paypal.stashedrewards.com Open in urlscan Pro
2a0b:4d07:102::1  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response paypal.stashedrewards.com/	124 KB 19 KB	777ms 591ms	Document text/html	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://paypal.stashedrewards.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 2eca781af236457148e7fdf7190bdf405e6d6758610f80b52cd59ba56e6fb1b6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 content-encoding br content-length 19471 content-type text/html date Mon, 27 Mar 2023 18:22:01 GMT etag "e8a14857e462d2996595d5611b1e9d16" last-modified Fri, 29 Apr 2022 07:51:18 GMT server keycdn-engine x-amz-version-id 7UYzioFygo.qNZD0lk5qhMJktDQBFebh x-cache MISS x-cache-status MISS x-edge-location defr
GET H2	200	presenter.4717d24.css impressure-c630.kxcdn.com/	19 KB 5 KB	181ms 52ms	Stylesheet text/css	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.4717d24.css Requested by Host: paypal.stashedrewards.com URL: https://paypal.stashedrewards.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:01 GMT content-encoding br x-amz-request-id FV5ARRN2A53M99YG x-edge-location defr x-cache STALE content-length 4928 x-amz-id-2 jXE8iX76SO59zMW/Jf3IzH2gfaqeKnd/W6P6kILopzlrrnTt2kvh6xx33tQ08Ik9JJigaxJTzm8= last-modified Wed, 09 Oct 2019 17:37:18 GMT server keycdn-engine etag "e39087b2545506688b40e35efb46751b" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:01 GMT
GET H2	200	presenter.473070e.js Show response impressure-c630.kxcdn.com/	394 KB 105 KB	224ms 96ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.473070e.js Requested by Host: paypal.stashedrewards.com URL: https://paypal.stashedrewards.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da Request headers Referer https://paypal.stashedrewards.com/ Origin https://paypal.stashedrewards.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:01 GMT content-encoding br x-amz-request-id FV52G20PKKN0XBHN x-edge-location defr x-cache STALE content-length 106778 x-amz-id-2 Jg4+j8lehbN+CHGhDb3c277eO8/Xao1Sz4TyLiWLXE8h8BGmt0rlJ1TS+Y3c/X2aNX+y/TxyDpY= last-modified Mon, 28 Sep 2020 04:36:37 GMT server keycdn-engine etag "399bc418707e540a42b4a31c42fa707b" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:01 GMT
GET H/1.1	200 OK	info Show response events.impressure.io/	890 B 1 KB	916ms 212ms	XHR application/json	52.88.117.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/info?v=2&nonce=10852088977750428&userId= Requested by Host: paypal.stashedrewards.com URL: https://paypal.stashedrewards.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-117-3.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash de54f5928c370ba968440917d45618b5358f65e2d7c9121caa1d91404058fe7b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 18:22:02 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx ETag W/"37a-nNQ2ANRJrzn0EqJrlVRdpRYNoNo" X-Powered-By Express Vary Accept-Encoding, Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://paypal.stashedrewards.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 618
GET DATA	200 OK	truncated /	24 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	146ms 43ms	Script application/javascript	2001:4de0:ac18::1:a:2a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:02 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-15d9d" vary Accept-Encoding x-hw 1679941322.dop151.fr8.t,1679941322.cds266.fr8.hn,1679941322.cds144.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	loading.d78985d5a90c42d31aaaf9203cddb569.gif impressure-c630.kxcdn.com/	2 KB 2 KB	50ms 49ms	Image image/gif	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.4717d24.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09 Request headers accept-language de-DE,de;q=0.9 Referer https://impressure-c630.kxcdn.com/presenter.4717d24.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:02 GMT content-encoding gzip x-amz-request-id D8ZFGEQCQ5V8RQ79 x-edge-location defr x-cache HIT content-length 1315 x-amz-id-2 B3eLNOB6itH6GtW6yjze5UyVHgfRxYikb+8rQ+5n2noqJl24iFb9BUxRIxIPI+WP7HdcwZ+M9C0= last-modified Tue, 21 Aug 2018 14:21:48 GMT server keycdn-engine etag W/"d78985d5a90c42d31aaaf9203cddb569" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/plain access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:02 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 940 B	145ms 48ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 39342094826bd3eda8f1bd63459bc267d780d4d28bd52de7c086d5d985223b02 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Mar 2023 18:22:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Mar 2023 18:19:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Mar 2023 18:22:02 GMT
GET H2	200	189eab9d1e.js Show response kit.fontawesome.com/	11 KB 4 KB	170ms 63ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/189eab9d1e.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 570d37c76324f02221cada79d74cbef9d7aae14c9de5bc5c302f374829acb293 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:02 GMT strict-transport-security max-age=31536000; preload content-encoding gzip cf-cache-status REVALIDATED server cloudflare access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=60, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method cf-ray 7ae9a811d9d25bf9-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F1BT9o81nf-JsXAAHfSj
GET H2	200	pro.min.css Show response ka-p.fontawesome.com/releases/v6.4.0/css/	867 KB 196 KB	169ms 68ms	Fetch text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.4.0/css/pro.min.css?token=189eab9d1e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/189eab9d1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:02 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 23 Mar 2023 21:29:22 GMT server cloudflare etag "641cc4b2-31000" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 7ae9a812db8b368b-FRA content-length 200704
GET H2	200	pro-v4-shims.min.css Show response ka-p.fontawesome.com/releases/v6.4.0/css/	27 KB 4 KB	162ms 61ms	Fetch text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-shims.min.css?token=189eab9d1e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/189eab9d1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:02 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 23 Mar 2023 21:29:20 GMT server cloudflare etag "641cc4b0-10e7" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 7ae9a812db91368b-FRA content-length 4327
GET H2	200	pro-v5-font-face.min.css Show response ka-p.fontawesome.com/releases/v6.4.0/css/	85 KB 12 KB	163ms 62ms	Fetch text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v5-font-face.min.css?token=189eab9d1e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/189eab9d1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:02 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 23 Mar 2023 21:29:21 GMT server cloudflare etag "641cc4b1-30f2" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 7ae9a812db94368b-FRA content-length 12530
GET H2	200	pro-v4-font-face.min.css Show response ka-p.fontawesome.com/releases/v6.4.0/css/	12 KB 2 KB	167ms 66ms	Fetch text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.4.0/css/pro-v4-font-face.min.css?token=189eab9d1e Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/189eab9d1e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:02 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 23 Mar 2023 21:29:20 GMT server cloudflare etag "641cc4b0-917" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type text/css access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 7ae9a812db95368b-FRA content-length 2327
GET H2	200	d2c4aa53-eb9c-4703-a0ee-b247f8ab537e.js Show response paypal.stashedrewards.com/chunk/165865/	17 KB 4 KB	531ms 530ms	Script text/html	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://paypal.stashedrewards.com/chunk/165865/d2c4aa53-eb9c-4703-a0ee-b247f8ab537e.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash f2f1eaa7082cc1f91242a4dc646d95b01faa9b2f7373443d9013a0b1c335dbf0 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:03 GMT content-encoding br x-amz-version-id Q0A9UQjJ8UQll_vb8UK742XgrmHqL.2h last-modified Fri, 29 Apr 2022 07:51:17 GMT server keycdn-engine x-edge-location defr etag "3c33c5b0013843bfadb943b628feac02" x-cache-status MISS x-cache MISS content-type text/html access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 accept-ranges bytes content-length 4026
GET H2	200	chunk.7.6caa6e6.css impressure-c630.kxcdn.com/	1 KB 963 B	491ms 486ms	Stylesheet text/css	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.6caa6e6.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:03 GMT content-encoding br x-amz-request-id WVRR6W0NGF82A1SV x-edge-location defr x-cache MISS content-length 538 x-amz-id-2 U6o2yVW+XzEgB2hjLrGaWwqmfrh/52Vzz1W4OIJQcygFdSFDJsB3+cTgBEf7POCY0vyatXEYv3I= last-modified Wed, 09 Oct 2019 17:37:11 GMT server keycdn-engine etag "e73681ade786069d4cb8563abe3a911e" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:03 GMT
GET H2	200	chunk.7.6b4aa76.js Show response impressure-c630.kxcdn.com/	11 KB 4 KB	488ms 483ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.6b4aa76.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash bb567a6877cd9fbf0c08d55c7d64b5ebbf21a8de27fc9292e445708cf81f8cbe Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:03 GMT content-encoding br x-amz-request-id WVRX20C4JYES7CDH x-edge-location defr x-cache MISS content-length 3359 x-amz-id-2 Q3HoIUANajemEq0iEPcG+VeYuT/I+fo+nGEHqURo7WRTjt8oOcdkDgMhta58PL4QA9UgWuniOoU= last-modified Sat, 19 Sep 2020 17:57:48 GMT server keycdn-engine etag "4a8e2010be8daac0eb417e28d5590e05" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:03 GMT
GET H2	200	chunk.4.14607f3.css impressure-c630.kxcdn.com/	2 KB 1 KB	483ms 482ms	Stylesheet text/css	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.14607f3.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:03 GMT content-encoding br x-amz-request-id WVRPNCBV5XFXZPJX x-edge-location defr x-cache MISS content-length 794 x-amz-id-2 tdeSpW03ahAI4z6TnI+hLci7vRVDoGo4HtdV8HCuoTNy95j9o99Rhqx/LDyXZ+hE8sOZUrBw2pM= last-modified Wed, 09 Oct 2019 17:37:10 GMT server keycdn-engine etag "92cf1ed8bfc5123b1b1c5ae4a995d8d6" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:03 GMT
GET H2	200	chunk.4.7eecc8f.js Show response impressure-c630.kxcdn.com/	56 KB 18 KB	480ms 480ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.7eecc8f.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash e482a06fd3cc015f2a9fbb2a1af521d39d1bdda7bc560557d86a82f98c05f8ca Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:03 GMT content-encoding gzip x-amz-request-id WVRTXSTVBEF7P5MJ x-edge-location defr x-cache MISS content-length 17771 x-amz-id-2 gFMJSFrB83jPydNHzVt89T8Wpyi3EJqhrDUggSzJukdxETc+s7a9xkBS/vZ4ykIiaXsNmzGUPG4= last-modified Wed, 06 Apr 2022 22:23:44 GMT server keycdn-engine etag W/"68f02e7cf4450835bcc3bef3fad4cc32" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:03 GMT
GET H2	200	chunk.13.5f3a945.js Show response impressure-c630.kxcdn.com/	17 KB 5 KB	476ms 475ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:03 GMT content-encoding br x-amz-request-id WVRT8C8Y9FJSFMJC x-edge-location defr x-cache MISS content-length 5062 x-amz-id-2 eOVpOQFyjbRFJQw+LcGBEYb8gWvE7GRwA9K6vH/jjPixkaUDC6eIqHEAndJHnT/izB5v/w6F5xI= last-modified Wed, 09 Oct 2019 17:37:16 GMT server keycdn-engine etag "99d0c075b044b783e3f3e92fdf9ab9cc" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:03 GMT
POST H/1.1	200 OK	events Show response events.impressure.io/	72 B 500 B	254ms 253ms	Fetch application/json	52.88.117.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-117-3.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 3492b33170f942dfe2eb20492bebb0a2e761876d3337e8ab0b869d60fc115df7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://paypal.stashedrewards.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 content-type text/plain Response headers Date Mon, 27 Mar 2023 18:22:03 GMT X-Content-Type-Options nosniff Server nginx ETag W/"48-jQul5MG03oicAEepCoiVW2dKqPQ" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://paypal.stashedrewards.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 72
GET H2	200	2f8cca6c-bfbf-4938-bf1a-eb7409ff5c11.gif djk97zng6lbya.cloudfront.net/2021/10/28/13/48/44/	2 KB 2 KB	859ms 681ms	Image image/gif	13.32.23.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2021/10/28/13/48/44/2f8cca6c-bfbf-4938-bf1a-eb7409ff5c11.gif Requested by Host: paypal.stashedrewards.com URL: https://paypal.stashedrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-105.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash cd56d464052d67eca50c5ef2b5054345436003ceee55fd48cf3300da403aba05 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:04 GMT via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) last-modified Thu, 28 Oct 2021 13:48:45 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "fa6c45a6c753014d24884b60c33a28ac" x-cache Miss from cloudfront content-type image/gif cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 1933 x-amz-cf-id LD1kJwLfrM5lmno3MwYOmIkCduKMoDpIQHnAguEEcdKAIbdwYPJnVA==
GET H2	200	chunk.1.1835e12.js Show response impressure-c630.kxcdn.com/	118 KB 29 KB	553ms 547ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.1.1835e12.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 1f8ef466087da7f1845c6539611726540d56d132c1dde753d8688b39184f1e5d Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:04 GMT content-encoding br x-amz-request-id WVRTD1Q9BDWRNNJG x-edge-location defr x-cache MISS content-length 28928 x-amz-id-2 8oFWV+R87D/fAQGhweTrmuaTyrlIc/E71dmzcOxYcl38ni1/VtJSyCP46hurv6+GclCXX2V+Nq8= last-modified Wed, 09 Oct 2019 17:37:19 GMT server keycdn-engine etag "0166f627bdb6ee21229484adc92c1ad0" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Mon, 03 Apr 2023 18:22:04 GMT
GET H2	200	42c82216-6045-4eba-a936-daf96e40eaee.svg djk97zng6lbya.cloudfront.net/2022/03/15/22/52/13/	6 KB 3 KB	671ms 666ms	Image image/svg+xml	13.32.23.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/03/15/22/52/13/42c82216-6045-4eba-a936-daf96e40eaee.svg Requested by Host: paypal.stashedrewards.com URL: https://paypal.stashedrewards.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-105.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d0151fb6c260e5a637a374b2c42034ffedd1e2d153db10abce8b4095a224ab96 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:05 GMT content-encoding gzip via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) last-modified Tue, 15 Mar 2022 22:52:14 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag W/"28b474ed4c19c819ec6d2ead888b618f" vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31536000 x-amz-meta-json x-amz-cf-id 2OLELh4sWfuZe9Oa-hvl2ohseuucHbctJNe3FUf7QrILB6PhlwnvSQ==
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	262ms 260ms	Fetch application/json	52.88.117.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-117-3.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 74293f941909295a18f2a40ac44dd8c871805e187459ed7c7efb3ede756c32ce Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://paypal.stashedrewards.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 content-type text/plain Response headers Date Mon, 27 Mar 2023 18:22:03 GMT X-Content-Type-Options nosniff Server nginx ETag W/"4b-8DE5Vkq2xZrwDZIyo3r7Vibh7tc" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://paypal.stashedrewards.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 75
GET H2	200	QGYsz_wNahGAdqQ43Rh_fKDp.woff2 fonts.gstatic.com/s/worksans/v18/	47 KB 47 KB	142ms 41ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Work+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://paypal.stashedrewards.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Wed, 22 Mar 2023 10:43:11 GMT x-content-type-options nosniff age 459532 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47728 x-xss-protection 0 last-modified Tue, 23 Aug 2022 17:55:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Mar 2024 10:43:11 GMT
GET H2	200	5ffb98ac-ff4a-456a-97f2-f496546e9644.js Show response paypal.stashedrewards.com/chunk/165865/	23 KB 6 KB	459ms 458ms	Script text/html	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://paypal.stashedrewards.com/chunk/165865/5ffb98ac-ff4a-456a-97f2-f496546e9644.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash e1dc7315e41bcabd6fb49c120cc5514743a64d2b95b3384e23284d2f12876fd6 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:05 GMT content-encoding br x-amz-version-id 5LqXZbiz_PNJpC9RtS.CmnUBntD2tiaL last-modified Fri, 29 Apr 2022 07:51:18 GMT server keycdn-engine x-edge-location defr etag "328b378401de4d1a1ed483b3b25182b3" x-cache-status MISS x-cache MISS content-type text/html access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 accept-ranges bytes content-length 5565
GET H2	200	1 Show response stats.pusher.com/timeline/v2/jsonp/	0 75 B	401ms 116ms	Script application/javascript	18.214.167.120 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stats.pusher.com/timeline/v2/jsonp/1?session=NDIyOTAxNzc5&bundle=MQ%3D%3D&key=NTAyODM0YTg1MjU1MGVlNDZkZjk%3D&lib=anM%3D&version=NC4zLjE%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2Nzk5NDEzMjQzMDd9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjc5OTQxMzI0MzA3fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjc5OTQxMzI0MzA3fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY3OTk0MTMyNDMwN30seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY3OTk0MTMyNDMwOH0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY3OTk0MTMyNDg4NH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI0NDQ3MTguMjU2NDYyMDIifSwidGltZXN0YW1wIjoxNjc5OTQxMzI0ODg1fV0%3D Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/chunk.1.1835e12.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.214.167.120 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-214-167-120.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:05 GMT server awselb/2.0 content-length 0 content-type application/javascript; charset=utf-8
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	260ms 256ms	Fetch application/json	52.88.117.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-117-3.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash fa65d8008ebfdef4399da723aff53b3c8cc37353663964de66c7ea7948629e80 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://paypal.stashedrewards.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 content-type text/plain Response headers Date Mon, 27 Mar 2023 18:22:06 GMT X-Content-Type-Options nosniff Server nginx ETag W/"4b-ijrzco850uZlzwvEASSMiX1yQhg" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://paypal.stashedrewards.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 75
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 503 B	249ms 245ms	Fetch application/json	52.88.117.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-117-3.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash fd99b4c2a28a6fef96e0d8eb8b537b397c6e71c0f6c2635676068821d3d90f85 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://paypal.stashedrewards.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 content-type text/plain Response headers Date Mon, 27 Mar 2023 18:22:06 GMT X-Content-Type-Options nosniff Server nginx ETag W/"4b-026ae/N3poSiekJQKQVgPD7I+ZQ" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://paypal.stashedrewards.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 75
GET H2	200	42c82216-6045-4eba-a936-daf96e40eaee.svg djk97zng6lbya.cloudfront.net/2022/03/15/22/52/13/	6 KB 3 KB	44ms 44ms	Image image/svg+xml	13.32.23.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/03/15/22/52/13/42c82216-6045-4eba-a936-daf96e40eaee.svg Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-105.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d0151fb6c260e5a637a374b2c42034ffedd1e2d153db10abce8b4095a224ab96 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:05 GMT content-encoding gzip via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) last-modified Tue, 15 Mar 2022 22:52:14 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 4 etag W/"28b474ed4c19c819ec6d2ead888b618f" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=31536000 x-amz-meta-json x-amz-cf-id DX5V-B-1xIE_kljapgBR03nBQX_RnKt07tOaC5fIdu3qYG9QxDYokA==
GET		583ab1dc-a866-45d1-ba0b-64ad271b184f.png djk97zng6lbya.cloudfront.net/2022/03/15/23/40/22/	0 0
GET		f0efdb96-1f05-44c9-a1d7-225d21ed7e46.png djk97zng6lbya.cloudfront.net/2022/03/16/23/27/48/	0 0
GET H2	200	pro-fa-solid-900-d5bbe9.woff2 ka-p.fontawesome.com/releases/v6.4.0/webfonts/	24 KB 24 KB	59ms 58ms	Font font/woff2	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-p.fontawesome.com/releases/v6.4.0/webfonts/pro-fa-solid-900-d5bbe9.woff2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3503a42a883cfceb0c60b9d802aaf3538974a1ce1645e2c1a4e922eb53881c76 Request headers Referer https://paypal.stashedrewards.com/ Origin https://paypal.stashedrewards.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:08 GMT cf-cache-status MISS last-modified Fri, 24 Mar 2023 05:31:29 GMT server cloudflare etag "641d35b1-5ea0" vary Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 7ae9a837ec3d368b-FRA content-length 24224
GET H/1.1	200 OK	b656796-300w-326ppi.png d30s7yzk2az89n.cloudfront.net/images/brands/	9 KB 9 KB	261ms 45ms	Image binary/octet-stream	143.204.215.34
General Check archive.org Show headers Download Go to Show image Full URL https://d30s7yzk2az89n.cloudfront.net/images/brands/b656796-300w-326ppi.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.34 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash 099391c48c708c9bd58cd9c21b8cfe5fb1f9f32da362c49cb4cf7854d48297e3 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 11:03:59 GMT Via 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront) Last-Modified Wed, 27 Oct 2021 22:05:02 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 Age 26290 ETag "d785ca507a3db46c5522a65cf071728e" X-Cache Hit from cloudfront Content-Type binary/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 8971 X-Amz-Cf-Id xpYrGgDImLaHeKY9hxFBG1ntSTyvj4RavNNFNAMR2fFRSsQNvN2Ztg==
POST H/1.1	200 OK	events Show response events.impressure.io/	72 B 500 B	244ms 244ms	Fetch application/json	52.88.117.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-117-3.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 693ff3556009b6334a853dfbcee6e554ba9b0fab9760a984e3c0866a3e6b2c15 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://paypal.stashedrewards.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 content-type text/plain Response headers Date Mon, 27 Mar 2023 18:22:08 GMT X-Content-Type-Options nosniff Server nginx ETag W/"48-wB+rk3u3ZG7sr5nRWbZ2WsdK1YQ" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://paypal.stashedrewards.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 72
GET H2	200	2f8cca6c-bfbf-4938-bf1a-eb7409ff5c11.gif djk97zng6lbya.cloudfront.net/2021/10/28/13/48/44/	2 KB 2 KB	43ms 43ms	Image image/gif	13.32.23.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2021/10/28/13/48/44/2f8cca6c-bfbf-4938-bf1a-eb7409ff5c11.gif Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-105.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash cd56d464052d67eca50c5ef2b5054345436003ceee55fd48cf3300da403aba05 Request headers accept-language de-DE,de;q=0.9 Referer https://paypal.stashedrewards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 18:22:04 GMT via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) last-modified Thu, 28 Oct 2021 13:48:45 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 4 etag "fa6c45a6c753014d24884b60c33a28ac" x-cache Hit from cloudfront content-type image/gif cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 1933 x-amz-cf-id 4iiHjHqoXq9EcYrgG_M-XSsdSNdPXDi5vEJvzY7NY_08OmzK3UEcOQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

djk97zng6lbya.cloudfront.net

URL

https://djk97zng6lbya.cloudfront.net/2022/03/15/23/40/22/583ab1dc-a866-45d1-ba0b-64ad271b184f.png

Domain

djk97zng6lbya.cloudfront.net

URL

https://djk97zng6lbya.cloudfront.net/2022/03/16/23/27/48/f0efdb96-1f05-44c9-a1d7-225d21ed7e46.png

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| __info object| Impressure function| loadCSS object| webpackJsonp object| core object| __core-js_shared__ function| Mousetrap function| $ function| jQuery object| utilities object| FontAwesomeKitConfig function| loadOfferDetails function| Pusher

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.stashedrewards.com/	1970-01-20 20:15:01	Name: _user_time Value: 1679941322154|1679941322154
			paypal.stashedrewards.com/	1970-01-20 20:15:01	Name: _user_random Value: 0.9862117963295045
			.stashedrewards.com/	1970-01-20 20:15:01	Name: _user_id Value: 2316c074-5502-4361-8b14-90c6f54a1186-PqolzSzkh9sQPHxIV3XJEU9c1cabHCTtTu2Spwqe0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
d30s7yzk2az89n.cloudfront.net
djk97zng6lbya.cloudfront.net
events.impressure.io
fonts.googleapis.com
fonts.gstatic.com
impressure-c630.kxcdn.com
ka-p.fontawesome.com
kit.fontawesome.com
paypal.stashedrewards.com
stats.pusher.com
djk97zng6lbya.cloudfront.net
13.32.23.105
143.204.215.34
18.214.167.120
2001:4de0:ac18::1:a:2a
2606:4700::6812:1634
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200a
2a0b:4d07:102::1
52.88.117.3
099391c48c708c9bd58cd9c21b8cfe5fb1f9f32da362c49cb4cf7854d48297e3
1f8ef466087da7f1845c6539611726540d56d132c1dde753d8688b39184f1e5d
2eca781af236457148e7fdf7190bdf405e6d6758610f80b52cd59ba56e6fb1b6
340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba
3492b33170f942dfe2eb20492bebb0a2e761876d3337e8ab0b869d60fc115df7
3503a42a883cfceb0c60b9d802aaf3538974a1ce1645e2c1a4e922eb53881c76
39342094826bd3eda8f1bd63459bc267d780d4d28bd52de7c086d5d985223b02
4d5e287f0e60cc7efadd2bdf39ff53499de57249b69a3ae73497a187ff908e2a
570d37c76324f02221cada79d74cbef9d7aae14c9de5bc5c302f374829acb293
61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da
681f15f1dd66646e3c4be78f9c74962004cbc764f0fbb1da993f6937a3ac1e8a
693ff3556009b6334a853dfbcee6e554ba9b0fab9760a984e3c0866a3e6b2c15
74293f941909295a18f2a40ac44dd8c871805e187459ed7c7efb3ede756c32ce
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09
866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b
baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744
bb567a6877cd9fbf0c08d55c7d64b5ebbf21a8de27fc9292e445708cf81f8cbe
cd56d464052d67eca50c5ef2b5054345436003ceee55fd48cf3300da403aba05
d0151fb6c260e5a637a374b2c42034ffedd1e2d153db10abce8b4095a224ab96
de54f5928c370ba968440917d45618b5358f65e2d7c9121caa1d91404058fe7b
e1dc7315e41bcabd6fb49c120cc5514743a64d2b95b3384e23284d2f12876fd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482a06fd3cc015f2a9fbb2a1af521d39d1bdda7bc560557d86a82f98c05f8ca
ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42
f2f1eaa7082cc1f91242a4dc646d95b01faa9b2f7373443d9013a0b1c335dbf0
fa65d8008ebfdef4399da723aff53b3c8cc37353663964de66c7ea7948629e80
fce60bc81b42726b685192834cdd4147bb4867c94a9b5c38a35c0cce8a6b562e
fd99b4c2a28a6fef96e0d8eb8b537b397c6e71c0f6c2635676068821d3d90f85
fe0d7ff5c1b94b9efefbc1903a465c7d8bb345da51aaa13a93a55f9f7eff5b86
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e