www.mrrebates.com Open in urlscan Pro
64.106.178.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.travis.com/
Effective URL:
https://www.mrrebates.com/Default.asp
Submission: On May 20 via api (May 20th 2023, 10:35:23 am UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 62 HTTP transactions. The main IP is 64.106.178.205, located in United States and belongs to DATAPIPE, US. The main domain is www.mrrebates.com. The Cisco Umbrella rank of the primary domain is 544171.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 27th 2022. Valid for: a year.

This is the only time www.mrrebates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.163.153.22 69.163.153.22	26347 (DREAMHOST-AS) (DREAMHOST-AS)
3 22	64.106.178.205 64.106.178.205	14492 (DATAPIPE) (DATAPIPE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
11	52.217.18.38 52.217.18.38	16509 (AMAZON-02) (AMAZON-02)
23	52.216.240.126 52.216.240.126	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	185.14.184.154 185.14.184.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
62	9

1 69.163.153.22 (Brea, United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-igloo.chehalem.dreamhost.com

www.travis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 64.106.178.205 (United States) 3 redirects

ASN14492 (DATAPIPE, US)

www.mrrebates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.217.18.38 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 52.216.240.126 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.14.184.154 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

eu.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	amazonaws.com s3.amazonaws.com s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 3457	295 KB
22	mrrebates.com 3 redirects www.mrrebates.com — Cisco Umbrella Rank: 544171	232 KB
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 320	97 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 427	17 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	337 B
1	cookie-script.com eu.cookie-script.com — Cisco Umbrella Rank: 80170	4 KB
1	travis.com 1 redirects www.travis.com	146 B
62	8

	Domain	Requested by
23	s3.us-east-1.amazonaws.com	www.mrrebates.com
22	www.mrrebates.com	3 redirects www.mrrebates.com
11	s3.amazonaws.com	www.mrrebates.com
3	fonts.gstatic.com	fonts.googleapis.com
2	ssl.google-analytics.com	1 redirects www.mrrebates.com
2	fonts.googleapis.com	www.mrrebates.com
1	stats.g.doubleclick.net	www.mrrebates.com
1	eu.cookie-script.com	www.mrrebates.com
1	ajax.googleapis.com	www.mrrebates.com
1	www.travis.com	1 redirects
62	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
cookie-script.com

Subject Issuer	Validity	Valid
mrrebates.com Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-18` - `2023-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.mrrebates.com/Default.asp
Frame ID: 2C6B7DD760509D5AD827E6C9138AC911
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr. Rebates - Cash Back Shopping at 3000+ Stores

Page URL History Show full URLs

https://www.travis.com/ HTTP 302
http://www.mrrebates.com/?refid=444459 HTTP 302
https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
http://www.mrrebates.com/ HTTP 302
https://www.mrrebates.com/Default.asp Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

711 kB
Transfer

1132 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mrrebates
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/MrRebates
Title: Twitter

Search URL Search Domain Scan URL

URL: https://cookie-script.com/
Title: Free cookie consent by cookie-script.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.travis.com/ HTTP 302
http://www.mrrebates.com/?refid=444459 HTTP 302
https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
http://www.mrrebates.com/ HTTP 302
https://www.mrrebates.com/Default.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=623360129&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr.%20Rebates%20-%20Cash%20Back%20Shopping%20at%203000%2B%20Stores&utmhid=1869317015&utmr=-&utmp=%2FDefault.asp&utmht=1684578919164&utmac=UA-2785414-1&utmcc=__utma%3D144528489.1766287416.1684578919.1684578919.1684578919.1%3B%2B__utmz%3D144528489.1684578919.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=180674845&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1766287416.1684578919&jid=180674845&_v=5.7.2&z=623360129

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Default.asp Show response
www.mrrebates.com/
Redirect Chain

https://www.travis.com/
http://www.mrrebates.com/?refid=444459
https://www.mrrebates.com/Default.asp?refid=444459
http://www.mrrebates.com/
https://www.mrrebates.com/Default.asp

34 KB
8 KB

136ms
135ms

Document
text/html

64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

1975cfa271fae7681e3731debaf7de670e7143083e7d7810551c12082c0d40a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 7885
Content-Type: text/html
Date: Sat, 20 May 2023 10:35:16 GMT
Server: Microsoft-IIS/7.0
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 158
Content-Type: text/html
Date: Sat, 20 May 2023 10:35:16 GMT
Location: https://www.mrrebates.com/Default.asp
Server: Microsoft-IIS/7.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

GET
H/1.1 200
OK autocomplete.css
www.mrrebates.com/css/ 2 KB
1009 B 100ms
99ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/autocomplete.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:31 GMT
Server: Microsoft-IIS/7.0
ETag: "73633dfaa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 688

GET
H/1.1 200
OK foundation.css
www.mrrebates.com/css/ 78 KB
20 KB 229ms
126ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:40 GMT
Server: Microsoft-IIS/7.0
ETag: "637a6814aa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19680

GET
H/1.1 200
OK foundation-icons.css
www.mrrebates.com/css/ 20 KB
5 KB 399ms
204ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation-icons.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:01 GMT
Server: Microsoft-IIS/7.0
ETag: "3e466fda944d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4880

GET
H/1.1 200
OK app_04_02_23.css
www.mrrebates.com/css/ 30 KB
7 KB 400ms
204ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/app_04_02_23.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

09fc5372a0dcaa9d0d62457c4f725e2a820d89a0aae0e6d7ed8d3e28ee86098a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 03:50:33 GMT
Server: Microsoft-IIS/7.0
ETag: "8ea4ec70df65d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6624

GET
H/1.1 200
OK motion-ui.css
www.mrrebates.com/css/ 19 KB
3 KB 397ms
200ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/motion-ui.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:28 GMT
Server: Microsoft-IIS/7.0
ETag: "b31a84daa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2934

GET
H/1.1 200
OK balloon.css
www.mrrebates.com/css/ 8 KB
2 KB 318ms
110ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/balloon.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Nov 2019 19:59:33 GMT
Server: Microsoft-IIS/7.0
ETag: "959e85dbcaa3d51:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1470

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 136ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8387be45312794b59f9248e0431a2005972ef84b520fd41a892146b267314a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 10:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 10:35:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 10:35:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
563 B 137ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Baloo+Paaji

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a146af07daafb63859b01378d9924e59b95f73d6d1cb4e503b9f9d37ca56be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 May 2023 10:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 May 2023 10:35:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 May 2023 10:35:18 GMT

GET
H/1.1 200
OK common_functions.js Show response
www.mrrebates.com/includes/ 3 KB
1 KB 314ms
104ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/includes/common_functions.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Oct 2018 20:08:29 GMT
Server: Microsoft-IIS/7.0
ETag: "eed23a538c70d41:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 984

GET
H/1.1 200
OK MrRebates_SmBlackGrn3.gif
s3.amazonaws.com/mr.basics/ 7 KB
7 KB 361ms
121ms Image
image/gif 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/MrRebates_SmBlackGrn3.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f7908da05a461f55cdf943e69bacc4fb8c21e112354b432905ea961cfd0cc971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 11 Nov 2019 21:06:10 GMT
Server: AmazonS3
x-amz-request-id: 3AXP7Y9SZA00GBSR
ETag: "e091e923ef5c74f624b04d58add00ec2"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 6772
x-amz-id-2: nouHI5x1cq5anB/P0D+JvYIhd3JZMbIbrqvV6Bt8fobuACVLlQnmo51+n39KuvIc7Aaoo/q+X1E=
x-amz-meta-s3b-last-modified: 20161101T032100Z

GET
H/1.1 200
OK walmart_120_60.png
s3.amazonaws.com/mr.logos.2/ 4 KB
4 KB 367ms
128ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/walmart_120_60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 01 Feb 2021 05:50:33 GMT
Server: AmazonS3
x-amz-request-id: 3AXXFCC3NBVN5XSX
ETag: "bc2a78fb6eb378037206d501d7f82048"
x-amz-meta-sha256: 0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3921
x-amz-id-2: hjxanukeIauvEfK0Fhkx+f77HK+kbIkiIy6+/Xd6Afcp9F/Pok4o7NXIQT61pDdOkW5MfC9ArLI=
x-amz-meta-s3b-last-modified: 20210201T055027Z

GET
H/1.1 200
OK macys_120_60.png
s3.amazonaws.com/mr.logos.2/ 3 KB
3 KB 363ms
124ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/macys_120_60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 02 Dec 2019 01:36:39 GMT
Server: AmazonS3
x-amz-request-id: 3AXTCXBTZBBS54MN
ETag: "ac947845bd19df687f4a3a22272cbb37"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2932
x-amz-id-2: PGF0q0gvTt+wsVgrlaEfWoZ4bWEwzRy4dEMS6QDVCisP9e1MZjN2ulIFqclO7LxwxRBAxMA+pY4=
x-amz-meta-s3b-last-modified: 20191202T013542Z

GET
H/1.1 200
OK ebay.gif
s3.amazonaws.com/mr.logos.2/ 5 KB
5 KB 364ms
125ms Image
image/gif 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/ebay.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 07 Oct 2019 23:32:56 GMT
Server: AmazonS3
x-amz-request-id: 3AXT3NV2ACZKKQ5D
ETag: "9b744c7988833ef3f9a1f06d391402f1"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 5165
x-amz-id-2: /+eTpq3jCzv7nhHGmcf9hviqVZbGeD4iP3/L+4ccfPDmDNuxL5fvkTUIGWAUuA6DTifesK/sym8=
x-amz-meta-s3b-last-modified: 20161031T161200Z

GET
H/1.1 200
OK default_splash_large.png
s3.amazonaws.com/mr.basics/ 19 KB
19 KB 367ms
129ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/default_splash_large.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94ff552a3ed464e2f926cef32831ead100c8f7440edd8f74d0e86857de7dc2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 11 Nov 2019 20:50:27 GMT
Server: AmazonS3
x-amz-request-id: 3AXT7MKFWZA85Y9P
ETag: "9d2b14ca5a76f5c07a3efbff91b88fbd"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19552
x-amz-id-2: YG9ZN8WCr9uMreZRvnBlX1GjWt3uwLPWZphxCy/cnFdJcN29shCji+L7nHhqEKy6O12KGZc4YOM=
x-amz-meta-s3b-last-modified: 20190124T230000Z

GET
H/1.1 200
OK default_splash_medium.png
s3.amazonaws.com/mr.basics/ 14 KB
14 KB 369ms
130ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/default_splash_medium.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 14e201c29cbdde20437efc6ef0435f4cd99e4110a720a8866130ee8200255ca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 11 Nov 2019 20:50:27 GMT
Server: AmazonS3
x-amz-request-id: 3AXXYDBY4F8M1YKJ
ETag: "5da00e353a990f6955890606caeeebef"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13973
x-amz-id-2: itnqNfbcWdtzXPseU/JMLoKvUYkIvMC+uvOCzbbWe0cWZuQcvRwZQy+uo2yGYcyuaWVt58AmruU=
x-amz-meta-s3b-last-modified: 20190124T230000Z

GET
H/1.1 200
OK default_splash_small.png
s3.amazonaws.com/mr.basics/ 12 KB
13 KB 121ms
119ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/default_splash_small.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d395131eb0423d0ab744514b3519df008038a5438c08cd33f748e68ce6fff9f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 11 Nov 2019 20:50:28 GMT
Server: AmazonS3
x-amz-request-id: 3AXJYS4DADF91FP5
ETag: "f49e79d3c155045883900de0abc8aa31"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 12522
x-amz-id-2: qD5XYzMn+TTnxl27u7n7g/aDgX9MVrsZNn/HyYYux1j9OJ943wD1YLa7lTk++nCh/gwPumlITvk=
x-amz-meta-s3b-last-modified: 20190124T230000Z

GET
H/1.1 200
OK company_store_05192023.png
s3.us-east-1.amazonaws.com/mr.hero/ 92 KB
93 KB 561ms
133ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.hero/company_store_05192023.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5d4b88c2d429d99933d04159d31bcf0f5b327f1aa4c4aae422b232027a05f563

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 15 May 2023 15:48:29 GMT
Server: AmazonS3
x-amz-request-id: 3AXKJSVXCEVFRK0G
ETag: "0514624aa1a642c81f32fd157eafad5c"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 5d4b88c2d429d99933d04159d31bcf0f5b327f1aa4c4aae422b232027a05f563
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 94505
x-amz-id-2: 8yqNbydikG9MSF+oTnd0WOqDtUTtqihC8Yf+x2MOs8e1bqCkH5A7WM7Hx5Ltf/CnKXqVQPlqCmw=
x-amz-meta-s3b-last-modified: 20230515T154821Z

GET
H/1.1 200
OK ihg_hotels_resorts_120x60.png
s3.amazonaws.com/mr.logos.2/ 2 KB
3 KB 118ms
117ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/ihg_hotels_resorts_120x60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b2d87042736b98b6c5a6b808dfca1a355a36c5fd70ea7d7d432d082ed9e4e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Tue, 16 Feb 2021 22:44:34 GMT
Server: AmazonS3
x-amz-request-id: 3AXQYADPXJ15K7J7
ETag: "aad458accc8b2f1c2b3e5f7cdaead062"
x-amz-meta-sha256: 1b2d87042736b98b6c5a6b808dfca1a355a36c5fd70ea7d7d432d082ed9e4e24
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2535
x-amz-id-2: 4Rdg6Qqh9s5vcw1zvRTRrzF6i9xeRF+DZ61ZyAqpDYOCtIq4pRBtNoj2Ie1lPmxi50h0h04hHNQ=
x-amz-meta-s3b-last-modified: 20210216T224237Z

GET
H/1.1 200
OK evenflo_120x60.png
s3.us-east-1.amazonaws.com/mr.logos.2/ 4 KB
5 KB 552ms
123ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.2/evenflo_120x60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 39e272c6aa4cbf2e548b370909e5532c56d4e4c1a9eae2d3ef0ed12bc90539cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Wed, 09 Feb 2022 20:22:34 GMT
Server: AmazonS3
x-amz-request-id: 3AXQM9E0Q4RQWEKJ
ETag: "3f86646437d5172d8f0a3ba885eeeaa0"
x-amz-meta-sha256: 39e272c6aa4cbf2e548b370909e5532c56d4e4c1a9eae2d3ef0ed12bc90539cb
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4337
x-amz-id-2: QUvOGJ7xdhLEADVZUWpINQcsdjQwXzMauoYMPpFYrQ8dVXrLjhADbJH4s0FSFFFyV1U2N5zpAbk=
x-amz-meta-s3b-last-modified: 20220209T202200Z

GET
H/1.1 200
OK hsn_05152023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 13 KB
13 KB 376ms
128ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/hsn_05152023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8196834bc201e710e0e1a779f7f492ea901e5ac432d3240cff8578774bbe1805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Fri, 12 May 2023 18:17:33 GMT
Server: AmazonS3
x-amz-request-id: 3AXYFRJJNNCH7VYR
ETag: "58fa2f2de2d0b34c48a2eca5c5a7907e"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8196834bc201e710e0e1a779f7f492ea901e5ac432d3240cff8578774bbe1805
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 13282
x-amz-id-2: dMjYWq4IWDnpnkvC/5BevJoxeAViq7etAMdYy0WRNO0aGPJZvz3nUbneNnHCioKyw1CuU67Y290=
x-amz-meta-s3b-last-modified: 20230512T181400Z

GET
H/1.1 200
OK farfetch_logo_2023.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 2 KB
3 KB 356ms
127ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/farfetch_logo_2023.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bdb96a3223f36428c528b50b3aea1d9fc5678a70b3e06a0c9c174fdf0407e0e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Thu, 05 Jan 2023 21:20:24 GMT
Server: AmazonS3
x-amz-request-id: 3AXV18VVDGA7C2CC
ETag: "6dc82ebbbf05e3111ac67ef00b2b1255"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: bdb96a3223f36428c528b50b3aea1d9fc5678a70b3e06a0c9c174fdf0407e0e6
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2230
x-amz-id-2: bM6PyCX5LyK2Qn7rHZjbNjJWX+lwnU3mK4BApunU/tQ+Hu5iffKqmW08IpLZBgvKHvN7qUzgsYk=
x-amz-meta-s3b-last-modified: 20230105T212011Z

GET
H/1.1 200
OK sams_club_logo_2019.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 4 KB
5 KB 181ms
123ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/sams_club_logo_2019.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 608c741d90aeddbe75ba154c3939f0ff93889e0a47cbcd062b9add1954f096f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Fri, 11 Oct 2019 18:31:22 GMT
Server: AmazonS3
x-amz-request-id: 3AXRDECK7QJKXPZ6
ETag: "aa39cc88de1cb87a626d8f6d77201101"
x-amz-meta-sha256: 608c741d90aeddbe75ba154c3939f0ff93889e0a47cbcd062b9add1954f096f4
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4561
x-amz-id-2: lf35c72KA45j8pytyTqKBUV3PN9T2D2WtPQVkbNfkTzbGe6710/sILW8QaHo7n/6GOt3LVdvgYU=
x-amz-meta-s3b-last-modified: 20191011T183059Z

GET
H/1.1 200
OK samsung_05152023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 4 KB
5 KB 323ms
143ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/samsung_05152023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4233e4c38f5d22dbb97e29ead54fa5c4572c9de8d0935f79858658a9bde43720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Thu, 04 May 2023 21:58:18 GMT
Server: AmazonS3
x-amz-request-id: 3AXN9FZZN2YG75FW
ETag: "e6e5f6a987fcf685537dd6f4eabeacd9"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4233e4c38f5d22dbb97e29ead54fa5c4572c9de8d0935f79858658a9bde43720
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4168
x-amz-id-2: vUA4NSy0at4BIErEZCpaaMz96UbxdKF/QUf6Q7S/OW+pLvt/L3TcuoibDDGUo+L24U076s4gfJw=
x-amz-meta-s3b-last-modified: 20230504T215435Z

GET
H/1.1 200
OK uniqlo_logo.png
s3.us-east-1.amazonaws.com/mr.newsletter/ 1 KB
2 KB 164ms
119ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.newsletter/uniqlo_logo.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2835d845173f23524c73c47d8f8a6f0173a8c5304da768d207b5f0dcfb67bff4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Wed, 15 Dec 2021 17:16:51 GMT
Server: AmazonS3
x-amz-request-id: 3AXZ5Q22EPPTNK0B
ETag: "223a82664e647f08b961d703516befd0"
x-amz-meta-sha256: 2835d845173f23524c73c47d8f8a6f0173a8c5304da768d207b5f0dcfb67bff4
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1325
x-amz-id-2: HCbhFo1t5coH8O8Q3lwRA928GbbUhQjzWybFG+hxyFM6Op4RdJY+8XaNF70SYujw8uggGL76R7w=
x-amz-meta-s3b-last-modified: 20211215T170900Z

GET
H/1.1 200
OK gap_logo_2019.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 2 KB
3 KB 179ms
120ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/gap_logo_2019.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c3fa7ca49559e200b5f4e76c0e8c57b5f933f35723668eaf7d992c7bafddd48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:32 GMT
Server: AmazonS3
x-amz-request-id: 3AXZQ9Q43WN5DH2E
ETag: "f08ed7ef15c74a5a5de4c38478b902f7"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2473
x-amz-id-2: q521jJcNDI4xzQEPGPCexUFCWmolwKx9WnWjkIgXuc4uFU5v7aob1OVwPwl8yx89GFN+Z+vu7eU=
x-amz-meta-s3b-last-modified: 20190906T194400Z

GET
H/1.1 200
OK choice_hotels_logo_2020.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 10 KB
11 KB 282ms
119ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/choice_hotels_logo_2020.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 10b22f22db99bf2fd9d8cf54ef54659a4d3c12f9d5b292055a84faef0b94544b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Fri, 07 Feb 2020 20:11:47 GMT
Server: AmazonS3
x-amz-request-id: 3AXKDNT1ARCYHWTC
ETag: "f69d5075b31aa721693e577bfe0da8a8"
x-amz-meta-sha256: 10b22f22db99bf2fd9d8cf54ef54659a4d3c12f9d5b292055a84faef0b94544b
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 10675
x-amz-id-2: GCDYY9x4N6f4Wpg7BFAPGqUETmcI29XlzU9lEP99EKDEgU/q9k79c8wpll+cpUNWezE6LAryL64=
x-amz-meta-s3b-last-modified: 20200207T201100Z

GET
H/1.1 200
OK expedia_logo.jpg
s3.us-east-1.amazonaws.com/mr.newsletter/ 20 KB
21 KB 130ms
129ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.newsletter/expedia_logo.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3fc1dc7f0ce8758b4b49b949f98405490747ba4a1859a2cf729805be6ccaeb89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Sat, 02 Nov 2019 19:31:51 GMT
Server: AmazonS3
x-amz-request-id: 3AXM93EVVMTQ0PSK
ETag: "00b4dbacd513a090b5b953beec2aad50"
x-amz-meta-sha256: 3fc1dc7f0ce8758b4b49b949f98405490747ba4a1859a2cf729805be6ccaeb89
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20664
x-amz-id-2: Xp0qL87VcVgqjx2vinI3cZY1+79JSEdl8ZxEH0qMqTBttcjpgFYBGY1Vwsoheg0rU3z74RfY9W4=
x-amz-meta-s3b-last-modified: 20161214T163317Z

GET
H/1.1 200
OK macys_logo_2019.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 10 KB
10 KB 297ms
118ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/macys_logo_2019.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 539f7785660d9419ffc3a0956eebc8eae001b4658896736a84d61030844db2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:43 GMT
Server: AmazonS3
x-amz-request-id: 3AXWFV8GG7AAJ26V
ETag: "310004b54a80026b3c4193853628be3a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9954
x-amz-id-2: 3Jr9o9awoeiSy3KRjh05xgTIXjdtoRQgyhgdTuh0o4n3GwYl1AcGFdeYKYNqIWGFYsLimXsdFdc=
x-amz-meta-s3b-last-modified: 20190829T193100Z

GET
H/1.1 200
OK sephora_logo.gif
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 2 KB
2 KB 310ms
125ms Image
image/gif 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/sephora_logo.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0dd06af69a9196d817f820ecff229eb7dd8aab30e8f28020b6d909bd16285cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Fri, 07 Feb 2020 23:37:46 GMT
Server: AmazonS3
x-amz-request-id: 3AXN262BWQV1AR4V
ETag: "ab60038177f3d8c85bad343dc4c71dc7"
x-amz-meta-sha256: 0dd06af69a9196d817f820ecff229eb7dd8aab30e8f28020b6d909bd16285cf3
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1929
x-amz-id-2: t3ATNpxRZUWaMQMJYeCvFvkPDdhXqp57udNnQWZWUhOCnwb7mkwMOUZCgnZR/qmHSpEMXFIDymY=
x-amz-meta-s3b-last-modified: 20200207T233746Z

GET
H/1.1 200
OK home_depot_05182023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 7 KB
7 KB 160ms
130ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/home_depot_05182023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ec50cf3d5f4a18b57708091a40115b9ec2128c3b7003221da119e7f91dcd0cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Thu, 11 May 2023 16:44:48 GMT
Server: AmazonS3
x-amz-request-id: 3AXHR564TS1KVDZH
ETag: "01f72e067a5ae4316d64079b8cba41f7"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: ec50cf3d5f4a18b57708091a40115b9ec2128c3b7003221da119e7f91dcd0cd0
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6764
x-amz-id-2: 62ELvF/rZRXnwVH/Q4db5DHbakP3n+pTgg0daRSYqZneJcW44DaqajxSfgmPYZnBXJt16gbNyzY=
x-amz-meta-s3b-last-modified: 20230511T164441Z

GET
H/1.1 200
OK ihg_logo_2021.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
4 KB 125ms
124ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/ihg_logo_2021.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Fri, 30 Apr 2021 19:24:47 GMT
Server: AmazonS3
x-amz-request-id: 3AXPJD9J5SSHNBFN
ETag: "d16595a6fb197d881aacffded688e43f"
x-amz-meta-sha256: ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3336
x-amz-id-2: 6kTifKS+4dDlsjjRaunTigF3yRpI1oKs57KvVfuy/iDfZhZ6Fz4iTt5acJr4K5roJZhzZYohdWM=
x-amz-meta-s3b-last-modified: 20210430T192439Z

GET
H/1.1 200
OK joes_new_balance_outlet_logo.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 4 KB
4 KB 130ms
128ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/joes_new_balance_outlet_logo.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cf29b076bed61befb2fdcd955d1e08834198ff206107bca15f1602980763a8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Tue, 24 Jan 2023 22:41:16 GMT
Server: AmazonS3
x-amz-request-id: YR0JAWHQCWRDG7HA
ETag: "3e9d48e87933ca93d56c4591252c2730"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: cf29b076bed61befb2fdcd955d1e08834198ff206107bca15f1602980763a8f0
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3844
x-amz-id-2: gD6HuIby0MO77dSEj6N2n4I6l8BjAUINoAy8Ov3GUW5U2s/Whsmb9taZ0Ue7CLcyAqiEV09Gcho=
x-amz-meta-s3b-last-modified: 20230124T224024Z

GET
H/1.1 200
OK blue_apron_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 4 KB
4 KB 123ms
122ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/blue_apron_logo.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b717e95348d8f53774d1702b4300df0b3d769fc23acd141eda57b5b216ecb367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Fri, 12 May 2023 20:59:08 GMT
Server: AmazonS3
x-amz-request-id: YR0HCZDZ7K374JCY
ETag: "5e8ce6941412bd7ffecc0c9e18645049"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: b717e95348d8f53774d1702b4300df0b3d769fc23acd141eda57b5b216ecb367
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3798
x-amz-id-2: t5tH1qoErYG6efRnTe42sGQlexG+iPguZT1PX1j8vSG5QReNZWlVLLoR4UUuTgD2D4OdRYQk1yg=
x-amz-meta-s3b-last-modified: 20230512T205821Z

GET
H/1.1 200
OK hanna_andersson_logo_2023.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 6 KB
7 KB 119ms
118ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/hanna_andersson_logo_2023.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1fb5497804d43dc52be5deee6f02b7165efd470a5df197d2fcc5d988a06dae53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Mon, 13 Mar 2023 20:14:16 GMT
Server: AmazonS3
x-amz-request-id: YR0P6608KQA0937D
ETag: "d802ca842e843ea2f4930d8816e41093"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1fb5497804d43dc52be5deee6f02b7165efd470a5df197d2fcc5d988a06dae53
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6620
x-amz-id-2: Y/9wUkYyvls1N0BMCEWl9y3INpGsDG3CvmZRZ1qgUxwVFScrKWZAtEQSVA4+7H6DPjIlWu1JFTk=
x-amz-meta-s3b-last-modified: 20230227T200609Z

GET
H/1.1 200
OK cabelas_logo.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 7 KB
7 KB 125ms
125ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/cabelas_logo.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b7df32bb0ed375bea73b5ca4ec9b49f02bd2d567bdf966d2b981726f52c321ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Fri, 08 Oct 2021 19:48:49 GMT
Server: AmazonS3
x-amz-request-id: YR0ZH84AZYBEK12K
ETag: "c030d632c61808ee4583ed99beeb8770"
x-amz-meta-sha256: b7df32bb0ed375bea73b5ca4ec9b49f02bd2d567bdf966d2b981726f52c321ff
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6949
x-amz-id-2: /AZ6IbnSG0hlM2Jvdl0O+b3SRQntbrW004FwBLMlV5kNzmY+WldtAwx2WleFNta48paTtJaBuhU=
x-amz-meta-s3b-last-modified: 20190521T214600Z

GET
H/1.1 200
OK jvn_hair_88x31.png
s3.amazonaws.com/mr.logos.1/ 2 KB
3 KB 123ms
122ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.1/jvn_hair_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 55f7bddd536dcbd99541a1336659525ab435af1ece6f30ac1993dc0e6932bd69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Wed, 16 Mar 2022 20:49:18 GMT
Server: AmazonS3
x-amz-request-id: 3AXP77ENXGJFYWK0
ETag: "b829e9aba2916ccad636da7dbeca3649"
x-amz-meta-sha256: 55f7bddd536dcbd99541a1336659525ab435af1ece6f30ac1993dc0e6932bd69
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2433
x-amz-id-2: VEqSFOmA6d4MM0jmkVwvjqdDyVXNFQD9hmbBhJbPBhffn8NhSsDpi0rH7gszpyPM4xXOS8sYV9E=
x-amz-meta-s3b-last-modified: 20220316T204817Z

GET
H/1.1 200
OK temu_88x31.jpg
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
2 KB 120ms
120ms Image
image/jpeg 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/temu_88x31.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9cf3b0af20e5a67ac04c931fba24f09b9b8fb2a488d0ed1a0b88e336283bd025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Wed, 17 May 2023 20:31:53 GMT
Server: AmazonS3
x-amz-request-id: YR0YG2SRYZ6S21AE
ETag: "34af564e0418af58a81860208ab6d74b"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 9cf3b0af20e5a67ac04c931fba24f09b9b8fb2a488d0ed1a0b88e336283bd025
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1939
x-amz-id-2: 9eDWM85clJ745/EDNwv9XJ0otSEptJdvpjkgAFhhYNa5W2XdDFymFI40nhDH39UR5FfHqeM89sw=
x-amz-meta-s3b-last-modified: 20230517T203102Z

GET
H/1.1 200
OK lume_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
2 KB 116ms
116ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/lume_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b65ca8b0d7901a2db051f12b51d10018573175b32712d28903c86db0ed9ac1ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Wed, 17 May 2023 20:43:37 GMT
Server: AmazonS3
x-amz-request-id: YR0RA2RF3QG4FJA9
ETag: "7c8c966f0a1f6b06b583d5dfcdcdae36"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: b65ca8b0d7901a2db051f12b51d10018573175b32712d28903c86db0ed9ac1ee
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1941
x-amz-id-2: ECD0GfUMwXI3WUqhzG5KSDemqzl+4i/ElyVG1pEqGtbWqa7rfwOGi71sbNXltc1oTY66UfXGBYc=
x-amz-meta-s3b-last-modified: 20230517T204239Z

GET
H/1.1 200
OK muk_luks_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 4 KB
4 KB 119ms
118ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/muk_luks_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9e25557f970900846e7d807179a53a3ee75908d02ba9338e9d9043d3e20b7e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Wed, 17 May 2023 20:57:58 GMT
Server: AmazonS3
x-amz-request-id: YR0PC675FE5D4D53
ETag: "76762e05e21f6f7d7387e0a5e1e81cc3"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 9e25557f970900846e7d807179a53a3ee75908d02ba9338e9d9043d3e20b7e67
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3704
x-amz-id-2: ZtEqS2bnn4YPc+pXVXNYPPn7+3HGj+qvO1ZAtp5Qjh5EA3HkGUuOtF08VTmB1l3pKlfkv7lK4Xk=
x-amz-meta-s3b-last-modified: 20230517T205706Z

GET
H/1.1 200
OK cabeau_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
3 KB 119ms
118ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/cabeau_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ced2fe0d4410609ec6e9080de9444ccf4aeaa4d7dafc138962f0e433c5bed63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Wed, 17 May 2023 21:11:03 GMT
Server: AmazonS3
x-amz-request-id: YR0T3EY7PB0NB88E
ETag: "bbcc9a50e380d060f6b04f12603cf457"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 6ced2fe0d4410609ec6e9080de9444ccf4aeaa4d7dafc138962f0e433c5bed63
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2431
x-amz-id-2: 4t+NwpbKotBwueTardo3mt7Adv2HCC4oZTzSX3D69jYCvv3HF+wEQCIzZMEoksCtHXI0Q2jNxlE=
x-amz-meta-s3b-last-modified: 20230517T211018Z

GET
H/1.1 200
OK projects_watches_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 3 KB
3 KB 122ms
121ms Image
image/png 52.216.240.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/projects_watches_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.240.126 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cb45224963a8bf24a9ccede2cbde99e4acd0a3af9d8cde61acab1df056f531f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:20 GMT
Last-Modified: Wed, 17 May 2023 21:17:50 GMT
Server: AmazonS3
x-amz-request-id: YR0RWG36WRKNPW6F
ETag: "555bcaa68a20c3f46262a1eef0f554c1"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: cb45224963a8bf24a9ccede2cbde99e4acd0a3af9d8cde61acab1df056f531f8
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3046
x-amz-id-2: CzgYX5aLPTpNMQ8K0vlO20XuC+S9uysFi3EOkBhTvQSO6njTD6iVyFN94zqIVwYgMRlbmIewVXE=
x-amz-meta-s3b-last-modified: 20230517T211704Z

GET
H/1.1 200
OK Chrome_Icon_tiny.png
s3.amazonaws.com/mr.basics/ 493 B
897 B 115ms
114ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/Chrome_Icon_tiny.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Mon, 11 Nov 2019 21:11:58 GMT
Server: AmazonS3
x-amz-request-id: 3AXSTDNS88T0PGYX
ETag: "2dd7917117914767d869c2100764e9e6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 493
x-amz-id-2: T7352ZquocEbibS9bd/Z+y3lBE5WhqpAAVev3QJDV3+ieOFnbQFC3P9Kyt15R2T5lB5jypOEO5U=
x-amz-meta-s3b-last-modified: 20171201T203000Z

GET
H/1.1 200
OK jquery.js Show response
www.mrrebates.com/js/vendor/ 83 KB
38 KB 102ms
101ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/jquery.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:03 GMT
Server: Microsoft-IIS/7.0
ETag: "4792cb55f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 38298

GET
H/1.1 200
OK jquery.min.js Show response
www.mrrebates.com/js/vendor/ 82 KB
37 KB 315ms
312ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/jquery.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:02 GMT
Server: Microsoft-IIS/7.0
ETag: "e7d83055f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 37750

GET
H/1.1 200
OK what-input.min.js Show response
www.mrrebates.com/js/vendor/ 2 KB
1 KB 106ms
104ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/what-input.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:01 GMT
Server: Microsoft-IIS/7.0
ETag: "871f9654f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 995

GET
H/1.1 200
OK foundation.min.js Show response
www.mrrebates.com/js/ 91 KB
31 KB 195ms
195ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:18 GMT
Server: Microsoft-IIS/7.0
ETag: "2722493bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 31728

GET
H/1.1 200
OK app.js Show response
www.mrrebates.com/js/ 25 B
480 B 104ms
104ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/app.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:20 GMT
Server: Microsoft-IIS/7.0
ETag: "27b1403cf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 142

GET
H/1.1 200
OK foundation.equalizer.js Show response
www.mrrebates.com/js/foundation/ 3 KB
2 KB 97ms
97ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation/foundation.equalizer.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:45 GMT
Server: Microsoft-IIS/7.0
ETag: "c78584bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1260

GET
H/1.1 200
OK foundation.dropdown.js Show response
www.mrrebates.com/js/foundation/ 11 KB
4 KB 97ms
97ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation/foundation.dropdown.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:46 GMT
Server: Microsoft-IIS/7.0
ETag: "e784f74bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3589

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
95 KB 133ms
37ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 09:58:44 GMT
x-content-type-options: nosniff
age: 2194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96381
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 09:58:44 GMT

GET
H/1.1 200
OK jquery.autocompleter.js Show response
www.mrrebates.com/js/ 33 KB
9 KB 209ms
209ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/jquery.autocompleter.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:17 GMT
Server: Microsoft-IIS/7.0
ETag: "8720a03af833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 8889

GET
H/1.1 200
OK ac_stores.js Show response
www.mrrebates.com/js/ 95 KB
29 KB 102ms
101ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/ac_stores.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

607f2d61829fc3babd0a0bf8748e4814a87f6f8ccb8cc4126e68fa1be7a70376

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 May 2023 01:32:24 GMT
Server: Microsoft-IIS/7.0
ETag: "901c5edba8ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 29837

GET
H/1.1 200
OK ac_create.js Show response
www.mrrebates.com/js/ 1 KB
795 B 97ms
96ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/ac_create.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:19 GMT
Server: Microsoft-IIS/7.0
ETag: "67acc93bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 457

GET
H2 200 43b83f81b3c085a4cb6db4ed98b96827.js Show response
eu.cookie-script.com/s/ 12 KB
4 KB 192ms
44ms Script
application/javascript 185.14.184.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.cookie-script.com/s/43b83f81b3c085a4cb6db4ed98b96827.js
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.14.184.154 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 20 May 2023 10:35:18 GMT
content-encoding: gzip
last-modified: Fri, 19 May 2023 13:32:57 GMT
x-cache-status: HIT
content-length: 3709
content-type: application/javascript

GET
H/1.1 200
OK mrjoinnow_back.png
s3.amazonaws.com/mr.basics/ 1 KB
1 KB 138ms
137ms Image
image/png 52.217.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/mrjoinnow_back.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/css/app_04_02_23.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.18.38 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d6ca7215271d6591cdc77453bff45189926b0e64d4513ade7a25c090ad3ec63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:19 GMT
Last-Modified: Thu, 05 Nov 2020 01:32:13 GMT
Server: AmazonS3
x-amz-request-id: 3AXSW240YZR5BWCY
ETag: "023463bc1c98c9979780d45985c79318"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1036
x-amz-id-2: Jqs61Qpvlu7WxQU1sBJELz1NF/0B+OM4++jtgVB7A/fHMJf+MOzNbRQgermmpvYe6kq3prpXjE8=
x-amz-meta-s3b-last-modified: 20161111T183900Z

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 25 KB
26 KB 116ms
36ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:33:40 GMT
x-content-type-options: nosniff
age: 565298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 21:33:40 GMT

GET
H2 200 8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2
fonts.gstatic.com/s/baloopaaji/v21/ 25 KB
25 KB 165ms
85ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloopaaji/v21/8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baloo+Paaji

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 18:25:32 GMT
x-content-type-options: nosniff
age: 576586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25900
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 18:25:32 GMT

GET
H/1.1 200
OK foundation-icons.woff
www.mrrebates.com/css/ 31 KB
32 KB 203ms
203ms Font
application/x-font-woff 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation-icons.woff

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/css/foundation-icons.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mrrebates.com/css/foundation-icons.css
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 10:35:17 GMT
Last-Modified: Sat, 14 Oct 2017 05:05:37 GMT
Server: Microsoft-IIS/7.0
ETag: "a386913aa44d31:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Accept-Ranges: bytes
Content-Length: 32020

GET
H2 200 u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2
fonts.gstatic.com/s/cabin/v26/ 16 KB
16 KB 131ms
73ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 23:02:04 GMT
x-content-type-options: nosniff
age: 559994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16732
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 23:02:04 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 128ms
36ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrrebates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 May 2023 08:51:51 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6208
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 20 May 2023 10:51:51 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=623360129&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1766287416.1684578919&jid=180674845&_v=5.7.2&z=623360129

35 B
337 B

57ms
19ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1766287416.1684578919&jid=180674845&_v=5.7.2&z=623360129

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 20 May 2023 10:35:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 20 May 2023 10:35:19 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1766287416.1684578919&jid=180674845&_v=5.7.2&z=623360129
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.mrrebates.com/Default.asp(Line 664) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.mrrebates.com/Default.asp(Line 664) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
eu.cookie-script.com
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.mrrebates.com
www.travis.com
185.14.184.154
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
52.216.240.126
52.217.18.38
64.106.178.205
69.163.153.22
074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d
09fc5372a0dcaa9d0d62457c4f725e2a820d89a0aae0e6d7ed8d3e28ee86098a
0c3fa7ca49559e200b5f4e76c0e8c57b5f933f35723668eaf7d992c7bafddd48
0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
0dd06af69a9196d817f820ecff229eb7dd8aab30e8f28020b6d909bd16285cf3
10b22f22db99bf2fd9d8cf54ef54659a4d3c12f9d5b292055a84faef0b94544b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14e201c29cbdde20437efc6ef0435f4cd99e4110a720a8866130ee8200255ca4
19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48
1975cfa271fae7681e3731debaf7de670e7143083e7d7810551c12082c0d40a9
1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9
1b2d87042736b98b6c5a6b808dfca1a355a36c5fd70ea7d7d432d082ed9e4e24
1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca
1fb5497804d43dc52be5deee6f02b7165efd470a5df197d2fcc5d988a06dae53
2835d845173f23524c73c47d8f8a6f0173a8c5304da768d207b5f0dcfb67bff4
3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e
39e272c6aa4cbf2e548b370909e5532c56d4e4c1a9eae2d3ef0ed12bc90539cb
3fc1dc7f0ce8758b4b49b949f98405490747ba4a1859a2cf729805be6ccaeb89
40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be
4233e4c38f5d22dbb97e29ead54fa5c4572c9de8d0935f79858658a9bde43720
4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9
439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375
49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2
539f7785660d9419ffc3a0956eebc8eae001b4658896736a84d61030844db2fd
55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90
55f7bddd536dcbd99541a1336659525ab435af1ece6f30ac1993dc0e6932bd69
5d4b88c2d429d99933d04159d31bcf0f5b327f1aa4c4aae422b232027a05f563
607f2d61829fc3babd0a0bf8748e4814a87f6f8ccb8cc4126e68fa1be7a70376
608c741d90aeddbe75ba154c3939f0ff93889e0a47cbcd062b9add1954f096f4
610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8
6ced2fe0d4410609ec6e9080de9444ccf4aeaa4d7dafc138962f0e433c5bed63
70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e
8196834bc201e710e0e1a779f7f492ea901e5ac432d3240cff8578774bbe1805
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8d6ca7215271d6591cdc77453bff45189926b0e64d4513ade7a25c090ad3ec63
94ff552a3ed464e2f926cef32831ead100c8f7440edd8f74d0e86857de7dc2d7
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801
9cf3b0af20e5a67ac04c931fba24f09b9b8fb2a488d0ed1a0b88e336283bd025
9e25557f970900846e7d807179a53a3ee75908d02ba9338e9d9043d3e20b7e67
9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e
a146af07daafb63859b01378d9924e59b95f73d6d1cb4e503b9f9d37ca56be94
aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b65ca8b0d7901a2db051f12b51d10018573175b32712d28903c86db0ed9ac1ee
b717e95348d8f53774d1702b4300df0b3d769fc23acd141eda57b5b216ecb367
b7df32bb0ed375bea73b5ca4ec9b49f02bd2d567bdf966d2b981726f52c321ff
bdb96a3223f36428c528b50b3aea1d9fc5678a70b3e06a0c9c174fdf0407e0e6
c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee
cb45224963a8bf24a9ccede2cbde99e4acd0a3af9d8cde61acab1df056f531f8
cf29b076bed61befb2fdcd955d1e08834198ff206107bca15f1602980763a8f0
d395131eb0423d0ab744514b3519df008038a5438c08cd33f748e68ce6fff9f5
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9
e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3
e8387be45312794b59f9248e0431a2005972ef84b520fd41a892146b267314a1
e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3
ec50cf3d5f4a18b57708091a40115b9ec2128c3b7003221da119e7f91dcd0cd0
ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
f7908da05a461f55cdf943e69bacc4fb8c21e112354b432905ea961cfd0cc971
f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde

www.mrrebates.com Open in urlscan Pro 64.106.178.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

50 %IPv6

8 Domains

10 Subdomains

9 IPs

4 Countries

711 kBTransfer

1132 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mrrebates.com Open in urlscan Pro
64.106.178.205 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

711 kB
Transfer

1132 kB
Size

0
Cookies

62 HTTP transactions
0 data transactions