 B
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 4426
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 fmbankmarinette.com
fmbankmarinette.com
2 KB
23 9
Domain Requested by
7 mc.yandex.ru 1 redirects cashbackalert.net
mc.yandex.ru
7 www.google.com 7 redirects
6 cashbackalert.net 1 redirects p374591.mybetterck.com
cashbackalert.net
4 t2.gstatic.com cashbackalert.net
1 api-js.mixpanel.com cdn.mxpnl.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.mxpnl.com cashbackalert.net
1 t0.gstatic.com cashbackalert.net
1 t3.gstatic.com cashbackalert.net
1 t1.gstatic.com cashbackalert.net
1 fonts.googleapis.com cashbackalert.net
1 p374591.mybetterck.com
1 mybetterck.com 1 redirects
1 fmbankmarinette.com 1 redirects
23 14

This site contains links to these domains. Also see Links.

Domain
forms.gle
Subject Issuer Validity Valid
*.mybetterck.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-06 -
2023-02-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-20 -
2022-09-12		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.mixpanel.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-28 -
2023-04-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Frame ID: 4919ECD89E3EF51307D0F920A4FBD254
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

fmbankmarinette.com

Page URL History Show full URLs

  1. http://fmbankmarinette.com/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oL14siUQTSg5WPLg4Sv_Eeo-o1L7q1b... HTTP 302
    https://p374591.mybetterck.com/adServe/domainClick?ai=W6LwHsBtbbG5uOxBv24AuCCrRzMqiew9pGpHmdKQMa2uYYs8-pZ0b... Page URL
  2. https://cashbackalert.net/didyouknow/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com HTTP 302
    https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

23
Requests

65 %
HTTPS

85 %
IPv6

9
Domains

14
Subdomains

11
IPs

4
Countries

142 kB
Transfer

318 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fmbankmarinette.com/ HTTP 302
    https://mybetterck.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oL14siUQTSg5WPLg4Sv_Eeo-o1L7q1bAy-yffuRLUYpqURv-lOIakE3DuHqv5YEePP6IkCbg7sKEvYHBXOP_rLZRBZh6hiaVCNmEqAJIny0Jgy41APW-6MwKln2qeMlLf4jx9U83IgdUIOgGVA0c_W4zhF-IhhnIVNLqpix-mxgdpt3wf5pgjHu03giCrYIn9xYvzJz1O4Z03d0FkeWTssB7c3KczxLwUYwyNRfdAwwVGhefMmGlYXhA4yj6uc_BgoJowtGimBqvf9mYE7DuF1RT013oV-oPJlm5iBnac5eoUs44750Y2n_cGDeHHAzsKjjE7ZnrXb5iuq9X6qdH7tSH66CBKe-I5kOP7ydSQLeAgqO5WLBWlxbZ5MDZuUJpcm-Y_DToNV2YFu_FpCU5loFAi2ycq_6PF8CfkOZdlF2LtlOTqLnhfXtBtGG_KNs0xYwRW7HqZ_Vudie0d88iJD6e0RirDKmO1bEE93CWFNxqeRo4QOC6wKPTkswTCEkmj1VpQIZPTAG_AHsKP2IxW8GILqYL85A2V3Ek-ZrjSLarioc8XFgZ6p1rQd4KtfYu22ug-jVuTTFBt8f0WhZUBTUf_7xA7oNNL0PeHa-_mIorSiPsZqsXRMewFzwM4h4aOqg20Db9oOYyMrfE43kIo3UZMEQ1IxiNxRlr6TujevHYQhQyJhha7INZS4XkO1bByRzY4koFXTQkArAahzCoN35EjslWMr5HbsExYScfQl6qXfBIbl7CB6ePvTqxy2YS9x7aEGQhfJUP-W36EOjHNgXyIq7oMJggQFWhN0ejCw9YPtfFBrKlnH7DUyBYaJqEAH4jj5EmaN7KrWz_pI3_0G3iZJ7oUoyrlfNVloe-SqYzuP0Jox4yBDU-tyxqXOYcqsA7wBOEp4RursFWAq8toRGJuDKEqak22bTx37XiLkVBC22jrfeEIvGu5mHSollN8_R_t7s-Wbdx2iW8yKyuTfRJpQ2ge7Uo-9Z8QWW7j6bn4GMSBKAdhU8Q2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJIUhHKk_BRrlDbWzalx6dCAYti_uAjrFnU5SD-abU_6WLskb_1GsPToShw_thgXA1XlrC6mLe1LX1Up6cjWcS5xmgJ8GQk1n6cSun59fN2HnlcD7KHyxQwC9hY0C-p2y3JTri4_IrM4T0sNHZVPPN72z0NmTUQSufEPYUcNlpPzzbyBq8g6VkOjnVo_g3WVnEWAV3ZKdO4mPAUjUradab4ChCS1nmevMLaKHD-2GBcDVfntdHc3Ir0ZtiAbtp9NeTI HTTP 302
    https://p374591.mybetterck.com/adServe/domainClick?ai=W6LwHsBtbbG5uOxBv24AuCCrRzMqiew9pGpHmdKQMa2uYYs8-pZ0b_zrtSGNAreXk4oNaEcD2s_eqnHDDQnBgQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSB1aP4N1lZxFgFd2SnTuJjwZT4gk-eVXV_uLljrvxIndYlGBsQPMJzMio-gb-W3_ikhumpGaDNJ0nikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwgyRswabCJl7NgFU2YrVLa1WRK0yq7uaYAs_FSTmdFbq6m8vL8C7E1Xdy8OPcb6-mKckHCbqzhSXCra8TILhQEhi-Dsqqqt62Htq9UhtWn1Rc&si=1&oref=99cd428ee65a350f16946a1f0d03186f&optunit=6mUVH0eW5AcZdEZP-9DI3OiYnnC3Du8g&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0 Page URL
  2. https://cashbackalert.net/didyouknow/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com HTTP 302
    https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://fmbankmarinette.com/ HTTP 302
  • https://mybetterck.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oL14siUQTSg5WPLg4Sv_Eeo-o1L7q1bAy-yffuRLUYpqURv-lOIakE3DuHqv5YEePP6IkCbg7sKEvYHBXOP_rLZRBZh6hiaVCNmEqAJIny0Jgy41APW-6MwKln2qeMlLf4jx9U83IgdUIOgGVA0c_W4zhF-IhhnIVNLqpix-mxgdpt3wf5pgjHu03giCrYIn9xYvzJz1O4Z03d0FkeWTssB7c3KczxLwUYwyNRfdAwwVGhefMmGlYXhA4yj6uc_BgoJowtGimBqvf9mYE7DuF1RT013oV-oPJlm5iBnac5eoUs44750Y2n_cGDeHHAzsKjjE7ZnrXb5iuq9X6qdH7tSH66CBKe-I5kOP7ydSQLeAgqO5WLBWlxbZ5MDZuUJpcm-Y_DToNV2YFu_FpCU5loFAi2ycq_6PF8CfkOZdlF2LtlOTqLnhfXtBtGG_KNs0xYwRW7HqZ_Vudie0d88iJD6e0RirDKmO1bEE93CWFNxqeRo4QOC6wKPTkswTCEkmj1VpQIZPTAG_AHsKP2IxW8GILqYL85A2V3Ek-ZrjSLarioc8XFgZ6p1rQd4KtfYu22ug-jVuTTFBt8f0WhZUBTUf_7xA7oNNL0PeHa-_mIorSiPsZqsXRMewFzwM4h4aOqg20Db9oOYyMrfE43kIo3UZMEQ1IxiNxRlr6TujevHYQhQyJhha7INZS4XkO1bByRzY4koFXTQkArAahzCoN35EjslWMr5HbsExYScfQl6qXfBIbl7CB6ePvTqxy2YS9x7aEGQhfJUP-W36EOjHNgXyIq7oMJggQFWhN0ejCw9YPtfFBrKlnH7DUyBYaJqEAH4jj5EmaN7KrWz_pI3_0G3iZJ7oUoyrlfNVloe-SqYzuP0Jox4yBDU-tyxqXOYcqsA7wBOEp4RursFWAq8toRGJuDKEqak22bTx37XiLkVBC22jrfeEIvGu5mHSollN8_R_t7s-Wbdx2iW8yKyuTfRJpQ2ge7Uo-9Z8QWW7j6bn4GMSBKAdhU8Q2VuoNeNSdBVDDgrUT4dOz4V5q3rSKM3NQG0tD0l2adFcezebfb8QRpP3LxTo2OwrMtwo6kBcJIUhHKk_BRrlDbWzalx6dCAYti_uAjrFnU5SD-abU_6WLskb_1GsPToShw_thgXA1XlrC6mLe1LX1Up6cjWcS5xmgJ8GQk1n6cSun59fN2HnlcD7KHyxQwC9hY0C-p2y3JTri4_IrM4T0sNHZVPPN72z0NmTUQSufEPYUcNlpPzzbyBq8g6VkOjnVo_g3WVnEWAV3ZKdO4mPAUjUradab4ChCS1nmevMLaKHD-2GBcDVfntdHc3Ir0ZtiAbtp9NeTI HTTP 302
  • https://p374591.mybetterck.com/adServe/domainClick?ai=W6LwHsBtbbG5uOxBv24AuCCrRzMqiew9pGpHmdKQMa2uYYs8-pZ0b_zrtSGNAreXk4oNaEcD2s_eqnHDDQnBgQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSB1aP4N1lZxFgFd2SnTuJjwZT4gk-eVXV_uLljrvxIndYlGBsQPMJzMio-gb-W3_ikhumpGaDNJ0nikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwgyRswabCJl7NgFU2YrVLa1WRK0yq7uaYAs_FSTmdFbq6m8vL8C7E1Xdy8OPcb6-mKckHCbqzhSXCra8TILhQEhi-Dsqqqt62Htq9UhtWn1Rc&si=1&oref=99cd428ee65a350f16946a1f0d03186f&optunit=6mUVH0eW5AcZdEZP-9DI3OiYnnC3Du8g&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Request Chain 3
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://walmart.com/ HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://walmart.com/&size=64
Request Chain 4
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://bestbuy.com/ HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bestbuy.com/&size=64
Request Chain 5
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://kohls.com/ HTTP 301
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://kohls.com/&size=64
Request Chain 6
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://iherb.com/ HTTP 301
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iherb.com/&size=64
Request Chain 7
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://target.com/ HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://target.com/&size=64
Request Chain 8
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://carters.com/ HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://carters.com/&size=64
Request Chain 9
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://gap.com/ HTTP 301
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gap.com/&size=64
Request Chain 16
  • https://mc.yandex.ru/watch/85145467?wmode=7&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A691896996544%3Ahid%3A258243160%3Az%3A0%3Ai%3A20220706125611%3Aet%3A1657112171%3Ac%3A1%3Arn%3A466549276%3Arqn%3A1%3Au%3A1657112171754063984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657112169997%3Ads%3A0%2C0%2C301%2C1%2C202%2C202%2C1%2C128%2C0%2C%2C%2C%2C633%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657112171%3At%3Afmbankmarinette.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/85145467/1?wmode=7&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A691896996544%3Ahid%3A258243160%3Az%3A0%3Ai%3A20220706125611%3Aet%3A1657112171%3Ac%3A1%3Arn%3A466549276%3Arqn%3A1%3Au%3A1657112171754063984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657112169997%3Ads%3A0%2C0%2C301%2C1%2C202%2C202%2C1%2C128%2C0%2C%2C%2C%2C633%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657112171%3At%3Afmbankmarinette.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p374591.mybetterck.com/adServe/
Redirect Chain
  • http://fmbankmarinette.com/
  • https://mybetterck.com/aS/feedclick?s=gOFibdQ_reeRL2-jLAoMi1-L-OG5P5oL14siUQTSg5WPLg4Sv_Eeo-o1L7q1bAy-yffuRLUYpqURv-lOIakE3DuHqv5YEePP6IkCbg7sKEvYHBXOP_rLZRBZh6hiaVCNmEqAJIny0Jgy41APW-6MwKln2qeMlLf...
  • https://p374591.mybetterck.com/adServe/domainClick?ai=W6LwHsBtbbG5uOxBv24AuCCrRzMqiew9pGpHmdKQMa2uYYs8-pZ0b_zrtSGNAreXk4oNaEcD2s_eqnHDDQnBgQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSB1aP4...
275 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p374591.mybetterck.com/adServe/domainClick?ai=W6LwHsBtbbG5uOxBv24AuCCrRzMqiew9pGpHmdKQMa2uYYs8-pZ0b_zrtSGNAreXk4oNaEcD2s_eqnHDDQnBgQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSB1aP4N1lZxFgFd2SnTuJjwZT4gk-eVXV_uLljrvxIndYlGBsQPMJzMio-gb-W3_ikhumpGaDNJ0nikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwgyRswabCJl7NgFU2YrVLa1WRK0yq7uaYAs_FSTmdFbq6m8vL8C7E1Xdy8OPcb6-mKckHCbqzhSXCra8TILhQEhi-Dsqqqt62Htq9UhtWn1Rc&si=1&oref=99cd428ee65a350f16946a1f0d03186f&optunit=6mUVH0eW5AcZdEZP-9DI3OiYnnC3Du8g&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.168.193.189 Dallas, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
bd.c1.a86c.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 06 Jul 2022 12:56:09 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 06 Jul 2022 12:56:09 GMT
location
https://p374591.mybetterck.com/adServe/domainClick?ai=W6LwHsBtbbG5uOxBv24AuCCrRzMqiew9pGpHmdKQMa2uYYs8-pZ0b_zrtSGNAreXk4oNaEcD2s_eqnHDDQnBgQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSB1aP4N1lZxFgFd2SnTuJjwZT4gk-eVXV_uLljrvxIndYlGBsQPMJzMio-gb-W3_ikhumpGaDNJ0nikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwgyRswabCJl7NgFU2YrVLa1WRK0yq7uaYAs_FSTmdFbq6m8vL8C7E1Xdy8OPcb6-mKckHCbqzhSXCra8TILhQEhi-Dsqqqt62Htq9UhtWn1Rc&si=1&oref=99cd428ee65a350f16946a1f0d03186f&optunit=6mUVH0eW5AcZdEZP-9DI3OiYnnC3Du8g&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
server
nginx
Primary Request /
cashbackalert.net/didyouknow/3/
Redirect Chain
  • https://cashbackalert.net/didyouknow/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com
  • https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Requested by
Host: p374591.mybetterck.com
URL: https://p374591.mybetterck.com/adServe/domainClick?ai=W6LwHsBtbbG5uOxBv24AuCCrRzMqiew9pGpHmdKQMa2uYYs8-pZ0b_zrtSGNAreXk4oNaEcD2s_eqnHDDQnBgQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXuSZG5kYBcSB1aP4N1lZxFgFd2SnTuJjwZT4gk-eVXV_uLljrvxIndYlGBsQPMJzMio-gb-W3_ikhumpGaDNJ0nikjAWvIHPKAN9Mp4i1-DgWn-F8pn0nQEDhknBrSU708Kx46MHlupAU0YSU699U-rM-hOHySnRLaygrY9BHdw_UdqdcHeTAytQNy0EHlsrgDOnEXZ7OoQmRFmgORM3pNC4OL1mnImvE_T1XpkVx2uomDW_olsHQNA&ui=4mm7HB0T_jnQKo9BxOvwgyRswabCJl7NgFU2YrVLa1WRK0yq7uaYAs_FSTmdFbq6m8vL8C7E1Xdy8OPcb6-mKckHCbqzhSXCra8TILhQEhi-Dsqqqt62Htq9UhtWn1Rc&si=1&oref=99cd428ee65a350f16946a1f0d03186f&optunit=6mUVH0eW5AcZdEZP-9DI3OiYnnC3Du8g&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.30
Resource Hash
dd959be23787b037699f0b48b762098f0d19dedeec804ea54500e893fe6251af

Request headers

Referer
https://p374591.mybetterck.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72687fb7efd9b77c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 12:56:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhKq5JTsfv2mzRe23mn7ffahlxq6WHzq6qEPI9Yits0XKpye%2Fh%2BpbVbhi35xYpylNlaSxO7d6XV4pR8v7imE0E0I8astClRzRmaK2ddmmv5pUGOfQHUnSwoYcDRi8MdWBLqm5ZTjtZCNOkORmBompw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.30

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72687fb70e73b77c-AMS
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 12:56:10 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAc1%2FLNGDoOurr%2FyNCbHIaary9XRadHMUIfZ3n%2FfkpVNew%2BD3N%2B5HpUuyDI2G%2Bfx8FbBhHumGx1OgYY1phBp3Ktm792VE1%2FaEmUeG85TeJH7y2TdIpwn7E4h7q%2FJYqOADGSkR%2FrPHKxgESrn%2BlApXA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.30
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700;900&display=swap
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de90af75b5bc05473858c0ffa8b0de81ba032734c937d39aa1652b75d6d667fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 12:56:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 12:56:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 12:56:10 GMT
imac-2.css
cashbackalert.net/didyouknow/3/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cashbackalert.net/didyouknow/3/imac-2.css?v12
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd0ff84ee17b82c8fccaaaf950a7cd88669e709592804a1844dfe123febda32

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:56:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2818
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 May 2022 11:26:55 GMT
server
cloudflare
etag
W/"627a4bff-cd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j7GUz5%2BfQSR4oUn6m0aW551K4mYfDYIzuk5%2FLCKtWT8CkBrS1XJFAwbH0DsxTSdordOhFPVeNbpBY3dp0FGr99iLwNRFGQ%2FrIORZfdEw62FwSg1BAd1CLZb2xwQo1wJ2mkRL284jESGIk%2FYZlbEKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
72687fb9cb780b4f-AMS
expires
Wed, 06 Jul 2022 12:25:28 GMT
faviconV2
t1.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://walmart.com/
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://walmart.com/&size=64
340 B
974 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://walmart.com/&size=64
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5eb5b67f2882d565fa6c555948f5f1f7e8178673bee0d468bae3c5c2db369158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 11:49:15 GMT
x-content-type-options
nosniff
age
90415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.walmart.com/favicon.ico
expires
Tue, 12 Jul 2022 11:49:15 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:41:28 GMT
x-content-type-options
nosniff
server
sffe
age
882
content-type
text/html; charset=UTF-8
location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://walmart.com/&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
333
x-xss-protection
0
expires
Wed, 06 Jul 2022 13:11:28 GMT
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://bestbuy.com/
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bestbuy.com/&size=64
343 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bestbuy.com/&size=64
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5591c5955711a7b6cf7204730225fedd1a5a11ac1a159e5470d191c230942d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:27:53 GMT
x-content-type-options
nosniff
age
300497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
last-modified
Sun, 24 Jun 2018 23:07:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://pisces.bbystatic.com/image2/BestBuy_US/Gallery/Favicon-152-72229.png
expires
Sun, 10 Jul 2022 01:27:53 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:41:28 GMT
x-content-type-options
nosniff
server
sffe
age
882
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://bestbuy.com/&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
333
x-xss-protection
0
expires
Wed, 06 Jul 2022 13:11:28 GMT
faviconV2
t3.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://kohls.com/
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://kohls.com/&size=64
340 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://kohls.com/&size=64
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66a75f5e5962f7900c2300703b9d3a17f0059646887826ef187366f484c0ed20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 10:19:27 GMT
x-content-type-options
nosniff
age
182203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
last-modified
Tue, 18 Jun 2019 15:18:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://m.kohls.com/images/favicon.ico
expires
Mon, 11 Jul 2022 10:19:27 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:41:28 GMT
x-content-type-options
nosniff
server
sffe
age
882
content-type
text/html; charset=UTF-8
location
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://kohls.com/&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
331
x-xss-protection
0
expires
Wed, 06 Jul 2022 13:11:28 GMT
faviconV2
t0.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://iherb.com/
  • https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iherb.com/&size=64
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iherb.com/&size=64
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f4725f8d17d51964201cb79475ad1520f001fa878897a7645969f75aa9b6e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 22:28:56 GMT
x-content-type-options
nosniff
age
484034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1611
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://s3.images-iherb.com/static/i/favicon-iherb/favicon.ico
expires
Thu, 07 Jul 2022 22:28:56 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:41:28 GMT
x-content-type-options
nosniff
server
sffe
age
882
content-type
text/html; charset=UTF-8
location
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://iherb.com/&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
331
x-xss-protection
0
expires
Wed, 06 Jul 2022 13:11:28 GMT
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://target.com/
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://target.com/&size=64
541 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://target.com/&size=64
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a1f9afbfd96da68812ecff736e2260f0dd98dff2d00a50f19e775a98b33f315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 19:19:10 GMT
x-content-type-options
nosniff
age
495420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
541
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://assets.targetimg1.com/static/images/favicon-96x96.png
expires
Thu, 07 Jul 2022 19:19:10 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:41:28 GMT
x-content-type-options
nosniff
server
sffe
age
882
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://target.com/&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Wed, 06 Jul 2022 13:11:28 GMT
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://carters.com/
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://carters.com/&size=64
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://carters.com/&size=64
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8d2170679a696e5f0af604abf024b1192c9bba3e7a687478ffa6f7b986c0764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 21:04:36 GMT
x-content-type-options
nosniff
age
316294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1370
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.carters.com/favicon.ico
expires
Sat, 09 Jul 2022 21:04:36 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:41:28 GMT
x-content-type-options
nosniff
server
sffe
age
882
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://carters.com/&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
333
x-xss-protection
0
expires
Wed, 06 Jul 2022 13:11:28 GMT
faviconV2
t2.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?sz=64&domain_url=https://gap.com/
  • https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gap.com/&size=64
846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gap.com/&size=64
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c4110c4c5593ad8c852b41f16321596a95ea3f7827064f803fd9909532aa6cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 20:18:07 GMT
x-content-type-options
nosniff
age
578283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Wed, 04 Aug 2021 18:01:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.gap.com/static_content/onesitecategory/components/mfe/sitewide-app/static/favicons/gap-apple-touch-icon-72x72-precomposed.png
expires
Wed, 06 Jul 2022 20:18:07 GMT

Redirect headers

date
Wed, 06 Jul 2022 12:41:28 GMT
x-content-type-options
nosniff
server
sffe
age
882
content-type
text/html; charset=UTF-8
location
https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://gap.com/&size=64
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Wed, 06 Jul 2022 13:11:28 GMT
tag.js
mc.yandex.ru/metrika/ 		204 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0a25764ebafab00789f01a4fa0e8607fca17a26a911dfeff24f97db959d8ac4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:56:10 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-11796"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71574
expires
Wed, 06 Jul 2022 13:56:10 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:50:49 GMT
content-encoding
gzip
age
321
x-guploader-uploadid
ADPycdt3Sn6CrFHyHzXxFN1ZXrQkvIVe-KM9gKWbZgYIq_4t92H5m_KqpQMVFnoiWC3ENjJ7G_HiFzeSsr_Xqlt_kziq3UHFJust
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17435
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
Accept-Encoding
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation
1645129310876382
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
17435
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 06 Jul 2022 13:00:49 GMT
imac-top-bg.svg
cashbackalert.net/didyouknow/3/img/ 		191 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashbackalert.net/didyouknow/3/img/imac-top-bg.svg?v1
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/imac-2.css?v12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f880e10153939735a341a306d5d56f6029016f49d4ffec78bdce82c8b452b95e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/didyouknow/3/imac-2.css?v12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:56:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2817
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 May 2022 09:14:29 GMT
server
cloudflare
etag
W/"627a2cf5-bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkRomAMa08l6GlN%2By%2BEcF6r0P6mDx8CbmNkmJvLRv7tlcwAmlG7%2B2JPdXS74UCapg7Uqra7vqmbUqG7OA6IRtfO2%2B8cwBNvQNv4orYbO8S1ucRUZ1ZwZKeAwuDC6weGHhDTE07VbTUt8BVYJAqpXeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
72687fba6c2c0b4f-AMS
expires
Wed, 06 Jul 2022 12:25:28 GMT
imac-tbottom-bg.svg
cashbackalert.net/didyouknow/3/img/ 		204 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashbackalert.net/didyouknow/3/img/imac-tbottom-bg.svg?v1
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/imac-2.css?v12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a60bc4697fdf051c3a47a0235c4a3c1e7ff7be294d3a9cba65127bba8a4f8a2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/didyouknow/3/imac-2.css?v12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:56:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2817
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 May 2022 09:14:29 GMT
server
cloudflare
etag
W/"627a2cf5-cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6S05r4A%2BObBT0rnBoIXiLegVrw%2F7GA8Z%2BRDTOntzK1C5j%2F0BX%2B2sI1yESs8zlKQW2S6KR9R2tT69V%2B7OHsKDqgbcyA6e4YZeE4KgZz7TmIvr9sL1xVkIamgDviNiKXJpUEsiExKVtXjciFQ%2BOfjUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
72687fba6c2d0b4f-AMS
expires
Wed, 06 Jul 2022 12:25:28 GMT
imac-arrow.svg
cashbackalert.net/didyouknow/3/img/ 		161 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cashbackalert.net/didyouknow/3/img/imac-arrow.svg
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/imac-2.css?v12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a5ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79acad335a53a52b135fc8d9e50d72d4de41fe5e175e12012f5067ca2b42ec91

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/didyouknow/3/imac-2.css?v12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:56:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2817
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 May 2022 09:14:29 GMT
server
cloudflare
etag
W/"627a2cf5-a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8%2FpsiGn8XnnEDbPV332L%2BnsrgT7PDa2MuIPHTNx9KRzlnUyxhGmMBQ2r%2B9yvA%2BPDX%2BmHPNY4pIcPadjsYmeaYwq333EyDv6H1laP9csJ3G91rdqXGal5V0xXxGd5FjB5HQ7uBwaw5r5xt3LafCfUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
72687fba6c2e0b4f-AMS
expires
Wed, 06 Jul 2022 12:25:28 GMT
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v24/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v24/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69b8ac258645cd62f67125ff4a3a5d997f93132e45ab6cf945a5152fbe0910b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://cashbackalert.net
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 16:03:13 GMT
x-content-type-options
nosniff
age
161577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35824
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:23:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 16:03:13 GMT
1
mc.yandex.ru/watch/85145467/
Redirect Chain
  • https://mc.yandex.ru/watch/85145467?wmode=7&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&charset=utf-8&browser...
  • https://mc.yandex.ru/watch/85145467/1?wmode=7&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&charset=utf-8&brows...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/85145467/1?wmode=7&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A691896996544%3Ahid%3A258243160%3Az%3A0%3Ai%3A20220706125611%3Aet%3A1657112171%3Ac%3A1%3Arn%3A466549276%3Arqn%3A1%3Au%3A1657112171754063984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657112169997%3Ads%3A0%2C0%2C301%2C1%2C202%2C202%2C1%2C128%2C0%2C%2C%2C%2C633%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657112171%3At%3Afmbankmarinette.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
76c2a6ef4f01aedd72b322252d9dc149e5dfc93fc83d3bc63ef0ff64b6410a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 12:56:11 GMT
x-content-type-options
nosniff
last-modified
Wed, 06-Jul-2022 12:56:11 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cashbackalert.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 12:56:11 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 12:56:11 GMT
last-modified
Wed, 06-Jul-2022 12:56:11 GMT
location
/watch/85145467/1?wmode=7&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afp%3A642%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A691896996544%3Ahid%3A258243160%3Az%3A0%3Ai%3A20220706125611%3Aet%3A1657112171%3Ac%3A1%3Arn%3A466549276%3Arqn%3A1%3Au%3A1657112171754063984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1657112169997%3Ads%3A0%2C0%2C301%2C1%2C202%2C202%2C1%2C128%2C0%2C%2C%2C%2C633%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1657112171%3At%3Afmbankmarinette.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://cashbackalert.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 12:56:11 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: cashbackalert.net
URL: https://cashbackalert.net/didyouknow/3/?tag=er&d=@@DOMAIN@@&e=fmbankmarinette.com&lp=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 12:56:11 GMT
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 06 Jul 2022 13:56:11 GMT
85145467
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/85145467?page-url=goal%3A%2F%2Fcashbackalert.net%2Fdomain_parking_load&page-ref=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A30shymy8l86zz21i1rs3c%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A1%3Als%3A691896996544%3Ahid%3A258243160%3Az%3A0%3Ai%3A20220706125611%3Aet%3A1657112171%3Ac%3A1%3Arn%3A744826337%3Arqn%3A2%3Au%3A1657112171754063984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1657112169997%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1104%2C1104%2C1%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1657112171%3At%3Afmbankmarinette.com&t=gdpr(14)mc(g-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cashbackalert.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 12:56:11 GMT
last-modified
Wed, 06-Jul-2022 12:56:11 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://cashbackalert.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 12:56:11 GMT
85145467
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/85145467?wmode=0&wv-part=1&wv-hit=258243160&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&rn=963904568&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1657112174%3Aw%3A1600x1200%3Av%3A832%3Az%3A0%3Ai%3A20220706125613%3Au%3A1657112171754063984%3Avf%3A30shymy8l86zz21i1rs3c%3Awe%3A1%3Ast%3A1657112174&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cashbackalert.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 12:56:13 GMT
last-modified
Wed, 06-Jul-2022 12:56:13 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://cashbackalert.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 12:56:13 GMT
85145467
mc.yandex.ru/webvisor/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/85145467?wmode=0&wv-part=1&wv-hit=258243160&page-url=https%3A%2F%2Fcashbackalert.net%2Fdidyouknow%2F3%2F%3Ftag%3Der%26d%3D%40%40DOMAIN%40%40%26e%3Dfmbankmarinette.com%26lp%3D3&rn=200449211&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1657112174%3Aw%3A1600x1200%3Av%3A832%3Az%3A0%3Ai%3A20220706125613%3Au%3A1657112171754063984%3Avf%3A30shymy8l86zz21i1rs3c%3Awe%3A1%3Ast%3A1657112174&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cashbackalert.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 12:56:13 GMT
last-modified
Wed, 06-Jul-2022 12:56:13 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://cashbackalert.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 06-Jul-2022 12:56:13 GMT
/
api-js.mixpanel.com/track/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1657112175706
Requested by
Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://cashbackalert.net/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 06 Jul 2022 12:56:15 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://cashbackalert.net
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
46
alt-svc
clear
content-length
25

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| ym object| mixpanel object| Ya object| yaCounter85145467

12 Cookies

Domain/Path Name / Value
.mybetterck.com/ Name: rhid
Value: 81617715904
.mybetterck.com/ Name: loi
Value: ad_1138135_off_582445_aff_88964_cid_374591-FMBANKMARINETTE.COM_ts_1657112169
.cashbackalert.net/ Name: mp_73b9410b2f15ee37b8bc9bdd587f0c32_mixpanel
Value: %7B%22distinct_id%22%3A%20%22181d39510d31a-070c9728f31782-1332317a-1d4c00-181d39510d4957%22%2C%22%24device_id%22%3A%20%22181d39510d31a-070c9728f31782-1332317a-1d4c00-181d39510d4957%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.cashbackalert.net/ Name: _ym_uid
Value: 1657112171754063984
.cashbackalert.net/ Name: _ym_d
Value: 1657112171
.yandex.ru/ Name: yandexuid
Value: 3892477751657112171
.yandex.ru/ Name: yuidss
Value: 3892477751657112171
mc.yandex.ru/ Name: yabs-sid
Value: 1788907501657112171
.yandex.ru/ Name: i
Value: FDaRkJA+dwGB/Cl/ByE2CpnCVJYGuRQqs6Zu66T6hRDaPlcxpUHjhLASB0tY42ochWd0FLD5VgXwpQX/1X9my3CsSO8=
.yandex.ru/ Name: ymex
Value: 1688648171.yrts.1657112171#1688648171.yrtsi.1657112171
.cashbackalert.net/ Name: _ym_isad
Value: 2
.cashbackalert.net/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
cashbackalert.net
cdn.mxpnl.com
fmbankmarinette.com
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.ru
mybetterck.com
p374591.mybetterck.com
t0.gstatic.com
t1.gstatic.com
t2.gstatic.com
t3.gstatic.com
www.google.com
108.168.193.189
2600:1901:0:bc29::
2606:4700:3033::ac43:a5ab
2a00:1450:4001:801::2003
2a00:1450:4001:802::2004
2a00:1450:4001:810::2004
2a00:1450:4001:813::2004
2a00:1450:4001:827::2004
2a00:1450:4001:830::2004
2a00:1450:400e:80e::200a
2a02:6b8::1:119
2a06:98c1:3121::3
35.186.241.51
0a25764ebafab00789f01a4fa0e8607fca17a26a911dfeff24f97db959d8ac4c
2a60bc4697fdf051c3a47a0235c4a3c1e7ff7be294d3a9cba65127bba8a4f8a2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a1f9afbfd96da68812ecff736e2260f0dd98dff2d00a50f19e775a98b33f315
5eb5b67f2882d565fa6c555948f5f1f7e8178673bee0d468bae3c5c2db369158
66a75f5e5962f7900c2300703b9d3a17f0059646887826ef187366f484c0ed20
69b8ac258645cd62f67125ff4a3a5d997f93132e45ab6cf945a5152fbe0910b2
6dd0ff84ee17b82c8fccaaaf950a7cd88669e709592804a1844dfe123febda32
76c2a6ef4f01aedd72b322252d9dc149e5dfc93fc83d3bc63ef0ff64b6410a3d
79acad335a53a52b135fc8d9e50d72d4de41fe5e175e12012f5067ca2b42ec91
7f4725f8d17d51964201cb79475ad1520f001fa878897a7645969f75aa9b6e36
9c4110c4c5593ad8c852b41f16321596a95ea3f7827064f803fd9909532aa6cf
d5591c5955711a7b6cf7204730225fedd1a5a11ac1a159e5470d191c230942d5
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
dd959be23787b037699f0b48b762098f0d19dedeec804ea54500e893fe6251af
de90af75b5bc05473858c0ffa8b0de81ba032734c937d39aa1652b75d6d667fd
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
f880e10153939735a341a306d5d56f6029016f49d4ffec78bdce82c8b452b95e
f8d2170679a696e5f0af604abf024b1192c9bba3e7a687478ffa6f7b986c0764