urlscan.io logo urlscan.io
SecurityTrails logo

www.rbcwmpromos.com Open in urlscan Pro
137.116.32.213  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.rbcwmpromos.com/
Submission: On May 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 60 HTTP transactions. The main IP is 137.116.32.213, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.rbcwmpromos.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 20th 2022. Valid for: a year.
This is the only time www.rbcwmpromos.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 137.116.32.213 8075 (MICROSOFT...)
13 2606:2800:133... 15133 (EDGECAST)
6 104.16.95.80 13335 (CLOUDFLAR...)
4 13.225.78.35 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 52.222.236.93 16509 (AMAZON-02)
1 13.32.99.63 16509 (AMAZON-02)
1 54.146.120.141 14618 (AMAZON-AES)
60 9
19    137.116.32.213 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.rbcwmpromos.com
13    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
spponeimages.azureedge.net
6    104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)
app-sj30.marketo.com
4    13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net
consent.trustarc.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    52.222.236.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-93.fra56.r.cloudfront.net
consent-pref.trustarc.com
1    13.32.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-63.fra60.r.cloudfront.net
consent-st.trustarc.com
1    54.146.120.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-120-141.compute-1.amazonaws.com
prefmgr-cookie.truste-svc.net
Apex Domain
Subdomains		 Transfer
19 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 2889
consent-pref.trustarc.com — Cisco Umbrella Rank: 15664
consent-st.trustarc.com — Cisco Umbrella Rank: 33334
210 KB
19 rbcwmpromos.com
www.rbcwmpromos.com
605 KB
13 azureedge.net
spponeimages.azureedge.net — Cisco Umbrella Rank: 297255
853 KB
6 marketo.com
app-sj30.marketo.com — Cisco Umbrella Rank: 469621
144 KB
1 truste-svc.net
prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 34124
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
1 KB
60 6
Domain Requested by
19 www.rbcwmpromos.com www.rbcwmpromos.com
14 consent-pref.trustarc.com consent.trustarc.com
consent-pref.trustarc.com
www.rbcwmpromos.com
prefmgr-cookie.truste-svc.net
13 spponeimages.azureedge.net www.rbcwmpromos.com
6 app-sj30.marketo.com www.rbcwmpromos.com
app-sj30.marketo.com
4 consent.trustarc.com www.rbcwmpromos.com
consent.trustarc.com
1 prefmgr-cookie.truste-svc.net www.rbcwmpromos.com
1 consent-st.trustarc.com consent-pref.trustarc.com
1 fonts.googleapis.com www.rbcwmpromos.com
60 8

This site contains links to these domains. Also see Links.

Domain
www.staplespromo.com
spponeimages.azureedge.net
staplespromo.com
Subject Issuer Validity Valid
rbcwmpromos.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-06-14		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
app-sj30.marketo.com
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.truste-svc.net
Amazon RSA 2048 M01		 2023-04-23 -
2024-05-21		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.rbcwmpromos.com/
Frame ID: 42A845B63C75F8556DBA41A76C90C0DD
Requests: 41 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Frame ID: 8D4532906131D911C2D43885A5EC3346
Requests: 13 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Frame ID: A0F9BEAABC1044F4A49434EDE09313D4
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Frame ID: A47AFFD69E1A98A079E3E28419A331DE
Requests: 1 HTTP requests in this frame

Frame: https://app-sj30.marketo.com/index.php/form/XDFrame
Frame ID: EE58C66D2D978754B491344276EEC215
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 8F439DC5C6443ADD4C0FECDD3D5D2627
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RBC Wealth Management

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Page Statistics

60
Requests

98 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

9
IPs

3
Countries

1816 kB
Transfer

3751 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rbcwmpromos.com/ 		66 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
02e056f1de541f635ee43e7f84da990f88e758bc4c3421c7653bf5fdd7531d15
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
20204
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Content-Type
text/html; charset=utf-8
Date
Wed, 10 May 2023 12:47:32 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload max-age=31536000;includeSubDomains;redirectHttpToHttps
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
jquery
www.rbcwmpromos.com/bundles/ 		377 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/bundles/jquery?v=brvkvpKIMlvf23HGfjv1mtiJfPpdjviXSAqVjDmBFnw1
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a725fbc9d0cd17aa95561463dc5eee3606bbe0ec692ec000af00a4b88756f7cd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Wed, 10 May 2023 12:47:32 GMT
Date
Wed, 10 May 2023 12:47:32 GMT
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-Frame-Options
DENY
Cache-Control
public
Expires
Thu, 09 May 2024 12:47:32 GMT
bootstrap.min.css
www.rbcwmpromos.com/Views/Themes/RedPanda/Content/bootstrap/css/ 		118 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Views/Themes/RedPanda/Content/bootstrap/css/bootstrap.min.css
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee3e2ee232f9b6c47c3f06a2cdea044196963b87ce4d91eb823a80aca27a3d08
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:57:58 GMT
Date
Wed, 10 May 2023 12:47:32 GMT
ETag
"1D97CF5B8004F00"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
public
Accept-Ranges
bytes
Content-Length
27389
Expires
Thu, 11 May 2023 12:47:32 GMT
site.css
www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/ 		206 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d6cedf54ed40060eb4f1430549060a9e30df75eb09e9fa82d2913f1ff77308e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Wed, 26 Apr 2023 20:54:16 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D9788143568C00"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
public
Accept-Ranges
bytes
Content-Length
49531
Expires
Thu, 11 May 2023 12:47:33 GMT
bootstrap.min.js
www.rbcwmpromos.com/Views/Themes/RedPanda/Content/bootstrap/js/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Views/Themes/RedPanda/Content/bootstrap/js/bootstrap.min.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
11fb05cec237a37307acae14ef62372749501cd112a84049b36855876c62fd82
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:57:58 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5B8004F00"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
13226
Expires
Thu, 11 May 2023 12:47:33 GMT
event.min.js
www.rbcwmpromos.com/Views/Themes/RedPanda/Scripts/lib/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Views/Themes/RedPanda/Scripts/lib/event.min.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ede402fa7211fe1ed99b6ce8f631002a7ebcab6e24eed44367149beff6851fe
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:58:00 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5B9317C00"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
9687
Expires
Thu, 11 May 2023 12:47:33 GMT
CoreJs
www.rbcwmpromos.com/bundles/ 		211 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/bundles/CoreJs?v=Czb_H4TRRjPHxOEGkAvSQfpQLS4ciuDodR6juh-9i9k1
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8b9bfd23bccb5052b47140ddf81759afe96f12e864d0ed92d56b1a4da37f1d3c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Wed, 10 May 2023 12:47:33 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
Vary
User-Agent,Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Content-Length
54881
Expires
Thu, 09 May 2024 12:47:33 GMT
ZnodeCoreJs
www.rbcwmpromos.com/bundles/ 		327 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/bundles/ZnodeCoreJs?v=L9z3dsC6sGnRnD9dMdMuGuSZcsd-LWFQIZdLeeT_SGs1
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18fd58de9bfadc28afd4d379a76c4c14c075b32e1eb9bb2f1179e393391f9f88
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Wed, 10 May 2023 12:47:33 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-Frame-Options
DENY
Cache-Control
public
Expires
Thu, 09 May 2024 12:47:33 GMT
SPPCustomJs
www.rbcwmpromos.com/bundles/ 		441 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/bundles/SPPCustomJs?v=1tYqV9Q8YG58War-I8mwlDdQ1bL3nqWjWWMWbp0CXE01
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b5eab59ea5c7b8118e9e266ea8f888a2de6c688e22e67ad5b54ce07f43908c8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Wed, 10 May 2023 12:47:33 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
X-Frame-Options
DENY
Cache-Control
public
Expires
Thu, 09 May 2024 12:47:33 GMT
_LoginPartial.js
www.rbcwmpromos.com/Scripts/Core/Znode/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Scripts/Core/Znode/_LoginPartial.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08748d246aa8fdf126985b6fb83dd55be8f8f74d83c1b6d6df05039b4eb7c391
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:59:44 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5F72EA000"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
620
Expires
Thu, 11 May 2023 12:47:33 GMT
_WidgetSearch.js
www.rbcwmpromos.com/Scripts/Core/Znode/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Scripts/Core/Znode/_WidgetSearch.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
57f998c6f9d1d9c10a2d91b690dfdfb7ba5e3de4c29cfbcd4b22a4287394239f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:59:44 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5F72EA000"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
691
Expires
Thu, 11 May 2023 12:47:33 GMT
4de9a418-d3a5-4686-9742-3c98b2894ab3theIdeasStore_Logo.svg
spponeimages.azureedge.net/prod/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/4de9a418-d3a5-4686-9742-3c98b2894ab3theIdeasStore_Logo.svg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC4) /
Resource Hash
6699463ed1f2f899197cd4d6c57d19acd8b44b79b263a70b3e06c6fe0fde3dd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
content-md5
UGGyVWYgVoEC03CS503LAw==
age
134926
x-cache
HIT
content-length
8003
x-ms-lease-status
unlocked
last-modified
Wed, 08 Mar 2023 20:32:18 GMT
server
ECAcc (frc/4CC4)
etag
0x8DB2014365672AE
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
405eff64-401e-00db-6403-82762c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 17 May 2023 12:47:33 GMT
_WidgetHeader.js
www.rbcwmpromos.com/Scripts/Core/Znode/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Scripts/Core/Znode/_WidgetHeader.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c98d0a95c87560dfccd8f95bd3cf39c4894ee4ba2a096e88a5c8d92365fa63aa
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:59:44 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5F72EA000"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
1348
Expires
Thu, 11 May 2023 12:47:33 GMT
_CustomWidgetHeader.js
www.rbcwmpromos.com/Scripts/Custom/ 		731 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Scripts/Custom/_CustomWidgetHeader.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb4154e8e3b3317795fb8340e52a36065d283e4942e49b7b4e5f558799d71452
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:59:44 GMT
Date
Wed, 10 May 2023 12:47:32 GMT
ETag
"1D97CF5F72EA000"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
404
Expires
Thu, 11 May 2023 12:47:33 GMT
851c5604-3c30-4bce-8d85-854ed329b807RBC_WM_fav1.jpg
spponeimages.azureedge.net/prod/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/851c5604-3c30-4bce-8d85-854ed329b807RBC_WM_fav1.jpg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
51290293dbd5b8dfdb6af5e5c9a9453e076bf678f3c5c2e200a43492ef0c1d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
7gg417Mgw28uK+gyBqcZJw==
etag
0x8DB20140FD3E5FE
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
78ddffc9-301e-00f6-4e3d-83f5ec000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
26797
expires
Wed, 17 May 2023 12:47:34 GMT
0a7b918d-04b4-4436-ae6e-d494ec1d06cfRBC_WM_fav2.jpg
spponeimages.azureedge.net/prod/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/0a7b918d-04b4-4436-ae6e-d494ec1d06cfRBC_WM_fav2.jpg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d438abc8a9fe19468bb84f101bba0a248d3de66943932bf55f719809728251ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
1mTsTxSD4lHaSeB3ZuTH5w==
etag
0x8DB2014100F1195
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
ffa8ad27-901e-00b4-773d-83def8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
32720
expires
Wed, 17 May 2023 12:47:34 GMT
d571be23-c9ac-4746-a527-8c69a75ddab4RBC_WM_fav3.jpg
spponeimages.azureedge.net/prod/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/d571be23-c9ac-4746-a527-8c69a75ddab4RBC_WM_fav3.jpg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9e9a57d307d431848760b2878c67d96e339203e8afae9eed925f7d7ad1fe9f51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
j7ExekYhF6OuQs7yQU3hzw==
etag
0x8DB2014103A60FA
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
86fcf680-a01e-003f-283d-836526000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
24413
expires
Wed, 17 May 2023 12:47:34 GMT
4675642c-840f-4fcd-adcd-b8d38c407f74RBC_WM_fav4.jpg
spponeimages.azureedge.net/prod/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/4675642c-840f-4fcd-adcd-b8d38c407f74RBC_WM_fav4.jpg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d91305488933f83a0fbb901daf349d3e70ef090f28c8c275066ffb0471c43af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:31:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
G0tl4NB5NtQYfaD1xe823A==
etag
0x8DB2014106318AD
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
5712f130-401e-00db-633d-83762c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
23011
expires
Wed, 17 May 2023 12:47:34 GMT
forms2.min.js
app-sj30.marketo.com/js/forms2/js/ 		208 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-sj30.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 21:46:36 GMT
server
cloudflare
age
495
etag
"2940fd3-33e51-5f79835f6a700"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7c524a9c09049243-FRA
expires
Wed, 10 May 2023 16:47:33 GMT
notice
consent.trustarc.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=spp.com&c=teconsent&js=nj&noticeType=bb&text=true&irmc=irmlink&gtm=1
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
4f176cfc759929551efb62bd9bc4f2fe81183cd1df1a79be005902f4f8bf5426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rbcwmpromos.com/
Origin
https://www.rbcwmpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
content-length
4999
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
gzN_6Cjh3YBcjUn-91TA1EFNx4gZsOy5nUbwceSvbWjfdiiDCcIiRQ==
expires
Wed, 10 May 2023 13:47:33 GMT
loading.gif
www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Images/loading.gif
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
X-Content-Type-Options
nosniff
Date
Wed, 10 May 2023 12:47:33 GMT
Last-Modified
Tue, 02 May 2023 12:57:58 GMT
ETag
"04f0b8f57cd91:0"
X-Frame-Options
DENY
Content-Type
image/gif
Cache-Control
public,max-age=25920000
Accept-Ranges
bytes
Content-Length
8476
_BrandList.js
www.rbcwmpromos.com/Scripts/Core/Znode/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Scripts/Core/Znode/_BrandList.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9f3d8a3d803cd55f3c3fac17efe9ec90f1a1c41a3bc531ef7066935969a368d4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:59:44 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5F72EA000"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
622
Expires
Thu, 11 May 2023 12:47:33 GMT
LayoutScripts.js
www.rbcwmpromos.com/Scripts/Core/Znode/ 		796 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Scripts/Core/Znode/LayoutScripts.js
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3cb29f57ce8d04e4bf74af1a9c876a2a08f9e5ce3d5066eea67d4ae2b91665d4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:59:44 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5F72EA000"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
494
Expires
Thu, 11 May 2023 12:47:33 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
124f165a1243b48bd2ac21cebd8852c818c5deb7692fbfb5c80f5d5b72625da9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 12:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 12:31:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 12:47:33 GMT
slick.min.css
www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/sass/vendors/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/sass/vendors/slick.min.css
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:57:58 GMT
Date
Wed, 10 May 2023 12:47:32 GMT
ETag
"1D97CF5B8004F00"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
public
Accept-Ranges
bytes
Content-Length
650
Expires
Thu, 11 May 2023 12:47:33 GMT
slick-theme.min.css
www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/sass/vendors/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/sass/vendors/slick-theme.min.css
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
618cacf7e3c9cf90cb3245f033e6b0cbf5fc41ef5ecb98c136247eb6aa8641c5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Last-Modified
Tue, 02 May 2023 12:57:58 GMT
Date
Wed, 10 May 2023 12:47:33 GMT
ETag
"1D97CF5B8004F00"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Cache-Control
public
Accept-Ranges
bytes
Content-Length
955
Expires
Thu, 11 May 2023 12:47:33 GMT
540a3a90-edb3-433e-9205-1cc890f5f87frbcdisplay-regular-webfont.woff2
spponeimages.azureedge.net/prod/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spponeimages.azureedge.net/prod/540a3a90-edb3-433e-9205-1cc890f5f87frbcdisplay-regular-webfont.woff2
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
39fbd40879dfd8994a4fa5f0e9022ef5dc80c40177540c4a214631640ec3e3bf

Request headers

Referer
https://www.rbcwmpromos.com/
Origin
https://www.rbcwmpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:28:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
qO8cSMVHRucalUIgkxaRhQ==
etag
0x8DB2013AE468D3F
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
952f1d20-001e-007d-553d-834e32000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
29924
expires
Wed, 17 May 2023 12:47:34 GMT
RedPanda.ttf
www.rbcwmpromos.com/Views/Themes/RedPanda/Fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rbcwmpromos.com/Views/Themes/RedPanda/Fonts/RedPanda.ttf?hv0k33
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.116.32.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9770dfd37d3f1543c48f4dbf05a2acf627ea5e6f7ab1f9c95c28e99e179d634d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.rbcwmpromos.com/Views/Themes/PurplePlatypus-RedPanda_child/Content/css/site.css
Origin
https://www.rbcwmpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload, max-age=31536000;includeSubDomains;redirectHttpToHttps
Content-Security-Policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
X-Content-Type-Options
nosniff
Date
Wed, 10 May 2023 12:47:32 GMT
Last-Modified
Tue, 02 May 2023 12:57:58 GMT
ETag
"04f0b8f57cd91:0"
X-Frame-Options
DENY
Content-Type
application/octet-stream
Cache-Control
public,max-age=25920000
Accept-Ranges
bytes
Content-Length
21596
15224049-1682-4d0a-a881-be815b522237RBC_WM_MainBanner1.jpg
spponeimages.azureedge.net/prod/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/15224049-1682-4d0a-a881-be815b522237RBC_WM_MainBanner1.jpg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a02de56afa94ae0bacd7f4e3af0a30da7795a3705907408bb7d710b946808eef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:34 GMT
last-modified
Wed, 08 Mar 2023 20:31:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
1CJ8d7MQ0xsbuKG8Xc+D4g==
etag
0x8DB20141135DA2B
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
5cf3b06e-e01e-00dd-2a3d-838154000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
137509
expires
Wed, 17 May 2023 12:47:34 GMT
335d9fc2-dbaa-47be-a8bb-19d63d2b57feRBC_WM_hero_two.jpg
spponeimages.azureedge.net/prod/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/335d9fc2-dbaa-47be-a8bb-19d63d2b57feRBC_WM_hero_two.jpg
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5df238562209231e86a5e3df1c96576a50759d642073b5c082d8b521f7bf8faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:31:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
TTUiWDBwGszVflUenTDL+g==
etag
0x8DB201410C85B76
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
10ab666f-801e-00c6-673d-83afc6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
82162
expires
Wed, 17 May 2023 12:47:34 GMT
b4de7b0f-d680-48a0-af3c-b3ff4f274b54RBC_WM_spOrderBanner.jpg
spponeimages.azureedge.net/prod/ 		245 KB
245 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/b4de7b0f-d680-48a0-af3c-b3ff4f274b54RBC_WM_spOrderBanner.jpg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b52c4c25ce2cd0b2a7e966a29f60aa6baac64f8d7049e582689471ba0ee252bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:31:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
B546x9YYbMFTniaF1gyo0A==
etag
0x8DB201411AEF004
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
9e9fbc79-801e-00ab-3d3d-8305e8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
250712
expires
Wed, 17 May 2023 12:47:34 GMT
b596a73f-2214-43af-85bc-ee8eebf05382rbcdisplay-bold-webfont.woff2
spponeimages.azureedge.net/prod/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://spponeimages.azureedge.net/prod/b596a73f-2214-43af-85bc-ee8eebf05382rbcdisplay-bold-webfont.woff2
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fe0897f669d33676470f0ec72e91a8ec4726fa57265999f4d9ab3e6b29ae87fa

Request headers

Referer
https://www.rbcwmpromos.com/
Origin
https://www.rbcwmpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:28:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
o8BEAV7dbbNNtOmLK142gw==
etag
0x8DB2013ACA1F46E
content-type
application/font-woff2
access-control-allow-origin
*
x-ms-request-id
b3105f9b-c01e-00ac-5b3d-83f36d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
29392
expires
Wed, 17 May 2023 12:47:34 GMT
getForm
app-sj30.marketo.com/index.php/form/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-sj30.marketo.com/index.php/form/getForm?munchkinId=636-NFB-754&form=3918&url=https%3A%2F%2Fwww.rbcwmpromos.com%2F&callback=jQuery11240008178169257081702_1683722853968&_=1683722853969
Requested by
Host: app-sj30.marketo.com
URL: https://app-sj30.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b808e1565e610300087693923e6460aac92a8cd9c5cb12254d33ebf3cc1beea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-form-service-request-id
14220#18805b3df14
x-marketo-source
Form Service
cf-ray
7c524a9d6a5d9243-FRA
cached
false
d0cc32e2-1c43-4485-9b7d-922af78ae55fRBC_WM_ideaBooksBanner.jpg
spponeimages.azureedge.net/prod/ 		214 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/d0cc32e2-1c43-4485-9b7d-922af78ae55fRBC_WM_ideaBooksBanner.jpg?v=0
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a678a30992ec017ee4c400190aae23401893adbf999681b865fe9b73d0edfb43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
last-modified
Wed, 08 Mar 2023 20:31:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
RnM6WAyw37/nnTjU9WKtGw==
etag
0x8DB20141101645A
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
cd6affd7-801e-0001-553d-83d307000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
218998
expires
Wed, 17 May 2023 12:47:34 GMT
e99e5254-c775-4fbd-a9a6-c577032f6903New_Window.svg
spponeimages.azureedge.net/prod/ 		647 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/e99e5254-c775-4fbd-a9a6-c577032f6903New_Window.svg
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4d57cc90030a08f379c6885967fb27597b21869291c8793e36079e7ebf22a986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:33 GMT
content-md5
ySPZMn+nZ+4iHDtHruhSHA==
content-length
647
x-ms-lease-status
unlocked
last-modified
Tue, 07 Jul 2020 17:41:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8229CF5FDEEDC
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
718036ee-001e-00b1-313d-832a87000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 17 May 2023 12:47:34 GMT
v1.7-164
consent.trustarc.com/asset/notice.js/v/ 		78 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-164
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=spp.com&c=teconsent&js=nj&noticeType=bb&text=true&irmc=irmlink&gtm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rbcwmpromos.com/
Origin
https://www.rbcwmpromos.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:09:22 GMT
content-encoding
gzip
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
age
2291
x-cache
Hit from cloudfront
pragma
public
last-modified
Mon, 17 Apr 2023 03:19:03 GMT
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
GSnvIZtgaXy3Lj2T2P87CXfYl7mTClzEEKSLNmsE6vEJO8OBcYMGQQ==
expires
Fri, 09 Jun 2023 12:09:22 GMT
log
consent.trustarc.com/ 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=spp.com&country=de&state=&behavior=expressed&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW&c=f30e
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 12:47:34 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
AOS-AUdKkmEG4ciUWskZOpR0Xw2yWDHZ9ZcJ8os5ETm5xVtbILfUMg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
consent-pref.trustarc.com/ Frame 8D45 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.rbcwmpromos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 12:47:34 GMT
etag
W/"5147-1680489730000"
expect-ct
max-age=86400; enforce;
last-modified
Mon, 03 Apr 2023 02:42:10 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id
aNE_GaJDDyrs6nY0NjsKyRlZW-fE-hY38Znv7c5KScuaZekeq0T-bg==
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
noticemsg
consent.trustarc.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=spp.com&behavior=expressed&country=de&language=en&rand=0.9532560665080059&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 12:47:34 GMT
via
1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA2-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
yRxa0xVp2X0anoZr2JDQwnjoRoEJGE6v3fxDqA23pU8u8_xfe5ghkg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8D45 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
eee1dc0ebe943891e5ce3485588726083a94a95e0f35747b86278975ba41cf0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Apr 2023 02:42:28 GMT
server
nginx
etag
W/"4867-1680489748000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
NxDlvg7-9n6C2Z96x1Dql_6i1KwWBfp4C4vEpsWGizRy_pr_VXOvrg==
expires
Wed, 10 May 2023 12:47:33 GMT
get
consent-st.trustarc.com/ Frame 8D45 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-63.fra60.r.cloudfront.net
Software
/
Resource Hash
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
public
date
Wed, 19 Apr 2023 07:28:24 GMT
content-encoding
gzip
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
1833550
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
nKfXPtmViQ1MXZ_92n2El2izGNiYGXAY_D7gB8gfZm0_kkMrqDWRDA==
expires
Fri, 19 May 2023 07:28:24 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame 8D45 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:03:55 GMT
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
age
2619
x-cache
Hit from cloudfront
content-length
2608
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Apr 2023 02:42:10 GMT
server
nginx
etag
W/"2608-1680489730000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/gif
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
rUl4a5VxWYFB-fJT7ygs5IIt1hrfKOwF04MRdPAzTlzE_-fmO_ADCw==
d4d193f5-d933-4fa3-bee3-0e70d79f1853homeIcon.png
spponeimages.azureedge.net/prod/Thumbnail/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spponeimages.azureedge.net/prod/Thumbnail/d4d193f5-d933-4fa3-bee3-0e70d79f1853homeIcon.png
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5a8de1436f227632fcd49af43ddc5cfe069b5ebbe1bc1a2270499150db516c9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 12:47:34 GMT
last-modified
Wed, 08 Mar 2023 20:31:42 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5
mioKHieF488rPwc8A24ILg==
etag
0x8DB20142088ED9B
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
8a32edd8-b01e-0064-613d-83625a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=604800
x-ms-version
2009-09-19
content-length
6650
expires
Wed, 17 May 2023 12:47:34 GMT
7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame A0F9 		139 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
26c3d9ac1022c3bc42a184d699ff00b92be83af89379f4873315bfd2fa0c5eb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2027160
cache-control
max-age=315360000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 01:41:34 GMT
etag
W/"142492-1680489748000"
expect-ct
max-age=86400; enforce;
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 03 Apr 2023 02:42:28 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id
kNyQW7Z72xIJG-I-BdWZ_HTjw2-v_CPalGmU3zCvo8oskiEcJjjvIg==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8D45 		969 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
7887F73A3FE21D4E68B4A838E7D22E0C
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
468
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
BBPRNHxwjbx4NXaDOwEwm2Ve6f9jGnWRniVtK5qh_gNITVX3IgmNXg==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8D45 		48 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8b7402020ce94af71dceeb9fcbdd020744a799df8137a77a64accdc33380a88e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
7887F73A3FE21D4E68B4A838E7D22E0C
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
48
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
djwuH-fDt2QPiMMTGfL6PXD_AaU92YfEiQTERHktjJUvWGs3k9e3tw==
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 8D45 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 11:56:19 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
age
3076
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Apr 2023 02:42:10 GMT
server
nginx
etag
W/"29043-1680489730000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
jKjxLti73OAJYkR_VBxkmnbdvtb1Oi72JKtZdO9SwscfItLltd3wzw==
expires
Wed, 10 May 2023 11:56:16 GMT
10.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/ Frame 8D45 		254 KB
87 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/10.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
25d4f580509d3b3774dfa29f970283e352c650d4dd0d73c7182d0f6c6b706eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 01:42:45 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
age
2027089
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Apr 2023 02:42:28 GMT
server
nginx
etag
W/"260177-1680489748000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
7ZChFAz4gfgZPKcXSpiretbp7aySuvikAoVCboE3L74K6dsjf4r5Nw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/ Frame 8D45 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/1.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8ee157e66ede42010af123bf5f99fc4fa4ebea4c8f3f6bbe75240a295267973f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 01:41:59 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
age
2027135
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Apr 2023 02:42:28 GMT
server
nginx
etag
W/"19935-1680489748000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
xDFqvJ1Fy7TVFUsBE3KmGMOYibU4L__-QEG6tp0JBSl7p62iiIhetg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie_iframe.html
prefmgr-cookie.truste-svc.net/cookie_js/ Frame A47A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.120.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-120-141.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 12:47:34 GMT
etag
W/"5014-1657163800000"
expect-ct
max-age=31536000
last-modified
Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy
geolocation=(), microphone=(), payment=()
referrer-policy
origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8D45 		717 B
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5bc0bf6d720062aaa0b7ce63ffa07c4b8d70052dd81675b12ac0e07a4cb06574
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
7887F73A3FE21D4E68B4A838E7D22E0C
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
324
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
I724XM6D7H5oDKbiRUEEgjLzE_vuIPgCpDCkCBEKIH77YMg7e7Z1Ig==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8D45 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0c2862c75cc917edde4a1b96149ca50b3b33f0e4922a931c408544515a5d53f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
7887F73A3FE21D4E68B4A838E7D22E0C
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
6234
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
aUF0-GPzlq_VTh2oaUqtWZ2vhM1YLeAYwGsRturm2mT-UhWxEgO0NA==
trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 8D45 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/trustarc-logo-small.png
Requested by
Host: www.rbcwmpromos.com
URL: https://www.rbcwmpromos.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 11:57:47 GMT
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
age
2987
x-cache
Hit from cloudfront
content-length
4197
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Apr 2023 02:42:10 GMT
server
nginx
etag
W/"4197-1680489730000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/png
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
lUqqkpe0gAhpdTzniQNjVZLC4EGXmpiy4mwnI22SsN-pVq0TK_-3rA==
forms2.css
app-sj30.marketo.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-sj30.marketo.com/js/forms2/css/forms2.css
Requested by
Host: app-sj30.marketo.com
URL: https://app-sj30.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63113904
cf-cache-status
HIT
age
6736
content-length
2623
last-modified
Thu, 23 Mar 2023 21:46:36 GMT
server
cloudflare
etag
"2940f90-3437-5f79835f6a700"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7c524aa3387d9243-FRA
expires
Wed, 10 May 2023 16:47:34 GMT
forms2-theme-plain.css
app-sj30.marketo.com/js/forms2/css/ 		828 B
384 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-sj30.marketo.com/js/forms2/css/forms2-theme-plain.css
Requested by
Host: app-sj30.marketo.com
URL: https://app-sj30.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rbcwmpromos.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:47:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63113904
cf-cache-status
HIT
age
421
content-length
246
last-modified
Thu, 23 Mar 2023 21:46:36 GMT
server
cloudflare
etag
"2940f8d-33c-5f79835f6a700"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7c524aa3387e9243-FRA
expires
Wed, 10 May 2023 16:47:34 GMT
XDFrame
app-sj30.marketo.com/index.php/form/ Frame EE58 		2 KB
886 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app-sj30.marketo.com/index.php/form/XDFrame
Requested by
Host: app-sj30.marketo.com
URL: https://app-sj30.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7aeae7593a3862c8222fcc6980ff49a0db3b7cf05310221153f1db51c7aa871
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rbcwmpromos.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
7c524aa3b9019243-FRA
content-encoding
gzip
content-length
652
content-type
text/html; charset=utf-8
date
Wed, 10 May 2023 12:47:35 GMT
server
cloudflare
strict-transport-security
max-age=63113904
vary
Accept-Encoding
x-content-type-options
nosniff
6.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/ Frame 8D45 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/7887F73A3FE21D4E68B4A838E7D22E0C/6.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/7887F73A3FE21D4E68B4A838E7D22E0C.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7946f0bacb9c01951a9ba19ae7f4c3bed1a4251063e9ab8cf1f828ec222ddbb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 01:42:21 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA56-P4
age
2027114
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 03 Apr 2023 02:42:28 GMT
server
nginx
etag
W/"7220-1680489748000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
7TKkHch7eZ0xJtGi5YX6tZ62BlYesRfM0QqO6tycFhWGs3JKCoiDUw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie_inneriframe.html
consent-pref.trustarc.com/ Frame 8F43 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/cookie_inneriframe.html
Requested by
Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-93.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2955
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 11:58:21 GMT
etag
W/"2008-1680489730000"
expect-ct
max-age=86400; enforce;
last-modified
Mon, 03 Apr 2023 02:42:10 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id
eYQNICmAM1qF9TKnvE4qHE_poMpwRnWS5Q-QHMeBK2T9yGBnXpO35g==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
forms2.min.js
app-sj30.marketo.com/js/forms2/js/ Frame EE58 		208 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-sj30.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: app-sj30.marketo.com
URL: https://app-sj30.marketo.com/index.php/form/XDFrame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-sj30.marketo.com/index.php/form/XDFrame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 12:47:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 21:46:36 GMT
server
cloudflare
age
497
etag
"2940fd3-33e51-5f79835f6a700"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7c524aa5cb7a9243-FRA
expires
Wed, 10 May 2023 16:47:35 GMT

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless function| $ function| jQuery function| purl function| reloadPage object| global object| Constant object| ErrorMsg boolean| isFadeOut number| fadeOutTime object| CheckBoxCollection undefined| UpdateContainerId function| ZnodeBase function| __extends function| Endpoint function| CommonHelper function| SanitizeForXss undefined| _gridContainerName undefined| deleteActionlink boolean| isSelectCalender object| selectedImages function| DynamicGrid function| CustomJurl undefined| PageCount undefined| PageIndex undefined| PageSize undefined| RecordPerPageFieldName undefined| PageFieldName undefined| Sort undefined| SortDir undefined| SortFieldName undefined| SortDirFieldName function| GridPager function| AddNewRowManage function| isNumberKey function| DgUpdateString function| DgCallAjax function| DgUpdateSuccess function| DgUpdateAllSuccess function| DgDeleteRow number| rowCount object| EditableGridEvent object| EditableGrid function| jurl undefined| controlContext function| MultiSelectDDL function| EditableText object| _znodeAjaxifyOnLoadAllSubscriptions object| _znodeAjaxifyDirectives object| _znodeAjaxifyDirectivesArray object| _znodeAjaxifyOnLoadSubscriptions function| ZnodeAjaxify function| _ZnodeAjaxifyEventModel function| _ZnodeAjaxifiedDirective function| _ZnodeAjaxifiedDirectives function| en function| de function| fr function| ja object| ListConstants function| _LoginPartial function| _WidgetSearch function| _WidgetHeader function| _CustomWidgetHeader object| MktoForms2 function| _BrandList function| LayoutScripts function| _truste_eumap object| truste string| userType object| $temp_box_overlay function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| autocompletewrapper function| onselected function| executeFunctionByName undefined| isFromCategoryPage boolean| isAddToCartGroupProduct function| Product function| QuickOrderPad function| Category function| QuickOrder function| Search number| totalPages function| ZSearch function| Cart function| User function| ZnodeNotification function| Brand function| Checkout function| CaseRequest undefined| ScannerObject function| Home object| Config object| CategoriesArray function| SiteMap function| StoreLocator function| Import undefined| selectedTab string| emailLabelTextGlobal function| FormBuilder function| BlogNews function| CMPCookie function| VoiceRecognitionModel object| input object| node object| objVoiceRec function| VoiceRecognition function| ChromeVoiceRecognition function| BarcodeReader function| GoogleAnalytics function| Bloodhound object| clipartArray function| CustomBrand undefined| timer string| dataCaptureHtmlElement string| dataCapturePaymentOptionId function| StaplesPayTransactionData function| CustomCheckout object| cookieHandler function| CustomCart undefined| selectedClipart object| selectedDecoCliparts object| dict function| InitbLazy object| CustomConstant function| CustomDelegateApproval function| CustomEndpoint function| ArtifiAPI function| __assign undefined| cartSelectedCliparts object| persistedText number| persistedTextDecoLocation object| persistedMonogramQuantity number| persistedMonogramIndex object| persistedMonogramForm boolean| IsValidate object| fuzzyObj object| fuzzyArray object| uploadedImageClipArts object| cartItemUploadedImagesJson object| dummyLogoDecoJson object| SelectedElements object| ClipArtViewModelList object| uploadPopulateLogodecorationLocationCliparts function| ArtifiModel function| CustomProduct function| CustomGlobalAttribute function| CustomUser function| DataCapture function| dateFormat string| artifiImageIntegrationUrl string| artifiIntegrationUrl object| omsSavedCartLineItemIds object| ko function| Blazy object| fuzzysort object| bLazy function| addCaptchaScript object| jQuery11240008178169257081702

10 Cookies

Domain/Path Name / Value
www.rbcwmpromos.com/ Name: _WebStoreculture_d3d3LnJiY3dtcHJvbW9zLmNvbQ
Value: 1
www.rbcwmpromos.com/ Name: ASP.NET_SessionId
Value: u5k15y1tg1rxrl3e1tmk4gcg
www.rbcwmpromos.com/ Name: portal_d3d3LnJiY3dtcHJvbW9zLmNvbQ
Value: 1050
www.rbcwmpromos.com/ Name: publishstate_d3d3LnJiY3dtcHJvbW9zLmNvbQ
Value: PRODUCTION
www.rbcwmpromos.com/ Name: culture_d3d3LnJiY3dtcHJvbW9zLmNvbQ
Value: en-US
.app-sj30.marketo.com/ Name: __cf_bm
Value: hECUSrYqfzOoHeQo8SkHaRKL1Geop0L6EFlw95V0hic-1683722853-0-AdUxKFnZwpUhXmGM4bX2f+aqXJUKDMyMTJO9K8csbsEdnB6zmGbYs3XTFDWYR96QCkwF3hxWGyOgfneiJEDgt6Q=
.rbcwmpromos.com/ Name: TAsessionID
Value: 911f926d-7e74-4b1c-860f-ddc1f03a1a9c|NEW
.rbcwmpromos.com/ Name: notice_behavior
Value: expressed,eu
prefmgr-cookie.truste-svc.net/ Name: cookie_3rdparty
Value: enabled
consent-pref.trustarc.com/ Name: token_test
Value: Wed May 10 2023 12:47:35 GMT+0000 (GMT)

2 Console Messages

Source Level URL
Text
security error URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=spp_v2&site=spp.com&action=notice&country=de&locale=en&behavior=expressed&gtm=1&layout=default_eu&behaviorManager=eu&irm=undefined&from=https://consent.trustarc.com/&session=911f926d-7e74-4b1c-860f-ddc1f03a1a9c&userType=NEW(Line 55)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://jsonip.com *.artifi.net *.jquery.com *.trustarc.com *.corpmerchandise.com *.googletagmanager.com *.marketo.com *.google-analytics.com *.zmags.com *.issuu.com *.marketo.net *.googleadservices.com connect.facebook.net cdnjs.cloudflare.com *.staples.com googleads.g.doubleclick.net polyfill.io *.staplespromo.com *.staples-static.com *.inside-graph.com *.newrelic.com *.nr-data.net countdown.omegawatches.com https://*.kaptcha.com *.cloudfront.net *.retentionscience.com *.lightboxcdn.com lightboxapi.azurewebsites.net *.boldchat.com *.licdn.com *.linkedin.com *.btttag.com *.attentivemobile.com *.attn.tv *.contentsquare.net *.contentsquare.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000;includeSubDomains;redirectHttpToHttps
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-sj30.marketo.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
fonts.googleapis.com
prefmgr-cookie.truste-svc.net
spponeimages.azureedge.net
www.rbcwmpromos.com
104.16.95.80
13.225.78.35
13.32.99.63
137.116.32.213
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:82a::200a
52.222.236.93
54.146.120.141
02e056f1de541f635ee43e7f84da990f88e758bc4c3421c7653bf5fdd7531d15
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
08748d246aa8fdf126985b6fb83dd55be8f8f74d83c1b6d6df05039b4eb7c391
0c2862c75cc917edde4a1b96149ca50b3b33f0e4922a931c408544515a5d53f3
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
11fb05cec237a37307acae14ef62372749501cd112a84049b36855876c62fd82
124f165a1243b48bd2ac21cebd8852c818c5deb7692fbfb5c80f5d5b72625da9
18fd58de9bfadc28afd4d379a76c4c14c075b32e1eb9bb2f1179e393391f9f88
1b5eab59ea5c7b8118e9e266ea8f888a2de6c688e22e67ad5b54ce07f43908c8
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
25d4f580509d3b3774dfa29f970283e352c650d4dd0d73c7182d0f6c6b706eb5
26c3d9ac1022c3bc42a184d699ff00b92be83af89379f4873315bfd2fa0c5eb1
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
39fbd40879dfd8994a4fa5f0e9022ef5dc80c40177540c4a214631640ec3e3bf
3b808e1565e610300087693923e6460aac92a8cd9c5cb12254d33ebf3cc1beea
3cb29f57ce8d04e4bf74af1a9c876a2a08f9e5ce3d5066eea67d4ae2b91665d4
3d6cedf54ed40060eb4f1430549060a9e30df75eb09e9fa82d2913f1ff77308e
4d57cc90030a08f379c6885967fb27597b21869291c8793e36079e7ebf22a986
4f176cfc759929551efb62bd9bc4f2fe81183cd1df1a79be005902f4f8bf5426
51290293dbd5b8dfdb6af5e5c9a9453e076bf678f3c5c2e200a43492ef0c1d57
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
57f998c6f9d1d9c10a2d91b690dfdfb7ba5e3de4c29cfbcd4b22a4287394239f
5a8de1436f227632fcd49af43ddc5cfe069b5ebbe1bc1a2270499150db516c9d
5bc0bf6d720062aaa0b7ce63ffa07c4b8d70052dd81675b12ac0e07a4cb06574
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5df238562209231e86a5e3df1c96576a50759d642073b5c082d8b521f7bf8faa
618cacf7e3c9cf90cb3245f033e6b0cbf5fc41ef5ecb98c136247eb6aa8641c5
6699463ed1f2f899197cd4d6c57d19acd8b44b79b263a70b3e06c6fe0fde3dd8
7946f0bacb9c01951a9ba19ae7f4c3bed1a4251063e9ab8cf1f828ec222ddbb3
8b7402020ce94af71dceeb9fcbdd020744a799df8137a77a64accdc33380a88e
8b9bfd23bccb5052b47140ddf81759afe96f12e864d0ed92d56b1a4da37f1d3c
8ede402fa7211fe1ed99b6ce8f631002a7ebcab6e24eed44367149beff6851fe
8ee157e66ede42010af123bf5f99fc4fa4ebea4c8f3f6bbe75240a295267973f
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
9770dfd37d3f1543c48f4dbf05a2acf627ea5e6f7ab1f9c95c28e99e179d634d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9e9a57d307d431848760b2878c67d96e339203e8afae9eed925f7d7ad1fe9f51
9f3d8a3d803cd55f3c3fac17efe9ec90f1a1c41a3bc531ef7066935969a368d4
a02de56afa94ae0bacd7f4e3af0a30da7795a3705907408bb7d710b946808eef
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a678a30992ec017ee4c400190aae23401893adbf999681b865fe9b73d0edfb43
a725fbc9d0cd17aa95561463dc5eee3606bbe0ec692ec000af00a4b88756f7cd
b52c4c25ce2cd0b2a7e966a29f60aa6baac64f8d7049e582689471ba0ee252bb
c98d0a95c87560dfccd8f95bd3cf39c4894ee4ba2a096e88a5c8d92365fa63aa
d438abc8a9fe19468bb84f101bba0a248d3de66943932bf55f719809728251ad
d91305488933f83a0fbb901daf349d3e70ef090f28c8c275066ffb0471c43af3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e7aeae7593a3862c8222fcc6980ff49a0db3b7cf05310221153f1db51c7aa871
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ee3e2ee232f9b6c47c3f06a2cdea044196963b87ce4d91eb823a80aca27a3d08
eee1dc0ebe943891e5ce3485588726083a94a95e0f35747b86278975ba41cf0a
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
fb4154e8e3b3317795fb8340e52a36065d283e4942e49b7b4e5f558799d71452
fcd86e8b75ae82f035ff1f28433dacab9d367f838f707e4482e2f542c0037096
fe0897f669d33676470f0ec72e91a8ec4726fa57265999f4d9ab3e6b29ae87fa