sendmesamples.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Effective URL:
https://sendmesamples.com/
Submission: On October 26 via manual (October 26th 2022, 2:25:55 am UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 22 domains to perform 109 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in and belongs to . The main domain is sendmesamples.com.
TLS certificate: Issued by E1 on October 4th 2022. Valid for: 3 months.

This is the only time sendmesamples.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::6815:5204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	54.190.214.118 54.190.214.118	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.115 65.9.95.115	16509 (AMAZON-02) (AMAZON-02)
4	13.41.96.213 13.41.96.213	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:1f97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	52.43.151.13 52.43.151.13	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.82.214 52.217.82.214	16509 (AMAZON-02) (AMAZON-02)
7	65.9.94.89 65.9.94.89	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:47e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.22.98.180 52.22.98.180	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:4700:303... 2606:4700:3034::6815:3e4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	() ()
1	2600:9000:212... 2600:9000:2127:d400:3:c04e:c780:93a1	() ()
109	18

2 2606:4700:3033::6815:5204 (United States)

ASN13335 (CLOUDFLARENET, US)

writesun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.190.214.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-190-214-118.us-west-2.compute.amazonaws.com

eng.trkcnv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-115.prg50.r.cloudfront.net

static.traversedlp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.41.96.213 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

iwin.rewardsadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
impressure-c630.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.43.151.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-151-13.us-west-2.compute.amazonaws.com

events.impressure.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.82.214 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.94.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-89.prg50.r.cloudfront.net

djk97zng6lbya.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47e7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aimtell.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.98.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-98-180.compute-1.amazonaws.com

stats.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:3e4e (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

go.aramistrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (None, )

ASN- ()

sendmesamples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:d400:3:c04e:c780:93a1 (None, )

ASN- ()

w.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	kxcdn.com impressure-c630.kxcdn.com — Cisco Umbrella Rank: 991900	165 KB
7	cloudfront.net djk97zng6lbya.cloudfront.net	304 KB
5	aimtell.com signals.aimtell.com — Cisco Umbrella Rank: 4447	2 KB
4	impressure.io events.impressure.io — Cisco Umbrella Rank: 898666	2 KB
4	anura.io script.anura.io — Cisco Umbrella Rank: 49715	40 KB
2	aramistrk.com 2 redirects go.aramistrk.com	3 KB
2	aimtell.io cdn.aimtell.io — Cisco Umbrella Rank: 6718	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	rewardsadvisor.com iwin.rewardsadvisor.com — Cisco Umbrella Rank: 385046	73 KB
2	writesun.com writesun.com	32 KB
1	sharethis.com w.sharethis.com	17 KB
1	sendmesamples.com sendmesamples.com	17 KB
1	pusher.com stats.pusher.com — Cisco Umbrella Rank: 6510	75 B
1	amazonaws.com s3.amazonaws.com	13 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	27 KB
1	traversedlp.com static.traversedlp.com — Cisco Umbrella Rank: 28669 api.traversedlp.com Failed	4 KB
1	trkcnv.com eng.trkcnv.com — Cisco Umbrella Rank: 679858	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	40 KB
0	getclicky.com Failed static.getclicky.com Failed
0	convertful.com Failed app.convertful.com Failed
0	media.net Failed contextual.media.net Failed
109	22

	Domain	Requested by
9	impressure-c630.kxcdn.com	iwin.rewardsadvisor.com impressure-c630.kxcdn.com
7	djk97zng6lbya.cloudfront.net
5	signals.aimtell.com	writesun.com signals.aimtell.com s3.amazonaws.com
4	events.impressure.io	iwin.rewardsadvisor.com impressure-c630.kxcdn.com
4	script.anura.io	writesun.com script.anura.io
2	go.aramistrk.com	2 redirects sendmesamples.com
2	cdn.aimtell.io	s3.amazonaws.com
2	fonts.googleapis.com	impressure-c630.kxcdn.com sendmesamples.com
2	www.google-analytics.com	iwin.rewardsadvisor.com www.google-analytics.com
2	iwin.rewardsadvisor.com	writesun.com impressure-c630.kxcdn.com
2	writesun.com	writesun.com
1	w.sharethis.com	sendmesamples.com
1	sendmesamples.com	impressure-c630.kxcdn.com sendmesamples.com
1	stats.pusher.com	impressure-c630.kxcdn.com
1	s3.amazonaws.com	writesun.com
1	cdnjs.cloudflare.com	impressure-c630.kxcdn.com
1	static.traversedlp.com	www.googletagmanager.com
1	eng.trkcnv.com	writesun.com
1	www.googletagmanager.com	writesun.com
0	static.getclicky.com Failed	sendmesamples.com
0	app.convertful.com Failed	sendmesamples.com
0	contextual.media.net Failed	sendmesamples.com
0	api.traversedlp.com Failed	static.traversedlp.com
109	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-20` - `2023-03-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.trkcnv.com Amazon	`2022-09-03` - `2023-10-03`	a year	crt.sh
*.traversedlp.com Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
script.anura.io Amazon	`2022-07-12` - `2023-08-10`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-08`	a year	crt.sh
iwin.rewardsadvisor.com R3	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
impressure.io Amazon	`2022-07-26` - `2023-08-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.pusher.com Gandi Standard SSL CA 2	`2022-04-07` - `2023-04-21`	a year	crt.sh
*.sendmesamples.com E1	`2022-10-04` - `2023-01-02`	3 months	crt.sh
sharethis.com Amazon	`2022-06-19` - `2023-07-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sendmesamples.com/
Frame ID: AD5F8357BD0CA9C6E0C97A38019A1BFA
Requests: 109 HTTP requests in this frame

Frame: https://signals.aimtell.com/traverse
Frame ID: 8786B6AB80A1EB45B03064B5BA93A85D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=... Page URL
https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastna... Page URL
http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_... HTTP 302
https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=--202950-012&a... HTTP 302
https://sendmesamples.com/ Page URL

Detected technologies

Aimtell (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.aimtell\.\w+/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

ShareThis (Widgets) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

109
Requests

43 %
HTTPS

61 %
IPv6

22
Domains

23
Subdomains

18
IPs

4
Countries

762 kB
Transfer

2079 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4= Page URL
https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=w1fojnljp6bkuq0k2rn9sl2u&aff_sub4=&aff_sub5=&clickid=907d3dc11f7308de2d8f58b31cf25940&pub=202950&cid=29415&sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4= Page URL
http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2042&aff_sub2=--202950-012&aff_sub3=b3958fb2-0f2a-47fd-baf2-515f72503aad&aff_sub4=2042 HTTP 302
https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=--202950-012&aff_sub3=b3958fb2-0f2a-47fd-baf2-515f72503aad&aff_sub4=2042&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3-generic-0 HTTP 302
https://sendmesamples.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
writesun.com/a44bdaabfdb516207ac6484ce43786051/ 1 KB
1 KB 482ms
451ms Document
text/html 2606:4700:3033::6815:5204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 86552f1386f2f7b8560b04e5fc3e258127c01de3a066878268733d386faa6566

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75ffbe62091fbbc5-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 26 Oct 2022 02:25:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8a65OgFNe2wjjumvKcKE6zyz5PNUjIT7ZeubZfa6FAVPkgfPRZV%2FmmkctGujw9tAm1qI%2FPCEdTQGIyhDP9pk3SXuSGFaJEjbn6ypbOYtrdnV0TYxEK6uCuBEfls5M01KGLOJAunU2oecDE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

GET
H2 200 main.js Show response
writesun.com/js/ 91 KB
31 KB 606ms
605ms Script
application/javascript 2606:4700:3033::6815:5204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writesun.com/js/main.js?v=2
Requested by: Host: writesun.com
URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae8d753a2079883b7e33c959f6fda145de5414800d3851433f0b2eafe91af30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 08 Sep 2022 17:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"631a2468-16a65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Emyu2By3S9cdnuVOsblyejq1ZbiijPQyZ8%2F5iJmA9sYDHGUC1slN298os1WpWwe0Bqlbw7li3RsQVVfpkgR0OqGKPHaM%2BoOyGDj4w9wehqP7et00TB5NBJpzGLsNfF0kuZcEVx%2BLR87xLRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 75ffbe64dc1ebbc5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 25 Nov 2022 02:25:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
40 KB 68ms
33ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MS5HQQ7

Requested by

Host: writesun.com
URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04d649bf674f02060b9e4160ecf5be5df7d5b8a073b8654b7eef07048154f4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://writesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40422
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 00:11:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 Oct 2022 02:25:50 GMT

GET
H/1.1 200
OK clickpc.php Show response
eng.trkcnv.com/ 512 B
1 KB 837ms
284ms XHR
text/html 54.190.214.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eng.trkcnv.com/clickpc.php?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=&cidpubh=a44bdaabfdb516207ac6484ce43786051&referrer_url=&domain=writesun.com
Requested by: Host: writesun.com
URL: https://writesun.com/js/main.js?v=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.190.214.118 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-190-214-118.us-west-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) PHP/7.3.30 / PHP/7.3.30
Resource Hash: 89b8871d3ff20a65559c5788e839eca2bbbf8bab76c54e4d7bffd3ff15137ca3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://writesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:25:52 GMT
Server: Apache/2.4.54 (Amazon) PHP/7.3.30
X-Powered-By: PHP/7.3.30
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://writesun.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 512

GET
H/1.1 200
OK retargeting.js Show response
static.traversedlp.com/v1/ 11 KB
4 KB 82ms
23ms Script
application/javascript 65.9.95.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.traversedlp.com/v1/retargeting.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS5HQQ7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-115.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://writesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: KLbodh6xIMdiUWAxenjc1ByBclqfTj74
Content-Encoding: gzip
Via: 1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
Date: Wed, 26 Oct 2022 02:02:33 GMT
Last-Modified: Wed, 01 Jun 2022 20:20:14 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PRG50-C1
Age: 2622
ETag: W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: r2JpPzX-d6urlk5GRhrav5WdOXwm6SbtyIAA9Ug-5ir7l3BIRapIkw==

GET
H2 200 request.js
script.anura.io/ 54 KB
20 KB 130ms
70ms Script
application/javascript 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=56309078&source=202950&campaign=27323&exid=undefined&458428589919

Requested by

Host: writesun.com
URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://writesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:25:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 matches
signals.aimtell.com/ 43 B
260 B 54ms
19ms Image
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa&gtmcb=1484707095
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://writesun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:52 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 75ffbe6e5feb903c-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

GET cookie
api.traversedlp.com/retargeting/v1/ 0
0

GET
H2 200 / Show response
iwin.rewardsadvisor.com/ 392 KB
66 KB 60ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=w1fojnljp6bkuq0k2rn9sl2u&aff_sub4=&aff_sub5=&clickid=907d3dc11f7308de2d8f58b31cf25940&pub=202950&cid=29415&sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Requested by: Host: writesun.com
URL: https://writesun.com/js/main.js?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 86df12ce4100742c78b90a834bd5c7c4664f9abbb4d1c426f0b3e537736ca28b

Request headers

Referer: https://writesun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-length: 67036
content-type: text/html
date: Wed, 26 Oct 2022 02:25:52 GMT
etag: "8583e8a2e758ed434f8d3572a7c1c799"
last-modified: Tue, 25 Oct 2022 18:37:50 GMT
server: keycdn-engine
x-amz-version-id: CRkN8CvK7XDb9EuILOCbEafQ_OnNPyce
x-cache: HIT
x-cache-status: HIT
x-edge-location: defr

GET
H2 200 presenter.ae7ecc5.css
impressure-c630.kxcdn.com/ 18 KB
5 KB 41ms
6ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=w1fojnljp6bkuq0k2rn9sl2u&aff_sub4=&aff_sub5=&clickid=907d3dc11f7308de2d8f58b31cf25940&pub=202950&cid=29415&sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:52 GMT
content-encoding: br
x-amz-request-id: XWP7BA0VNZP8XD2C
x-edge-location: defr
x-cache: HIT
content-length: 4919
x-amz-id-2: AS4TzwqZnv2DTRxGeHciDFvlbGyDNvbSnPvP/luqYzqG4XhS5Z88Ugib6YVZgwalRSc8NgjkG3Y=
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
server: keycdn-engine
etag: "c8ba4cfb85a21500b78f527fec541e40"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:52 GMT

GET
H2 200 presenter.b5337b9.js Show response
impressure-c630.kxcdn.com/ 408 KB
105 KB 41ms
7ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Requested by: Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=w1fojnljp6bkuq0k2rn9sl2u&aff_sub4=&aff_sub5=&clickid=907d3dc11f7308de2d8f58b31cf25940&pub=202950&cid=29415&sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: a6a54d80b5c033492bf1d432789671f1faa06e46916add5a469cfacd370c3eba

Request headers

Referer: https://iwin.rewardsadvisor.com/
Origin: https://iwin.rewardsadvisor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:52 GMT
content-encoding: br
x-amz-request-id: REHEZVHF363T1G9C
x-edge-location: defr
x-cache: HIT
content-length: 106527
x-amz-id-2: xIgKP2dDiJObDtoaEHNL3IW3+Ltvrgksr4oYYzvwCNRxAue62a7ng8gbKI3Mpj7EszLuTy7XGds=
last-modified: Mon, 19 Sep 2022 23:22:53 GMT
server: keycdn-engine
etag: "5fa7b94726c1a44b9120065cb124128a"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
13ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: iwin.rewardsadvisor.com
URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=w1fojnljp6bkuq0k2rn9sl2u&aff_sub4=&aff_sub5=&clickid=907d3dc11f7308de2d8f58b31cf25940&pub=202950&cid=29415&sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 26 Oct 2022 01:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5034
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 26 Oct 2022 03:01:58 GMT

GET
H/1.1 200
OK info Show response
events.impressure.io/ 898 B
1 KB 759ms
175ms XHR
application/json 52.43.151.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/info?v=2&nonce=11098351500543512&userId=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.151.13 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-151-13.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

690149283a1643bf702ea3cd66d3d87f3444418741d8c57a0826425773326630

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:25:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"382-EGAOuGxeLDVYtnk03Bik5BhiaqQ"
X-Powered-By: Express
Vary: Accept-Encoding, Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 632

GET
DATA 200
OK truncated
/ 21 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 loading.d78985d5a90c42d31aaaf9203cddb569.gif
impressure-c630.kxcdn.com/ 2 KB
2 KB 7ms
7ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:52 GMT
content-encoding: gzip
x-amz-request-id: XQS2W5RWX8ZAHJNF
x-edge-location: defr
x-cache: HIT
content-length: 1315
x-amz-id-2: dIBmdMR5ZovUE7i91gxM+8YSRVOJwKkeD37cvIlcVs7IoI02M9FtJVk7JANR96yRLGHyoHsWFRs=
last-modified: Tue, 21 Aug 2018 14:21:48 GMT
server: keycdn-engine
etag: W/"d78985d5a90c42d31aaaf9203cddb569"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:52 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/ 84 KB
27 KB 42ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1749545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26983
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14e7e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75ffbe74a80e9b31-FRA
expires: Mon, 16 Oct 2023 02:25:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
973 B 67ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@500;800&display=swap

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4dd6ecdbe8ca863a0b4f2466b23a41e9157ebf8323286ece740d5d2eb78f42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 02:25:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 02:25:53 GMT

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/trackpush/ 47 KB
13 KB 341ms
125ms Script
text/javascript 52.217.82.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by: Host: writesun.com
URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.82.214 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 53e7247e0683d7fc377a2d3bd91e1f8d2c2144e77ab331762ca1f8ed85af4866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 26 Oct 2022 02:25:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jun 2022 15:49:51 GMT
Server: AmazonS3
x-amz-request-id: BMYYZ2E35GMHEXKY
ETag: "2852a7e73e6ac9f0ec2ec335bb611c3f"
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 13336
x-amz-id-2: jT47XCwimJ29B06gBz9saoBJp4DE2hpMdH2jVL5itpcT2Z0I/uD0pkv5hOncD5jIMz8VmANY89A=

GET
H2 200 request.js Show response
script.anura.io/ 54 KB
20 KB 50ms
50ms Script
application/javascript 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=2383107219&source=202950-&campaign=2017&variable=optionalResponseObjectVariable&421918487024

Requested by

Host: writesun.com
URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

50da2bb323bec304dddc4456ab2f571cfed6758ebb2c25880d877d60ffe31e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 track.js Show response
signals.aimtell.com/ 3 KB
2 KB 17ms
17ms Script
text/javascript 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/track.js
Requested by: Host: writesun.com
URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsQ9XaiS-YlNI_07PSxSWNu4NV3-7y84Vn5qsJvVyCr-NmESUBqnJUmWWPmsfy0HvLnAcetduOPTVAU_JzuS1HnECtb5T86
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 10 Sep 2021 18:50:33 GMT
server: cloudflare
etag: W/"e9cc12470321b3946d361c51f89f737a"
vary: Accept-Encoding
x-goog-hash: crc32c=VcSEVw==, md5=6cwSRwMhs5RtNhxR+J9zeg==
x-goog-generation: 1631299833653847
content-type: text/javascript
cache-control: public, max-age=14400
x-goog-stored-content-length: 3188
cf-ray: 75ffbe74fd1e903c-FRA
expires: Wed, 26 Oct 2022 06:25:53 GMT

GET
H2 200 d9043e5a-8dec-45e2-8de0-3afdff9211cf.js Show response
iwin.rewardsadvisor.com/chunk/182459/ 37 KB
8 KB 7ms
7ms Script
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://iwin.rewardsadvisor.com/chunk/182459/d9043e5a-8dec-45e2-8de0-3afdff9211cf.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 63efcc4d456999c3f776489806a4134d29057042d0a6ed9fe1ca36ea8cc532c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&aff_sub=202950&aff_sub2=&aff_sub3=w1fojnljp6bkuq0k2rn9sl2u&aff_sub4=&aff_sub5=&clickid=907d3dc11f7308de2d8f58b31cf25940
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-amz-version-id: 9QNxUZHr40OGbZ2rJHefNbeATHdbqo88
last-modified: Tue, 25 Oct 2022 18:37:45 GMT
server: keycdn-engine
x-edge-location: defr
etag: "3603bdf1a796be11794eb41c5cfc5b21"
x-cache-status: REVALIDATED
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 7502

GET
H2 200 chunk.7.b6c5ab6.css
impressure-c630.kxcdn.com/ 1 KB
961 B 7ms
7ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.b6c5ab6.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-amz-request-id: 83EK97DW7SW7TRY5
x-edge-location: defr
x-cache: HIT
content-length: 537
x-amz-id-2: MdIGF42MzW3UZOiXM1IoXiDxohh89GmVhGEGD+Bk09J3jU5/UIERqxAFRiK/QDotA92xSdow4BQ=
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
server: keycdn-engine
etag: "1f2e32f2ccbe4956bd43b676c6acbdc8"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:53 GMT

GET
H2 200 chunk.7.9b4f67e.js Show response
impressure-c630.kxcdn.com/ 11 KB
4 KB 7ms
7ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.9b4f67e.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-amz-request-id: PETFQCX0P1Y1J99K
x-edge-location: defr
x-cache: HIT
content-length: 3350
x-amz-id-2: 8LZnP3TrOXXpsZojrobm5JhZHYaG3E/zoz3jai9BdYsaMI6H9gC7yex+9YH4BaBh6dzpFMD/25c=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "aab16c3901aa85bf6cbd3d12fb635424"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:53 GMT

GET
H2 200 chunk.4.e1ba812.css
impressure-c630.kxcdn.com/ 2 KB
1 KB 10ms
10ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.e1ba812.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-amz-request-id: 4DX7TQM2KR8GCXEM
x-edge-location: defr
x-cache: HIT
content-length: 784
x-amz-id-2: OjS6tp5U9DUspqJ9keZ1UmZ9Oogd90iJNVxPJrD1p4W49qHN5AYPm+reGbLnq94vTfkzQzQ/PUA=
last-modified: Tue, 23 Aug 2022 19:45:27 GMT
server: keycdn-engine
etag: "1d4504cd8eb1a924fa3877af155e3acb"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:53 GMT

GET
H2 200 chunk.4.632257f.js Show response
impressure-c630.kxcdn.com/ 58 KB
14 KB 10ms
10ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.632257f.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-amz-request-id: BQ3S610ZA1B0V1NN
x-edge-location: defr
x-cache: HIT
content-length: 13564
x-amz-id-2: 32phdEnB6ZmM9r2fwEob7UOBMk3++LV8X1YsCNE22t/v1Fip/uiPW6Qav+C8RxxCKTbaol2sZQw=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "b1ded3ed49dd625cfd1196fd4bf192df"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:53 GMT

GET
H2 200 chunk.13.7a5258a.js Show response
impressure-c630.kxcdn.com/ 17 KB
5 KB 10ms
10ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.13.7a5258a.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-amz-request-id: PET8C3BRGCN19HHM
x-edge-location: defr
x-cache: HIT
content-length: 5065
x-amz-id-2: PuCHeyyMhZLQlkNGB8SYeCs3eOJqkWQW1pSlI+e/irNY3K8a0YCzuYBGPwTCCYE8Tj2I+IclI0g=
last-modified: Tue, 23 Aug 2022 19:45:26 GMT
server: keycdn-engine
etag: "04b6f9c350e90de6b9711301bf2c2b72"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:53 GMT

GET
H2 200 42ae01b4-4469-4747-aad9-edd7ba9aea44.png
djk97zng6lbya.cloudfront.net/2022/10/12/14/12/07/ 57 KB
57 KB 124ms
57ms Image
image/png 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/12/14/12/07/42ae01b4-4469-4747-aad9-edd7ba9aea44.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37a0695d3ae9b3487d7d1c9322541c806915e7550d42667b2702088faae09699

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 17:44:12 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 14:12:08 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 722502
etag: "74c67f4061c6a17f52e1c90d5a4111e9"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 57923
x-amz-cf-id: z7CIzsyc9HTNH0yInHLdYXyULqfYleQkNk3WQLT-enkqeN6FNbuQyg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 51ms
22ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=194410320&t=pageview&_s=1&dl=https%3A%2F%2Fiwin.rewardsadvisor.com%2F%3Futm_content%3Dwalmart1000%26aff_id%3D2042%26offer_id%3D29415%26aff_sub%3D202950%26aff_sub2%3D%26aff_sub3%3Dw1fojnljp6bkuq0k2rn9sl2u%26aff_sub4%3D%26aff_sub5%3D%26clickid%3D907d3dc11f7308de2d8f58b31cf25940&dr=https%3A%2F%2Fwritesun.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Amazon250-black-fri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACACI~&jid=147717581&gjid=578608441&cid=794275327.1666751153&tid=UA-204685638-1&_gid=53110091.1666751153&_r=1&_slc=1&cd1=202950&z=118533180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:25:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://iwin.rewardsadvisor.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK events Show response
events.impressure.io/ 72 B
498 B 208ms
208ms Fetch
application/json 52.43.151.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/events

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.151.13 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-151-13.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

63d1e9932d15f987672c7a8098f73e95fba72436d23a038b81a967dc871ec480

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 26 Oct 2022 02:25:53 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"48-UrnctZ2X9utkk6qgnstizGf6Ne0"
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 72

GET
H2 200 564fac38-4ebc-4569-8d84-0cadfad0d7f9.png
djk97zng6lbya.cloudfront.net/2021/08/11/16/37/53/ 8 KB
9 KB 102ms
102ms Image
image/png 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2021/08/11/16/37/53/564fac38-4ebc-4569-8d84-0cadfad0d7f9.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 755158b8ec87a849abf410abd4f21887243ce6975e6aeff7cdd5d1fd3a2780cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 04:54:45 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Wed, 11 Aug 2021 16:37:54 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 4483869
etag: "59fe4cfd2c2f6d7878dd42219052f91b"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 8523
x-amz-cf-id: ih0bKemmL2sOmgBSF0YdgIATC8eifKTyv1CM405DR-rcCtAbi0pguw==

GET
H2 200 c500d8e4-4ef1-4b24-9fc2-e910d396b713.png
djk97zng6lbya.cloudfront.net/2022/07/27/00/56/35/ 24 KB
24 KB 47ms
47ms Image
image/png 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/07/27/00/56/35/c500d8e4-4ef1-4b24-9fc2-e910d396b713.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4605f450d8d4efa82bfe330a6a9ade402ab5680705e99d256d2ad82d59207abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 16 Oct 2022 16:18:31 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jul 2022 00:56:36 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 814043
etag: "078a3623df71af387727d064cbae48d8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 24237
x-amz-cf-id: ixnSWgoB9rmQHv3zR9VPvcUE2DcqRuTNq3Ivc18rIYSc0z_MDqGoeA==

GET
H/1.1 200
OK lists Show response
events.impressure.io/ 31 B
424 B 287ms
177ms Fetch
application/json 52.43.151.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.impressure.io/lists?id=0&q=178.162.209.141%C2%ABaf259db141b1893e3b54918d59313501&v=4
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.151.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-151-13.us-west-2.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817

Request headers

accept: application/json
Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 26 Oct 2022 02:25:53 GMT
Server: nginx
ETag: W/"1f-w2zQu5TAHledxtxl6Y4gzn1Q0XY"
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 31

GET
H2 200 fetch Show response
signals.aimtell.com/ 70 B
286 B 17ms
17ms XHR
application/json 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/fetch?t=c2lnbmFsc2Rtcw&show=1
Requested by: Host: signals.aimtell.com
URL: https://signals.aimtell.com/track.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdbcc610e7775a344dfd5938462150487607d7f25d4e3eaf7d7467d98be7ef68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://iwin.rewardsadvisor.com
access-control-allow-credentials: true
cf-ray: 75ffbe760ddc903c-FRA
access-control-allow-headers: Content-Type, *

GET
H2 200 2a1f56b6-34f0-4e98-acaa-9056f3d6b2a5.png
djk97zng6lbya.cloudfront.net/2022/10/12/19/05/10/ 18 KB
18 KB 54ms
53ms Image
image/png 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/12/19/05/10/2a1f56b6-34f0-4e98-acaa-9056f3d6b2a5.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 503d8005d56b23f07da3eebec26509abdbaa644af0c101b2974297ef5e4407e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 17:44:25 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 19:05:11 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 722489
etag: "60f9952f2203983d61cc16d8bbac6119"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 18513
x-amz-cf-id: tWWkV8qjSqSg12x2eiUV052zvfVwXThVv-exCHjUHDdwOJvMnLs94w==

GET
H2 200 68b265b8-4f64-4980-aa9e-c3e05c639353.png
djk97zng6lbya.cloudfront.net/2022/10/12/17/51/44/ 14 KB
14 KB 59ms
58ms Image
image/png 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/12/17/51/44/68b265b8-4f64-4980-aa9e-c3e05c639353.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b1340f01354322423dd2fe7260bcadaa003400d9c473092e60c99e59a373ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 17:44:25 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 17:51:45 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 722489
etag: "0e7e031a2250b2fc8676c10bbe195fe4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 14226
x-amz-cf-id: aBYPIcKLUtK4JSekfMG8XcpU7JuxnFl3gfCN1mdYCrdSD1LJ7mobkA==

GET
H2 200 8700fd55-2840-4743-ad5e-a7afce0b404e.png
djk97zng6lbya.cloudfront.net/2022/10/12/17/51/52/ 17 KB
17 KB 46ms
45ms Image
image/png 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/12/17/51/52/8700fd55-2840-4743-ad5e-a7afce0b404e.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 312fc9a4a13ff230aad870b7992e31b57469bc04b46798269ee09fb5e218f979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 17:44:25 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Wed, 12 Oct 2022 17:51:53 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 722488
etag: "38db81322313508cf2fe75a6c09ea350"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 17229
x-amz-cf-id: bAe7G5EQNilj5pX4Bn-xb0ybb9sKgHLOmrrdcKfmYqEYMKTrEeFYxg==

GET
H2 200 4b21c917-535e-4b59-a41f-1357218b887d.png
djk97zng6lbya.cloudfront.net/2022/10/13/14/59/20/ 163 KB
164 KB 39ms
38ms Image
image/png 65.9.94.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/13/14/59/20/4b21c917-535e-4b59-a41f-1357218b887d.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-94-89.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14ac70dd7c8452882cae2caff9787eb885b43e3044430987c2915cc9577de5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 17:47:00 GMT
via: 1.1 d5da174e34f35b7d1482b8432bf7e084.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2022 14:59:22 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 722334
etag: "912e5a969a05ee33ba628bd3d5cd94ef"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 167328
x-amz-cf-id: Mlz4MKYbUc1IENohUEvs2i0ZqOJ2JJbikmi64OJyXEDlE6x36WkqPQ==

GET
H2 200 chunk.1.24bd7cb.js Show response
impressure-c630.kxcdn.com/ 119 KB
29 KB 7ms
7ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.1.24bd7cb.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ee3dc6dae29a50c2a6a7b77a5d8f5be706488215ddeda2dfef10ddc31da5956a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
content-encoding: br
x-amz-request-id: BSGNCD7MTZN7CZ3V
x-edge-location: defr
x-cache: HIT
content-length: 29129
x-amz-id-2: Yp3oI3/Xd6FwgSj8uqKJLbOXvus28LLFIw7F6SWBrP/PaT+rZXBRglxapnNdJbXwxHXcPKAgLeo=
last-modified: Tue, 23 Aug 2022 19:45:26 GMT
server: keycdn-engine
etag: "2bc0ccd647e1f04eec548e8319d94de8"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Wed, 02 Nov 2022 02:25:53 GMT

POST
H/1.1 200
OK events Show response
events.impressure.io/ 75 B
501 B 461ms
213ms Fetch
application/json 52.43.151.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/events

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.151.13 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-151-13.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

30b76d87102af192105db81724eadec6626e48a1f1b95aa87a5167394629c274

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 26 Oct 2022 02:25:54 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"4b-S5YUUEpu+xxlp89Z9XFjy45HwFQ"
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 75

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
180 B 12ms
11ms XHR
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=24312&v=3.972&support=1&state=default&wl=1
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:53 GMT
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: https://iwin.rewardsadvisor.com
aimtell-traverse: 1
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse
access-control-allow-credentials: true
cf-ray: 75ffbe771ea8903c-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 24312-041e2bdba891.json
cdn.aimtell.io/config/optin/ 626 B
904 B 448ms
421ms XHR
application/json 2606:4700:10::6816:47e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/optin/24312-041e2bdba891.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:54 GMT
content-encoding: gzip
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: DUS51-P2
x-cache: RefreshHit from cloudfront
content-length: 424
last-modified: Mon, 02 May 2022 17:56:33 GMT
server: cloudflare
etag: "ad9357b4d852b54d407519c4f7bfd01e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 75ffbe774a159031-FRA
x-amz-cf-id: ZwDj4Sz8VuitufZVRxqZ_0zq5jgjTZl677TUu1xCEW_LtCqTGjLDkA==

GET
H2 200 traverse Show response
signals.aimtell.com/ Frame 8786 30 B
106 B 18ms
18ms Document
text/html 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/traverse
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19

Request headers

Referer: https://iwin.rewardsadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
cf-ray: 75ffbe773ebb903c-FRA
content-length: 30
content-type: text/html;charset=UTF-8
date: Wed, 26 Oct 2022 02:25:53 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 response.json Show response
script.anura.io/ 132 B
472 B 138ms
88ms XHR
application/json 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=2383107219&source=202950-&campaign=2017&variable=optionalResponseObjectVariable&421918487024

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7e8670ae6f9e66a58c5d20d1005fe86b62b9413519a6971cfb1e3faa0f90ea26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 1
stats.pusher.com/timeline/v2/jsonp/ 0
75 B 309ms
96ms Script
application/javascript 52.22.98.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.pusher.com/timeline/v2/jsonp/1?session=MTM2ODM1MjMx&bundle=MQ%3D%3D&key=NTAyODM0YTg1MjU1MGVlNDZkZjk%3D&lib=anM%3D&version=NC40LjA%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2NjY3NTExNTM2NzJ9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjY2NzUxMTUzNjczfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjY2NzUxMTUzNjczfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY2Njc1MTE1MzY3M30seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY2Njc1MTE1MzY3M30seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY2Njc1MTE1Mzk4OH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI0MzU1ODAuMTI1NjUwMiJ9LCJ0aW1lc3RhbXAiOjE2NjY3NTExNTM5ODl9XQ%3D%3D
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/chunk.1.24bd7cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.98.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-98-180.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:54 GMT
server: awselb/2.0
content-length: 0
content-type: application/javascript; charset=utf-8

POST
H2 200 result.json
script.anura.io/ 81 B
436 B 40ms
40ms XHR
application/json 13.41.96.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Host: writesun.com
URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=w1fojnljp6bkuq0k2rn9sl2u&sid3=&sid4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.41.96.213 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-41-96-213.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iwin.rewardsadvisor.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 26 Oct 2022 02:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2

200

Primary Request / Show response
sendmesamples.com/
Redirect Chain

http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2042&aff_sub2=--202950-012&aff_sub3=b3958fb2-0f2a-47fd-baf2-515f72503aad&aff_sub4=2042
https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=--202950-012&aff_sub3=b3958fb2-0f2a-47fd-baf2-515f72503aad&aff_sub4=2042&aff_sub5=&creative_id=1025&offer_id=2...
https://sendmesamples.com/

77 KB
17 KB

1062ms
1032ms

Document
text/html

2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL: https://sendmesamples.com/
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: eddea001d50cffbac57ec852cb1a7df128837dd75209176653cd058fcc58a417

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75ffbe7b588d9c10-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 26 Oct 2022 02:25:55 GMT
link: <https://sendmesamples.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpQBb2Wq%2BheZq3UPbIGDgO%2FGWB8Evxu4ZGDNAzWsL0u9pmAIs6WO%2BwsimG36qQ%2Fp7xo5V%2FllCtsme0cnnl1ed2llQmJ6jdJraDDB%2FUMXaN%2BAnMrqWpTnYC%2F2k62vRgulLfIVR4qfg4EI0ZOwDXxaxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34

Redirect headers

access-control-allow-headers: Tune-SDK-Version
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75ffbe7aaeaa9180-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 26 Oct 2022 02:25:54 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://sendmesamples.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI CUR OUR NOR INT"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZjEBXBBMHQrinfVSMSJZgUwTDwQkdCDikACMiwurDf3UoWUNNYh4pdekIeRFUslFKmJ6hOSckaNACorawgx4ardMDrL7HyozXnig5oeTaI%2BYFUkxJGcr5iheE4HNsEyuwDDwH4PyVaD9giuLNyj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
tracking_id: 102167199182108961372262501931
x-request-id: 2b5451b1d529066522ad46b6c7bc3f68
x-robots-tag: noindex, nofollow

GET
H2 200 24312-041e2bdba891.json
cdn.aimtell.io/config/ 95 B
287 B 409ms
408ms XHR
application/json 2606:4700:10::6816:47e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/24312-041e2bdba891.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iwin.rewardsadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 02:25:54 GMT
content-encoding: gzip
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-length: 104
last-modified: Fri, 13 Aug 2021 18:56:17 GMT
server: cloudflare
etag: "2e9a47727caf9c4def7ceb9e72845ea1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 75ffbe7b9c479031-FRA
x-amz-cf-id: x1FhTJIZTLVpB12QwKXjHKIYoWvN5VR_gOrwuwzyhcWtxKOLlP58Pw==

GET style.css
sendmesamples.com/wp-content/themes/wp-prosper204/ 0
0

GET style.css
sendmesamples.com/wp-content/plugins/share-this/css/ 0
0

GET video-container.min.css
sendmesamples.com/wp-content/plugins/simple-embed-code/css/ 0
0

GET sfsi-style.css
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/css/ 0
0

GET font-awesome.min.css
sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/ 0
0

GET core.css
sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/ 0
0

GET style.min.css
sendmesamples.com/wp-content/plugins/layered-popups/css/ 0
0

GET link-buttons.min.css
sendmesamples.com/wp-content/plugins/layered-popups/css/ 0
0

GET animate.min.css
sendmesamples.com/wp-content/plugins/layered-popups/css/ 0
0

GET smc_front.css
sendmesamples.com/wp-content/plugins/social-media-icons/styles/ 0
0

GET jquery.js
sendmesamples.com/wp-includes/js/jquery/ 0
0

GET jquery-migrate.min.js
sendmesamples.com/wp-includes/js/jquery/ 0
0

GET flexslider.js
sendmesamples.com/wp-content/themes/wp-prosper204/js/ 0
0

GET external.js
sendmesamples.com/wp-content/themes/wp-prosper204/js/ 0
0

GET suckerfish.js
sendmesamples.com/wp-content/themes/wp-prosper204/js/ 0
0

GET
H2 200 buttons.js Show response
w.sharethis.com/button/ 59 KB
17 KB 93ms
25ms Script
application/javascript 2600:9000:2127:d400:3:c04e:c780:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://w.sharethis.com/button/buttons.js

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:d400:3:c04e:c780:93a1 -, , ASN (),

Reverse DNS

Software

nginx/1.20.1 /

Resource Hash

049ba97efd5e51f8dcaaf2383aae4b00bfbab1eb715124666ac72e3a9408d234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 21:06:22 GMT
content-encoding: gzip
via: 1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 191973
x-cache: Hit from cloudfront
content-length: 16989
server: nginx/1.20.1
etag: W/"634f1855-edb3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
x-robots-tag: noindex, nofollow
x-amz-cf-id: DSutdh73Q_R0332Xk62A68JCo-qdi8_jUcOs5swQqDh33rb4u_2hvA==
expires: Wed, 26 Oct 2022 21:06:22 GMT

GET default.css
sendmesamples.com/wp-content/themes/wp-prosper204/styles/ 0
0

GET custom.css
sendmesamples.com/wp-content/themes/wp-prosper204/ 0
0

GET
H3 200 css
fonts.googleapis.com/ 56 KB
2 KB 54ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Raleway:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin-ext,vietnamese

Requested by

Host: sendmesamples.com
URL: https://sendmesamples.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba45036ff37c29128322f07ffe8cdb18c355bbbfb1f2dc20d2119e8180a6b2bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sendmesamples.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 26 Oct 2022 02:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 02:00:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 26 Oct 2022 02:25:55 GMT

GET logo-new2.png
sendmesamples.com/wp-content/uploads/2014/01/ 0
0

GET 543530_SweepsPal700x400.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET CashHound700x400v2.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET aff_i
go.aramistrk.com/ 0
0

GET Learn-About-GoodRx-4.gif
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET aff_i
go.aramistrk.com/ 0
0

GET Learn-About-GoodRx-1.gif
sendmesamples.com/wp-content/uploads/2022/09/ 0
0

GET aff_i
go.aramistrk.com/ 0
0

GET Learn-About-GoodRx-2.gif
sendmesamples.com/wp-content/uploads/2022/09/ 0
0

GET aff_i
go.aramistrk.com/ 0
0

GET internal_header-1.jpeg
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET Learn-About-GoodRx-32.jpg
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET 63557cb98d90510b5adb81b6_NEW-3-p-1600.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET SAT_51383_A2_RTW_BeisBag_LandingPage_1370x333_ar01.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET j7ow9uejvcogxw82t4zi.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET everything-legendary-bg.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET Learn-About-GoodRx-30.jpg
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET hand.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET Screenshot-2022-10-21-at-8.51.07-PM.png
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET d0ae23c9-bfe1-3f08-6fd1-5c13176ed0a4.jpeg
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET nmedianet.js
contextual.media.net/ 0
0

GET loader.gif
sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/ 0
0

GET Try-Products-1.gif
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET aff_i
go.aramistrk.com/ 0
0

GET Enter-For-a-Chance-To-Win-500.gif
sendmesamples.com/wp-content/uploads/2022/10/ 0
0

GET 20180115102110-ts-300x300.gif
sendmesamples.com/wp-content/uploads/2022/06/ 0
0

GET Get-Healthy-1.gif
sendmesamples.com/wp-content/uploads/2022/06/ 0
0

GET facebook.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 0
0

GET twitter.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 0
0

GET pinterest.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 0
0

GET rss.png
sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/ 0
0

GET core.min.js
sendmesamples.com/wp-includes/js/jquery/ui/ 0
0

GET modernizr.custom.min.js
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 0
0

GET jquery.shuffle.min.js
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 0
0

GET random-shuffle-min.js
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/ 0
0

GET custom.js
sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/ 0
0

GET Convertful.js
app.convertful.com/ 0
0

GET script.min.js
sendmesamples.com/wp-content/plugins/layered-popups/js/ 0
0

GET wp-embed.min.js
sendmesamples.com/wp-includes/js/ 0
0

GET fb.js
sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/ 0
0

GET img-1.png
sendmesamples.com/wp-content/uploads/ulp/33FaqJoLutctoFf3/ 0
0

GET ads.js
sendmesamples.com/wp-content/plugins/layered-popups/js/ 0
0

GET js
static.getclicky.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.traversedlp.com
URL: https://api.traversedlp.com/retargeting/v1/cookie

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/style.css

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/share-this/css/style.css?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/simple-embed-code/css/video-container.min.css?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/font-awesome.min.css?ver=4.7.0

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/core.css?ver=1.2.2

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/layered-popups/css/style.min.css?ver=6.39

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/layered-popups/css/link-buttons.min.css?ver=6.39

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/layered-popups/css/animate.min.css?ver=6.39

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/styles/smc_front.css?ver=1.2.5

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/js/flexslider.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/js/external.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/js/suckerfish.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/styles/default.css

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/themes/wp-prosper204/custom.css

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2014/01/logo-new2.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/543530_SweepsPal700x400.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/CashHound700x400v2.png

Domain: go.aramistrk.com
URL: https://go.aramistrk.com/aff_i?offer_id=3406&aff_id=1856&source=SMS-content

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/Learn-About-GoodRx-4.gif

Domain: go.aramistrk.com
URL: https://go.aramistrk.com/aff_i?offer_id=644&aff_id=1856&source=SMS-content

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/09/Learn-About-GoodRx-1.gif

Domain: go.aramistrk.com
URL: https://go.aramistrk.com/aff_i?offer_id=3403&aff_id=1856&source=SMS-content

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/09/Learn-About-GoodRx-2.gif

Domain: go.aramistrk.com
URL: https://go.aramistrk.com/aff_i?offer_id=3408&aff_id=1856&source=SMS-content

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/internal_header-1.jpeg

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/Learn-About-GoodRx-32.jpg

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/63557cb98d90510b5adb81b6_NEW-3-p-1600.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/SAT_51383_A2_RTW_BeisBag_LandingPage_1370x333_ar01.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/j7ow9uejvcogxw82t4zi.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/everything-legendary-bg.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/Learn-About-GoodRx-30.jpg

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/hand.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/Screenshot-2022-10-21-at-8.51.07-PM.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/d0ae23c9-bfe1-3f08-6fd1-5c13176ed0a4.jpeg

Domain: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUJ17NQL

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/loader.gif

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/Try-Products-1.gif

Domain: go.aramistrk.com
URL: https://go.aramistrk.com/aff_i?offer_id=3410&aff_id=1856&source=SMS-content

Domain: go.aramistrk.com
URL: https://go.aramistrk.com/aff_i?offer_id=3407&aff_id=1856&source=SMS-content

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/10/Enter-For-a-Chance-To-Win-500.gif

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/06/20180115102110-ts-300x300.gif

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/2022/06/Get-Healthy-1.gif

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/facebook.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/twitter.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/pinterest.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/social-media-icons/images/iconset/Default/rss.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/modernizr.custom.min.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/jquery.shuffle.min.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/shuffle/random-shuffle-min.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/js/custom.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: app.convertful.com
URL: https://app.convertful.com/Convertful.js?owner=39789

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/layered-popups/js/script.min.js?ver=6.39

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-includes/js/wp-embed.min.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/facebook-pagelike-widget/fb.js?ver=1.0

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/uploads/ulp/33FaqJoLutctoFf3/img-1.png

Domain: sendmesamples.com
URL: https://sendmesamples.com/wp-content/plugins/layered-popups/js/ads.js?ver=6.39

Domain: static.getclicky.com
URL: https://static.getclicky.com/js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eng.trkcnv.com/	1970-01-20 07:42:26	Name: w4c-29415 Value: 907d3dc11f7308de2d8f58b31cf25940_202950
.rewardsadvisor.com/	1970-01-20 16:35:11	Name: _user_time Value: 1666751152635\|1666751152635
iwin.rewardsadvisor.com/	1970-01-20 16:35:11	Name: _user_random Value: 0.382186221917481
.rewardsadvisor.com/	1970-01-20 16:35:11	Name: _ga Value: GA1.2.794275327.1666751153
.rewardsadvisor.com/	1970-01-20 07:00:37	Name: _gid Value: GA1.2.53110091.1666751153
.rewardsadvisor.com/	1970-01-20 16:35:11	Name: _user_id Value: 0c11aa52-e2bd-4885-be7d-8a65c20fa53a-vVwJpCrKhozVkjOYwMq3Y4oI8DlkSXWinflfNRo5EQ
.rewardsadvisor.com/	1970-01-20 06:59:11	Name: _gat Value: 1
signals.aimtell.com/	1970-01-20 15:43:20	Name: s0 Value: f794e02f-5548-95dd-8543-ece3cbc96836
go.aramistrk.com/	1970-01-20 07:00:37	Name: enc_aff_session_2008 Value: ENC03ffa4d5a8f35a98bf8bdb5c48b090bb4a410684d95e58e1013f1b8eda93675e266a5fb9bf1775392a77fdc75590f9716c36170af489e547c740e75a7ab6bf1ac72178ca1c6ba3671b0507f329d3d4b9da4988435828a10bcd2b737c74da190a254e898d284f71c778cdd4c76273bfc698399dd4c9316f3b4ddb3e09efd50358d80b5e5f9ab88e921d0bb4fd85882bc5b772bdbc11021e6756be4241833aaf3b994aceb9841086a76e02728f9509b41efac41df1e023543cc2d16c920e4fc44cae200691df
go.aramistrk.com/	1970-01-20 16:35:11	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDYiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNi4wLjUyNDkuMTE5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
iwin.rewardsadvisor.com/	1970-01-20 09:23:11	Name: _aimtellSubscriberID Value: 6641c1c1-efb2-5198-67a7-8568a4b15dfd

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&aff_sub=202950&aff_sub2=&aff_sub3=w1fojnljp6bkuq0k2rn9sl2u&aff_sub4=&aff_sub5=&clickid=907d3dc11f7308de2d8f58b31cf25940 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.traversedlp.com
app.convertful.com
cdn.aimtell.io
cdnjs.cloudflare.com
contextual.media.net
djk97zng6lbya.cloudfront.net
eng.trkcnv.com
events.impressure.io
fonts.googleapis.com
go.aramistrk.com
impressure-c630.kxcdn.com
iwin.rewardsadvisor.com
s3.amazonaws.com
script.anura.io
sendmesamples.com
signals.aimtell.com
static.getclicky.com
static.traversedlp.com
stats.pusher.com
w.sharethis.com
writesun.com
www.google-analytics.com
www.googletagmanager.com
api.traversedlp.com
app.convertful.com
contextual.media.net
go.aramistrk.com
sendmesamples.com
static.getclicky.com
13.41.96.213
2600:9000:2127:d400:3:c04e:c780:93a1
2606:4700:10::6816:47e7
2606:4700:3033::6815:5204
2606:4700:3034::6815:3e4e
2606:4700::6811:180e
2606:4700::6812:1f97
2a00:1450:4001:80f::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
2a0b:4d07:101::1
52.217.82.214
52.22.98.180
52.43.151.13
54.190.214.118
65.9.94.89
65.9.95.115
049ba97efd5e51f8dcaaf2383aae4b00bfbab1eb715124666ac72e3a9408d234
04d649bf674f02060b9e4160ecf5be5df7d5b8a073b8654b7eef07048154f4c5
0b1340f01354322423dd2fe7260bcadaa003400d9c473092e60c99e59a373ce6
1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d
14ac70dd7c8452882cae2caff9787eb885b43e3044430987c2915cc9577de5a0
1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20
30b76d87102af192105db81724eadec6626e48a1f1b95aa87a5167394629c274
312fc9a4a13ff230aad870b7992e31b57469bc04b46798269ee09fb5e218f979
37a0695d3ae9b3487d7d1c9322541c806915e7550d42667b2702088faae09699
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19
4605f450d8d4efa82bfe330a6a9ade402ab5680705e99d256d2ad82d59207abb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503d8005d56b23f07da3eebec26509abdbaa644af0c101b2974297ef5e4407e5
50da2bb323bec304dddc4456ab2f571cfed6758ebb2c25880d877d60ffe31e0e
53e7247e0683d7fc377a2d3bd91e1f8d2c2144e77ab331762ca1f8ed85af4866
6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199
63d1e9932d15f987672c7a8098f73e95fba72436d23a038b81a967dc871ec480
63efcc4d456999c3f776489806a4134d29057042d0a6ed9fe1ca36ea8cc532c9
6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817
690149283a1643bf702ea3cd66d3d87f3444418741d8c57a0826425773326630
755158b8ec87a849abf410abd4f21887243ce6975e6aeff7cdd5d1fd3a2780cd
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09
7e8670ae6f9e66a58c5d20d1005fe86b62b9413519a6971cfb1e3faa0f90ea26
80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6
82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d
86552f1386f2f7b8560b04e5fc3e258127c01de3a066878268733d386faa6566
86df12ce4100742c78b90a834bd5c7c4664f9abbb4d1c426f0b3e537736ca28b
89b8871d3ff20a65559c5788e839eca2bbbf8bab76c54e4d7bffd3ff15137ca3
8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0
8c4dd6ecdbe8ca863a0b4f2466b23a41e9157ebf8323286ece740d5d2eb78f42
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a6a54d80b5c033492bf1d432789671f1faa06e46916add5a469cfacd370c3eba
ae8d753a2079883b7e33c959f6fda145de5414800d3851433f0b2eafe91af30f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba45036ff37c29128322f07ffe8cdb18c355bbbfb1f2dc20d2119e8180a6b2bd
bdbcc610e7775a344dfd5938462150487607d7f25d4e3eaf7d7467d98be7ef68
cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7
e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982
eddea001d50cffbac57ec852cb1a7df128837dd75209176653cd058fcc58a417
ee3dc6dae29a50c2a6a7b77a5d8f5be706488215ddeda2dfef10ddc31da5956a
faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39

sendmesamples.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

43 %HTTPS

61 %IPv6

22 Domains

23 Subdomains

18 IPs

4 Countries

762 kBTransfer

2079 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sendmesamples.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

43 %
HTTPS

61 %
IPv6

22
Domains

23
Subdomains

18
IPs

4
Countries

762 kB
Transfer

2079 kB
Size

11
Cookies

109 HTTP transactions
1 data transactions