tomeran.net Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tomeran.net/
Submission Tags: tweet @ecarlesi #phishing #cloudflare Search All
Submission: On January 26 via api (January 26th 2023, 4:15:42 am UTC) from FI — Scanned from NL

Summary HTTP 35 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is tomeran.net.
TLS certificate: Issued by E1 on January 24th 2023. Valid for: 3 months.

This is the only time tomeran.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	216.104.233.144 216.104.233.144	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
2	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
35	6

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

tomeran.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 216.104.233.144 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)

mygift.giftcardmall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	giftcardmall.com mygift.giftcardmall.com — Cisco Umbrella Rank: 273830	4 MB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742	48 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	20 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	1 KB
1	tomeran.net tomeran.net	6 KB
35	6

	Domain	Requested by
26	mygift.giftcardmall.com	tomeran.net mygift.giftcardmall.com
3	maxcdn.bootstrapcdn.com	tomeran.net maxcdn.bootstrapcdn.com
2	www.google-analytics.com	tomeran.net www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tomeran.net
1	tomeran.net
35	6

This site contains links to these domains. Also see Links.

Domain
mygift.giftcardmall.com
www.giftcards.com
www.giftcardmall.com

Subject Issuer	Validity	Valid
*.tomeran.net E1	`2023-01-24` - `2023-04-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
mygift.giftcardmall.com DigiCert SHA2 Extended Validation Server CA	`2022-08-15` - `2023-09-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://tomeran.net/
Frame ID: E548D09F4465628D9808F301411AF101
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyGift Visa Gift Card

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

4030 kB
Transfer

4403 kB
Size

3
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://mygift.giftcardmall.com/

Search URL Search Domain Scan URL

URL: https://www.giftcards.com/visa-gift-cards?utm_source=MyGift&utm_medium%3E=NewPage&utm_content=Top%20Button
Title: Get a Visa Gift Card

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/
Title: Toggle navigation

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#register-card
Title: Check Balance/Transactions

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#faq
Title: Frequently Asked Questions

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/PrivacyPolicy/Index
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.giftcards.com/?utm_source=MyGift&utm_medium=NewPage&utm_content=Hamburger
Title: Get More Gift Cards

Search URL Search Domain Scan URL

URL: https://www.giftcards.com/build-create-a-card#!/create-a-card/visa&utm_source=MyGift&utm_medium=NewPage&utm_content=CarouselPersonalize

Search URL Search Domain Scan URL

URL: https://www.giftcardmall.com/store-gift-cards/five-back-visa-card

Search URL Search Domain Scan URL

URL: https://www.giftcardmall.com/

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#myGiftCarousel

Search URL Search Domain Scan URL

URL: https://www.giftcardmall.com/search-card-gallery?q=~generalsearchvalue-~type-e-gift%7Cretail~brand-view-all#utm_source=MyGift&utm_medium=NewPage&utm_content=BottomButton
Title: Buy another Gift Card

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#cards-group-2

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#cards-group-3

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/fiveback

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/bestbuy

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#cards-group-1

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/403446

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/435880

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/451129

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/454316

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/491277

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/dining

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/fuel

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/style

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/movies

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/grocery

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/home

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Card/_FaqContent/explore

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#transactions
Title: CHECK YOUR BALANCE

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/#pin
Title: PERSONALIZE PIN

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/ConsumerDisclosures/Index
Title: CONSUMER DISCLOSURE

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/LostAndStolen/Index
Title: LOST & STOLEN

Search URL Search Domain Scan URL

URL: https://mygift.giftcardmall.com/Dispute/Index
Title: DISPUTE TRANSACTIONS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tomeran.net/ 21 KB
6 KB 412ms
340ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tomeran.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a103ffff7cb1fbda1b2e55eae8614fb0440e0c1f61a22cd7d2ee386af42cfb2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 78f66d8f1b930c35-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Jan 2023 04:15:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkLFdgm2tcHf2jp9zVdoZMBlyFcVDtq%2Frn0RMZrCuF1lVsJO12jb6Hgr%2B2dezNmQMWQw4YORwCD4bsRvuRAo98gX2VWeJ5mZI3RBg4NzWKYRxlYnWKA302q5Ln2eeCBqcjELc9lgvXKeMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 205ms
75ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1635323ce29d2d7a106a438d16a3c9a01ffb82e9da47d4a9533062613b2509ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 26 Jan 2023 04:15:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 26 Jan 2023 04:15:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Jan 2023 04:15:32 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
19 KB 116ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 04:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 549, 617, 617
age: 6202259
cdn-cachedat: 2021-04-22 16:54:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 545f23af04761b8979540c216674a905
timing-allow-origin: *
cdn-requestcountrycode: NL
cf-ray: 78f66d91ca9c0e32-AMS
cdn-requestpullsuccess: True

GET
H/1.1 200
OK stylesheet.css
mygift.giftcardmall.com/317281/styles/ 68 KB
69 KB 944ms
366ms Stylesheet
text/css 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://mygift.giftcardmall.com/317281/styles/stylesheet.css?v=1.0.7604.38607

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

64f47ab6f596f1c98b7bdedd572d8d0a17aed0e8961278ce0400fa41dab24124

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:32 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: text/css
Cache-Control: public, max-age=31536000
X-TraceId: NGE4ZDEyNjQtNzEzYy00NjA1LWJmMWYtMmQ1Y2EwZWRhN2Vh
Content-Length: 69496
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:32 GMT

GET
H/1.1 200
OK jquery Show response
mygift.giftcardmall.com/317281/bundles/ 130 KB
132 KB 815ms
237ms Script
text/javascript 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://mygift.giftcardmall.com/317281/bundles/jquery

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

b4e0e4bafdba979ed97fde06c409478becd96dde7a53023aae7858a19f15a67b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:32 GMT
X-DataDome: protected
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Vary: User-Agent
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 133121
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:32 GMT

GET
H/1.1 200
OK handlebars Show response
mygift.giftcardmall.com/317281/bundles/ 70 KB
71 KB 1529ms
237ms Script
text/javascript 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to

Full URL

https://mygift.giftcardmall.com/317281/bundles/handlebars

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

15d5fa7b09ec5daed0f12dd10bb995a4285a8a3e0d3fd5155768f1ceba4bda60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:33 GMT
X-DataDome: protected
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Vary: User-Agent
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 71637
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:33 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 36 KB
11 KB 112ms
32ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 04:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 879
age: 6200340
cdn-cachedat: 05/24/2022 18:03:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4becdc9104623e891fbb9d38bba01be4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e8f5b605e372352fbb7b4138b569e335
timing-allow-origin: *
cdn-requestcountrycode: NL
cdn-status: 200
cf-ray: 78f66d91ca9d0e32-AMS
cdn-requestpullsuccess: True

GET
H/1.1 200
OK logo-visa.png
mygift.giftcardmall.com/317281/images/ 3 KB
4 KB 189ms
189ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/317281/images/logo-visa.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

4d1ad4edaa3f219eb5fb0bdb5f6c7a8a08d52e0edf459623f73578753d5a3db7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:33 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NmNjNjc3OGMtNGFmZS00M2FlLWE4MGItNDY3YzlmYTFkYzUw
Content-Length: 2771
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:33 GMT

GET
H/1.1 200
OK other-gcm-cards-vertical.png
mygift.giftcardmall.com/content/images/ 742 KB
743 KB 188ms
187ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/other-gcm-cards-vertical.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

a485c5c158d10078393191fd130ad350c66665126ac16276aa4a28d840d3c51a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:33 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ZGY0YzcxYjYtNjUyOS00MDQ1LTkxMjEtOGM2ZGVhNjMxZmEz
Content-Length: 759688
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:33 GMT

GET
H/1.1 200
OK other-gcm-cards-horizontal.png
mygift.giftcardmall.com/content/images/ 758 KB
759 KB 189ms
189ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/other-gcm-cards-horizontal.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

f9fd9634c77d32ba30bb4064091dd56f280cc27f6e92c77600ff3a3d7bff80b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:33 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NThlYjJiMjItMDA5Yi00M2Q4LThjYWItYTZkYTY5NzM2Yjcx
Content-Length: 775929
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:33 GMT

GET
H/1.1 200
OK main-card-visa-sparkle.png
mygift.giftcardmall.com/content/images/ 67 KB
68 KB 705ms
361ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/main-card-visa-sparkle.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

1a1cf6512abc9d8f1e59907c9e9449061bcdd2b9897da041fe0f8f0ef13107b6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: OTgwNGQ3MzQtOGQwMC00NTFkLTk4YTctOWZhOGVkN2Y0ZWQ1
Content-Length: 68690
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H/1.1 200
OK main-card-visa-everwhere.png
mygift.giftcardmall.com/content/images/ 10 KB
11 KB 709ms
355ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/main-card-visa-everwhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

e23dfee3f2702c9b728c9fa42185ed67230f14f92b6af97523f7d72f171e7bdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NmI2MDA2MmQtZWMxNS00Yjc1LWE4NTAtNDA5MjhmNmQzMDc5
Content-Length: 10274
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H/1.1 200
OK main-card-visa-fiveback.png
mygift.giftcardmall.com/content/images/ 9 KB
11 KB 715ms
182ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/main-card-visa-fiveback.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

620dc71a1fafadff8d414b200555cf01cff9558bc7eb0f93106057bb188c65e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NjA2YWQ3NDMtMzQ3NS00MTJkLWExMGMtN2M3ZmQ4NDM5MjU3
Content-Length: 9416
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H/1.1 200
OK main-card-visa-bestbuy.png
mygift.giftcardmall.com/content/images/ 12 KB
13 KB 1065ms
355ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/main-card-visa-bestbuy.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

0c259e78005905b6b36fa4fa51bf81770739ce701699743e613d1c902e3c3761

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: OTc0YWY3MzctMDgxYy00MTkzLWEyODctMzliMzAyNGYzZTRj
Content-Length: 11969
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H/1.1 200
OK close-icon.png
mygift.giftcardmall.com/content/images/ 285 B
2 KB 180ms
180ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/close-icon.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

6797f25cebbc43c7ee5e6bdf84b8ec83fbf02c788c0b384bd42e0da71bed068b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: MzAyOWViY2QtM2M1OS00ZGQzLTg4NDgtZjVhZTc4Yzc0MjM1
Content-Length: 285
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H/1.1 200
OK visa-silver-403446-2x.png
mygift.giftcardmall.com/content/images/ 43 KB
44 KB 188ms
188ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/visa-silver-403446-2x.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

a5eed9584980a641473aa66f60ba6414d436d2269acff6f0208fe6b254769f03

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NWFjODRjNWYtYzAzMS00ZTlhLTkzYzctMjAzYzBkMDJiOTlm
Content-Length: 43563
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H/1.1 200
OK visa-silver-435880-2x.png
mygift.giftcardmall.com/content/images/ 43 KB
44 KB 181ms
181ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/visa-silver-435880-2x.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

7227c036735dc27e8c60542b0c4bef638ae1120d680cbbd4bd04fde791ec4c94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: M2JhYmE4MTAtZTBlNi00N2QyLWI0YTEtNmY5NGNjYTc3YjI4
Content-Length: 43597
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H/1.1 200
OK visa-silver-451129-2x.png
mygift.giftcardmall.com/content/images/ 43 KB
44 KB 185ms
184ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/visa-silver-451129-2x.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

5375a5dd90b4c8305ad43934eb232bdef950af83e97ffb733420bdd4861b8abf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: YjQ2ZmFmNDMtMjU1OS00NWIxLWExMjYtZWU5MDlmM2E3NWI4
Content-Length: 43612
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK visa-silver-454316-2x.png
mygift.giftcardmall.com/content/images/ 43 KB
44 KB 353ms
353ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/visa-silver-454316-2x.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

102212e9ea20b496bd2d6cad23088c7ee15057531a821970af412525e9a57a46

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ZjdhYjNiNDktOGNmNS00NDIzLThjZTktMWE2Yzg4NWM2NzFj
Content-Length: 43658
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK visa-silver-491277-2x.png
mygift.giftcardmall.com/content/images/ 42 KB
44 KB 187ms
186ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/visa-silver-491277-2x.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

534c607b69141c5f5ea1adf565f7ffa8d5f14965c9ad9b04b5a09573e1b1bc0d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ODUzNWE0OGEtZjQ0OC00NDVkLTkyNDUtNWFiMDAyZmNjNGRm
Content-Length: 43462
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK Dining-Everywhere.png
mygift.giftcardmall.com/content/images/ 37 KB
39 KB 187ms
187ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Dining-Everywhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

01a2901c8cdb0efc2e2e23604a4eb21c3377f3c93f1895d6f55aee9081d67e38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: YzQ1ZjBmZjctMjdjYy00NjkwLTg0YTQtZjc0MTkzZjQ3MWRk
Content-Length: 38100
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK Fuel-Everywhere.png
mygift.giftcardmall.com/content/images/ 34 KB
35 KB 182ms
182ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Fuel-Everywhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

731986e9acda189814fdcdcf7ae2043bc77a3ef145b4c5fef3eb17c15cb30800

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ZGEyNTlkOGUtMGQzNi00ZjE2LWE2MzctNWFmZmI5YTc3N2Iw
Content-Length: 34785
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK Style-Everywhere.png
mygift.giftcardmall.com/content/images/ 36 KB
37 KB 184ms
183ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Style-Everywhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

465ccf0d11c1358a4408b796651b2028537974daa911af3acd516c68dbf72ad9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ZTM5N2M1ZTgtZmRlYy00YTAxLTk4ZDQtYTk0Y2E1MGI2ODk4
Content-Length: 36581
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK Movies-Everywhere.png
mygift.giftcardmall.com/content/images/ 38 KB
39 KB 186ms
186ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Movies-Everywhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

b75900f5f6485c09d0192766ed53a6bd3dc99309409d93bd9c2adeb36d84c973

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: YmI1MTE4MDQtMmYwYS00NWE3LTlmNWYtMGQ0M2Q3ZjdkNWZm
Content-Length: 38714
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK Grocery-Everywhere.png
mygift.giftcardmall.com/content/images/ 42 KB
43 KB 186ms
186ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Grocery-Everywhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

2428d47709d6eeeecffdf9f9c85cd09e608d6e9d301879b419d3a9508f74931f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ODE5MGUyOWQtYjY0Ni00MmQ3LTlmNmMtMTJhOGIxMjZmOTM2
Content-Length: 42780
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK Home-Everywhere.png
mygift.giftcardmall.com/content/images/ 36 KB
37 KB 181ms
181ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Home-Everywhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

af9bf54a79310bd9770d3bb0a2e3da31ac943d16b1003467a420ca780de32316

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NzEyZDk1NjUtOTNkMS00YWM4LWJlMDktYjQwOTRkMGVkNTQw
Content-Length: 36782
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H/1.1 200
OK Explore-Everywhere.png
mygift.giftcardmall.com/content/images/ 16 KB
17 KB 181ms
181ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Explore-Everywhere.png

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

8b1299d6d4514ea3385e36b7f9c4b1f48495f5bc30cbbcf34f19e4ccabf3ba79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:35 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: ZjBmZDg2NmUtMjM2Zi00ZmY4LWI3OGQtZTAzZGNmZTc3Mjhj
Content-Length: 16323
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:35 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 159ms
46ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tomeran.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 19:24:44 GMT
x-content-type-options: nosniff
age: 204649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 19:24:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 780ms
59ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tomeran.net
URL: https://tomeran.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tomeran.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 26 Jan 2023 02:26:10 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6564
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 26 Jan 2023 04:26:10 GMT

GET
H/1.1 200
OK Personalize-visa-1200-min.jpg
mygift.giftcardmall.com/content/images/ 2 MB
2 MB 690ms
357ms Image
image/jpeg 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Personalize-visa-1200-min.jpg

Requested by

Host: mygift.giftcardmall.com
URL: https://mygift.giftcardmall.com/317281/styles/stylesheet.css?v=1.0.7604.38607

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

0187245fd5eafbae836a1b6cdce43a2f05d7dc4b1388d5fd7ff8452a86de8a19

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mygift.giftcardmall.com/317281/styles/stylesheet.css?v=1.0.7604.38607
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
X-TraceId: OTZiMzc2MDktNzYyMC00YTNhLTgyZjUtMDU5Yzk5OWQ3NTE4
Content-Length: 1605352
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 47ms
46ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700,300|Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tomeran.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 12:49:17 GMT
x-content-type-options: nosniff
age: 487576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jan 2024 12:49:17 GMT

GET
H3 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/ 18 KB
18 KB 66ms
39ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Origin: https://tomeran.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 04:15:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 1056
cdn-cachedat: 11/21/2022 03:27:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18028
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: "448c34a56d699c29117adc64c43affeb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f733057a8d5e1a08195c3860df07403c
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: NL
cdn-status: 200
cf-ray: 78f66d9c28d31c98-AMS
cdn-requestpullsuccess: True

GET
H/1.1 200
OK help-icon.png
mygift.giftcardmall.com/content/images/ 474 B
2 KB 505ms
188ms Image
image/png 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/help-icon.png

Requested by

Host: mygift.giftcardmall.com
URL: https://mygift.giftcardmall.com/317281/styles/stylesheet.css?v=1.0.7604.38607

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

ed57ce02142038981dd6346be622a951494008a92e36f64e4463ebf2277255a2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mygift.giftcardmall.com/317281/styles/stylesheet.css?v=1.0.7604.38607
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:33 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:34 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: public, max-age=31536000
X-TraceId: NzExMjAwZGItZTZjZi00YmE2LWEzOTYtNWFkM2Q4YzYxZTgx
Content-Length: 474
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:34 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 67ms
66ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1570794419&t=pageview&_s=1&dl=https%3A%2F%2Ftomeran.net%2F&ul=en-us&de=UTF-8&dt=MyGift%20Visa%20Gift%20Card&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1044703467&gjid=28059845&cid=533445689.1674706535&tid=UA-33607912-1&_gid=410846290.1674706535&_r=1&_slc=1&z=198678994

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tomeran.net/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Jan 2023 04:15:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tomeran.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Five-back-1200-min.jpg
mygift.giftcardmall.com/content/images/ 239 KB
0 185ms
183ms Image
image/jpeg 216.104.233.144
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mygift.giftcardmall.com/content/images/Five-back-1200-min.jpg

Requested by

Host: mygift.giftcardmall.com
URL: https://mygift.giftcardmall.com/317281/styles/stylesheet.css?v=1.0.7604.38607

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

216.104.233.144 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com .google-analytics.com .arkoselabs.com .trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com .newrelic.com .nr-data.net .datadome.co .captcha-delivery.com; connect-src 'self' .trustarc.com .trustev.com .google-analytics.com wss://mpsnare.iesnare.com .nr-data.net stats.g.doubleclick.net .datadome.co; img-src 'self' .trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src ; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://mygift.giftcardmall.com/317281/styles/stylesheet.css?v=1.0.7604.38607
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';font-src 'self' fonts.googleapis.com fonts.gstatic.com maxcdn.bootstrapcdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' fonts.googleapis.com maxcdn.bootstrapcdn.com consent.trustarc.com *.google-analytics.com *.arkoselabs.com *.trustev.com mpsnare.iesnare.com https://ht.blackhawknetwork.com *.newrelic.com *.nr-data.net *.datadome.co *.captcha-delivery.com; connect-src 'self' *.trustarc.com *.trustev.com *.google-analytics.com wss://mpsnare.iesnare.com *.nr-data.net stats.g.doubleclick.net *.datadome.co; img-src 'self' *.trustarc.com https://ht.blackhawknetwork.com www.google-analytics.com www.google.com; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com fonts.googleapis.com; frame-src *; object-src 'none';media-src 'self' data: mpsnare.iesnare.com; frame-ancestors 'none'
Date: Thu, 26 Jan 2023 04:15:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 26 Jan 2023 04:15:42 GMT
Vary: *
X-Frame-Options: DENY
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
X-TraceId: OTM3Njc3ZmItZDEyMi00YWM0LWIzMGYtYjY4MDIwOWQ2ZWQ1
Content-Length: 2143087
X-XSS-Protection: 1; mode=block
Expires: Fri, 26 Jan 2024 04:15:42 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tomeran.net/	1970-01-20 18:47:46	Name: _ga Value: GA1.2.533445689.1674706535
.tomeran.net/	1970-01-20 09:13:12	Name: _gid Value: GA1.2.410846290.1674706535
.tomeran.net/	1970-01-20 09:11:46	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mygift.giftcardmall.com
tomeran.net
www.google-analytics.com
216.104.233.144
2606:4700::6812:bcf
2a00:1450:4001:830::200e
2a00:1450:400d:806::2003
2a00:1450:400d:80e::200a
2a06:98c1:3120::c
0187245fd5eafbae836a1b6cdce43a2f05d7dc4b1388d5fd7ff8452a86de8a19
01a2901c8cdb0efc2e2e23604a4eb21c3377f3c93f1895d6f55aee9081d67e38
0c259e78005905b6b36fa4fa51bf81770739ce701699743e613d1c902e3c3761
102212e9ea20b496bd2d6cad23088c7ee15057531a821970af412525e9a57a46
15d5fa7b09ec5daed0f12dd10bb995a4285a8a3e0d3fd5155768f1ceba4bda60
1635323ce29d2d7a106a438d16a3c9a01ffb82e9da47d4a9533062613b2509ec
1a1cf6512abc9d8f1e59907c9e9449061bcdd2b9897da041fe0f8f0ef13107b6
2428d47709d6eeeecffdf9f9c85cd09e608d6e9d301879b419d3a9508f74931f
465ccf0d11c1358a4408b796651b2028537974daa911af3acd516c68dbf72ad9
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4d1ad4edaa3f219eb5fb0bdb5f6c7a8a08d52e0edf459623f73578753d5a3db7
534c607b69141c5f5ea1adf565f7ffa8d5f14965c9ad9b04b5a09573e1b1bc0d
5375a5dd90b4c8305ad43934eb232bdef950af83e97ffb733420bdd4861b8abf
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
620dc71a1fafadff8d414b200555cf01cff9558bc7eb0f93106057bb188c65e8
64f47ab6f596f1c98b7bdedd572d8d0a17aed0e8961278ce0400fa41dab24124
6797f25cebbc43c7ee5e6bdf84b8ec83fbf02c788c0b384bd42e0da71bed068b
6a103ffff7cb1fbda1b2e55eae8614fb0440e0c1f61a22cd7d2ee386af42cfb2
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
7227c036735dc27e8c60542b0c4bef638ae1120d680cbbd4bd04fde791ec4c94
731986e9acda189814fdcdcf7ae2043bc77a3ef145b4c5fef3eb17c15cb30800
8b1299d6d4514ea3385e36b7f9c4b1f48495f5bc30cbbcf34f19e4ccabf3ba79
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a485c5c158d10078393191fd130ad350c66665126ac16276aa4a28d840d3c51a
a5eed9584980a641473aa66f60ba6414d436d2269acff6f0208fe6b254769f03
af9bf54a79310bd9770d3bb0a2e3da31ac943d16b1003467a420ca780de32316
b4e0e4bafdba979ed97fde06c409478becd96dde7a53023aae7858a19f15a67b
b75900f5f6485c09d0192766ed53a6bd3dc99309409d93bd9c2adeb36d84c973
e23dfee3f2702c9b728c9fa42185ed67230f14f92b6af97523f7d72f171e7bdd
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ed57ce02142038981dd6346be622a951494008a92e36f64e4463ebf2277255a2
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f9fd9634c77d32ba30bb4064091dd56f280cc27f6e92c77600ff3a3d7bff80b1
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

tomeran.net Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

4030 kBTransfer

4403 kBSize

3 Cookies

35 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tomeran.net Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

4030 kB
Transfer

4403 kB
Size

3
Cookies

35 HTTP transactions
0 data transactions