rewards.airmiles.ca Open in urlscan Pro
52.5.125.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.airmiles.ca/T/v600000178045f8118ab760c434b5c5940/015a6e1cdc4c46000000021ef3a0bcc3/015a6e1c-dc4c-4600-a219-10...
Effective URL:
https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Submission Tags: falconsandbox
Submission: On March 06 via api (March 6th 2021, 6:49:51 pm UTC) from US

Summary HTTP 66 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 66 HTTP transactions. The main IP is 52.5.125.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is rewards.airmiles.ca.
TLS certificate: Issued by Amazon on July 29th 2020. Valid for: a year.

This is the only time rewards.airmiles.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.127.187.134 159.127.187.134	19137 (EPSILON-I...) (EPSILON-INTERACTIVE)
1 29	52.5.125.197 52.5.125.197	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:4e42:600... 2a04:4e42:600::621	54113 (FASTLY) (FASTLY)
4	23.36.232.5 23.36.232.5	16625 (AKAMAI-AS) (AKAMAI-AS)
4	35.241.48.88 35.241.48.88	15169 (GOOGLE) (GOOGLE)
6	104.109.68.58 104.109.68.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:20d... 2600:9000:20d7:dc00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	52.212.193.208 52.212.193.208	16509 (AMAZON-02) (AMAZON-02)
1 1	13.224.197.24 13.224.197.24	16509 (AMAZON-02) (AMAZON-02)
5	13.225.80.67 13.225.80.67	16509 (AMAZON-02) (AMAZON-02)
3	54.195.23.91 54.195.23.91	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.187.87 65.9.187.87	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	52.210.171.182 52.210.171.182	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
66	16

1 159.127.187.134 (United States) 1 redirects

ASN19137 (EPSILON-INTERACTIVE, US)

email.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 52.5.125.197 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-125-197.compute-1.amazonaws.com

rewards.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::621 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.232.5 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-232-5.deploy.static.akamaitechnologies.com

se.monetate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.241.48.88 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 88.48.241.35.bc.googleusercontent.com

ws1.postescanada-canadapost.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.109.68.58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-68-58.deploy.static.akamaitechnologies.com

www.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:dc00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.193.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com

loyaltyone.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mboxedge37.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.197.24 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-24.fra2.r.cloudfront.net

auth.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.80.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-67.fra2.r.cloudfront.net

pattern-library.airmiles.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.195.23.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.187.87 (United States)

ASN16509 (AMAZON-02, US)

t.contentsquare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.171.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

loyaltyone.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	airmiles.ca 3 redirects email.airmiles.ca rewards.airmiles.ca www.airmiles.ca auth.airmiles.ca pattern-library.airmiles.ca	6 MB
4	demdex.net dpm.demdex.net loyaltyone.demdex.net	6 KB
4	postescanada-canadapost.ca ws1.postescanada-canadapost.ca	52 KB
4	monetate.net se.monetate.net	7 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	omtrdc.net loyaltyone.tt.omtrdc.net mboxedge37.tt.omtrdc.net	1 KB
2	googletagmanager.com www.googletagmanager.com	125 KB
2	polyfill.io polyfill.io	752 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	contentsquare.net t.contentsquare.net	53 KB
1	ctfassets.net images.ctfassets.net	70 KB
66	14

	Domain	Requested by
29	rewards.airmiles.ca	1 redirects rewards.airmiles.ca
6	www.airmiles.ca	rewards.airmiles.ca
5	pattern-library.airmiles.ca	rewards.airmiles.ca
4	ws1.postescanada-canadapost.ca	rewards.airmiles.ca
4	se.monetate.net	rewards.airmiles.ca se.monetate.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	dpm.demdex.net	www.airmiles.ca rewards.airmiles.ca
2	cm.g.doubleclick.net	2 redirects
2	mboxedge37.tt.omtrdc.net	www.airmiles.ca
2	www.googletagmanager.com	rewards.airmiles.ca
2	polyfill.io	rewards.airmiles.ca
1	cm.everesttech.net	1 redirects
1	loyaltyone.demdex.net	www.airmiles.ca
1	www.google.de	rewards.airmiles.ca
1	www.google.com	rewards.airmiles.ca
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.contentsquare.net	rewards.airmiles.ca
1	auth.airmiles.ca	1 redirects
1	loyaltyone.tt.omtrdc.net	www.airmiles.ca
1	images.ctfassets.net	rewards.airmiles.ca
1	email.airmiles.ca	1 redirects
66	21

This site contains links to these domains. Also see Links.

Domain
www.airmiles.ca
www.loyalty.com

Subject Issuer	Validity	Valid
*.rewards.airmiles.ca Amazon	`2020-07-29` - `2021-08-29`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
www.monetate.net DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-09-01`	a year	crt.sh
ws1.postescanada-canadapost.ca Entrust Certification Authority - L1K	`2020-01-28` - `2022-03-28`	2 years	crt.sh
*.airmiles.ca DigiCert SHA2 Secure Server CA	`2020-04-10` - `2021-07-10`	a year	crt.sh
images.ctfassets.net Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-09`	a year	crt.sh
*.pattern-library.airmiles.ca Amazon	`2020-11-20` - `2021-12-19`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
t.contentsquare.net Amazon	`2020-12-13` - `2022-01-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Frame ID: 30B752656C61958674307137328935C9
Requests: 44 HTTP requests in this frame

Frame: https://rewards.airmiles.ca/merchandise/logout
Frame ID: 15F897621083A5C71CFE153C16EF2187
Requests: 20 HTTP requests in this frame

Frame: https://loyaltyone.demdex.net/dest5.html?d_nsid=0
Frame ID: D257892B98D9639A47367D76F4654D3C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://email.airmiles.ca/T/v600000178045f8118ab760c434b5c5940/015a6e1cdc4c46000000021ef3a0bcc3/015a6e... HTTP 302
https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admi... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

66
Requests

100 %
HTTPS

35 %
IPv6

14
Domains

21
Subdomains

16
IPs

4
Countries

6430 kB
Transfer

7326 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.airmiles.ca/arrow/enrollment/Enrollment?changeLocale=en_CA
Title: Join now

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/
Title: www.airmiles.ca

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/arrow/TermsAndConditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/arrow/ContactUs
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.loyalty.com/home/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.airmiles.ca/arrow/PrivacyPolicy
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.airmiles.ca/T/v600000178045f8118ab760c434b5c5940/015a6e1cdc4c46000000021ef3a0bcc3/015a6e1c-dc4c-4600-a219-103794a925c2?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_2Tde40TI-jVC0CuQWvny6C4pLGEr0qmGw20fC5g9yy8cAvqpGlj0ehmE--evKrpXOlbPhT4iLSIiy9IbQul_LXhKm_cPSLm1tmx_gzPFNQ7b_fHoBdunHjrv0-MyG8YbcHZtiCCCG7UbvxvHlyqAITPduvH8zkBGA_5-fsrqA_LG1vh9aKP5Xbp3nCAjd8-HWD3-JcJcZTPp2660t1osVOGIKfn1No5ofGLfypOjV7SgXTo5EHYvAwrUsIKWTeiNvegRLMYZi6Pz6FRxQDKUlIyl6as1E0uhescg2U2J3T4F8OdWm93QwpY2ZLSIerbq_o_iGwcQPLUW-R_X-3D-F-TuYnTC-1zsA%3D HTTP 302
https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_- Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://auth.airmiles.ca/authorize?audience=https://members.loyalty.com&response_type=code&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&redirect_uri=https://rewards.airmiles.ca/merchandise/api/v1/auth/login?redirect=https://rewards.airmiles.ca/merchandise/login&connection=member-pin-idp-recaptcha&offline_access&prompt=none&scope=memberbanner HTTP 302
https://rewards.airmiles.ca/merchandise/api/v1/auth/login?redirect=https%3A%2F%2Frewards.airmiles.ca%2Fmerchandise%2Flogin&error=login_required&error_description=Login%20required HTTP 302
https://rewards.airmiles.ca/merchandise/logout

Request Chain 38

https://cm.everesttech.net/cm/dd?d_uuid=02945497602093422064143313560628235246 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEPOvAAAALOSGQHZ

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDI5NDU0OTc2MDIwOTM0MjIwNjQxNDMzMTM1NjA2MjgyMzUyNDY= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDI5NDU0OTc2MDIwOTM0MjIwNjQxNDMzMTM1NjA2MjgyMzUyNDY=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJwL0u7EB8Tb2ARdRDXVU4E&google_cver=1?gdpr=0&gdpr_consent=

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request orders Show response
rewards.airmiles.ca/merchandise/
Redirect Chain

https://email.airmiles.ca/T/v600000178045f8118ab760c434b5c5940/015a6e1cdc4c46000000021ef3a0bcc3/015a6e1c-dc4c-4600-a219-103794a925c2?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_2Tde40TI-jVC0C...
https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

878 KB
879 KB

514ms
300ms

Document
text/html

52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Next.js 7.0.3

Resource Hash

8f9910965bb8a72f9caf41ca6715786cf738a15a013f11db6bd06ec654ade6a4

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

:method: GET
:authority: rewards.airmiles.ca
:scheme: https
:path: /merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
content-type: text/html; charset=utf-8
content-length: 899203
server: nginx/1.17.0
x-powered-by: Next.js 7.0.3
x-frame-options: ALLOW-FROM https://www.facebook.com
set-cookie: merch__locale=en-CA; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT merch__locale=en-CA; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
etag: "db883-48OC/uHJaYt622A1ydZD1TT8LMw"

Redirect headers

location: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
cache-control: no-cache
content-length: 0
date: Sat, 06 Mar 2021 18:49:30 GMT

GET
H2 200 orders.js Show response
rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/ 299 KB
300 KB 184ms
182ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/orders.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

0ec91c1fa12bbee461e4ee9991a8dcde63663d6d86919ea4b44aed28b8f9a784

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"4abe6-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 306150

GET
H2 200 _app.js Show response
rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/ 54 KB
54 KB 184ms
181ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/_app.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

0360f4f155c8d6e164283db49463fa8af3b3877521a523dcf529bb50d7cb2eb7

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"d817-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 55319

GET
H2 200 _error.js Show response
rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/ 6 KB
7 KB 183ms
181ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/_error.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

1e2fdb692b78a9bcc051c7d9da8cfcb365963e0cb420ccd41fd2674840c2a197

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"197b-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 6523

GET
H2 200 webpack-a264d79a0e16402b3b97.js Show response
rewards.airmiles.ca/merchandise/_next/static/runtime/ 2 KB
3 KB 182ms
180ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/runtime/webpack-a264d79a0e16402b3b97.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

7f214ae69c334f27b7d02162b5935bc2c70af6f8e8ae1f3807c746b6ac1511cf

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"967-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 2407

GET
H2 200 commons.1e4e5717787d561b62f6.js Show response
rewards.airmiles.ca/merchandise/_next/static/chunks/ 2 MB
2 MB 182ms
180ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

8cbc070d8f21761b427d292ac2c9d69da8bb7dc5d158ceab8cbbebb32dc9f304

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"1cc1ed-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1884653

GET
H2 200 styles.6e0c1fc0899fc2cc4289.js Show response
rewards.airmiles.ca/merchandise/_next/static/chunks/ 2 KB
2 KB 181ms
179ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/chunks/styles.6e0c1fc0899fc2cc4289.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

3f871b38b5fa6abd701831d21e4919d4017f9951f3157e799e45fb851d008f74

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"694-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1684

GET
H2 200 main-a602880421b6e9fcd0af.js Show response
rewards.airmiles.ca/merchandise/_next/static/runtime/ 13 KB
14 KB 182ms
179ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/runtime/main-a602880421b6e9fcd0af.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

b05f8d3cf1470e9d38d172db68f04ec523e275b059e6069fd7383afa290b5272

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"3535-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 13621

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
578 B 45ms
15ms Script
text/javascript 2a04:4e42:600::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default%2CArray.prototype.findIndex%2CString.prototype.repeat%2CNumber.isSafeInteger%2CObject.assign%2CNumber.isInteger%2CArray.prototype.includes%2CArray.prototype.find%2CArray.prototype.entries%2CObject.entries%2CDOMTokenList%2CDOMTokenList.prototype.%40%40iterator%2CString.prototype.codePointAt%2CString.prototype.normalize%2CString.prototype.includes%2CString.prototype.startsWith%2CArray.prototype.fill%2CArray.prototype.values%2CObject.values%2CPromise%2CPromise.prototype.finally

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 199977
detected-user-agent: Chrome Mobile WebView/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Mar 2021 19:35:42 GMT
date: Sat, 06 Mar 2021 18:49:31 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 commons.6e6fb39a.chunk.css
rewards.airmiles.ca/merchandise/_next/static/css/ 36 KB
36 KB 182ms
179ms Stylesheet
text/css 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/css/commons.6e6fb39a.chunk.css

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

766ce0a6c2be9ac529abaf29954fcb2de8a11cc2fb3a14784ae6133cc563fa79

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"8eb9-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 36537

GET
H2 200 styles.30ce2f92.chunk.css
rewards.airmiles.ca/merchandise/_next/static/css/ 315 KB
315 KB 182ms
179ms Stylesheet
text/css 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/css/styles.30ce2f92.chunk.css

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

78aaadb644506ba96d3cef3a9079076d872781931b96356371edf88db63cacf7

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"4eab2-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 322226

GET
H2 200 entry.js Show response
se.monetate.net/js/2/a-2d036ac5/p/rewards.airmiles.ca/ 6 KB
3 KB 73ms
26ms Script
application/x-javascript 23.36.232.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/2/a-2d036ac5/p/rewards.airmiles.ca/entry.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.36.232.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-5.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7081cf0d12066322813aba5e7e573eec6353e04c7f9410275793481a133013aa

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 01:13:22 GMT
server: AkamaiNetStorage
etag: "2ec2bb0d6c90a897c0473bcaee613e72:1597367602.28611"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2876

GET
H2 200 addresscomplete-2.30.min.css
ws1.postescanada-canadapost.ca/css/ 8 KB
2 KB 95ms
40ms Stylesheet
text/css 35.241.48.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ws1.postescanada-canadapost.ca/css/addresscomplete-2.30.min.css?key=FJ92-TD69-YZ17-WH79

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

88.48.241.35.bc.googleusercontent.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

43cc1506ea5d112367d9c45782064922775469c499dff5a4f33250994a960215

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public
x-robots-tag: noindex
alt-svc: clear
content-length: 2050
x-xss-protection: 1

GET
H2 200 addresscomplete-2.30.min.js Show response
ws1.postescanada-canadapost.ca/js/ 86 KB
24 KB 108ms
54ms Script
text/javascript 35.241.48.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ws1.postescanada-canadapost.ca/js/addresscomplete-2.30.min.js?key=FJ92-TD69-YZ17-WH79
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 88.48.241.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fcbf6b17c23c691f0d2a17a1787faa2713f78c2743a18f4661955782c5d1394a

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:31 GMT
via: 1.1 google
server: nginx/1.14.0 (Ubuntu)
x-robots-tag: noindex
content-type: text/javascript;charset=UTF-8
cache-control: public
content-encoding: gzip
alt-svc: clear
content-length: 24275

GET
H2 200 at.2.1.1.js Show response
www.airmiles.ca/arrow/webresource/sections/shared/js/ 89 KB
26 KB 187ms
72ms Script
application/javascript 104.109.68.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/at.2.1.1.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-68-58.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 8e79647e23908c07dea11642aba40ef86b825216ee9e57d1198921546ef4175a

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
content-encoding: br
last-modified: Thu, 04 Mar 2021 14:52:22 GMT
server: Akamai Resource Optimizer
etag: "5d91866d-16560"
vary: Accept-Encoding
p3p: policyref="https://www.airmiles.ca/arrow/webresource/p3p.xml", CP="NON IVAa IVDa OUR NOR UNI"
cache-control: no-store
server-timing: cdn-cache; desc=HIT, edge; dur=18
accept-ranges: bytes
content-type: application/javascript
content-length: 26726
expires: Sat, 06 Mar 2021 18:49:32 GMT

GET
H2 200 visitorapi.min.js Show response
www.airmiles.ca/arrow/webresource/sections/shared/js/ 59 KB
17 KB 202ms
88ms Script
application/javascript 104.109.68.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/visitorapi.min.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-68-58.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 57ecc41460fa1fd86d50e4179caf345f970bc203757b13758b338b3bd6d1b3d4

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
content-encoding: br
last-modified: Thu, 25 Feb 2021 19:25:08 GMT
server: Akamai Resource Optimizer
etag: "5d91866d-eacb"
vary: Accept-Encoding
p3p: policyref="https://www.airmiles.ca/arrow/webresource/p3p.xml", CP="NON IVAa IVDa OUR NOR UNI"
cache-control: no-store
server-timing: cdn-cache; desc=HIT, edge; dur=16
accept-ranges: bytes
content-type: application/javascript
content-length: 17392
expires: Sat, 06 Mar 2021 18:49:32 GMT

GET
H2 200 dil.js Show response
www.airmiles.ca/arrow/webresource/sections/shared/js/ 33 KB
10 KB 207ms
93ms Script
application/javascript 104.109.68.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/dil.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-68-58.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 4fe10d7f380355058083ee984e9b96a3090d5350c825d2079363b66ae9dd2135

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
content-encoding: br
last-modified: Mon, 01 Mar 2021 10:13:04 GMT
server: Akamai Resource Optimizer
etag: "5d91866d-8508"
vary: Accept-Encoding
p3p: policyref="https://www.airmiles.ca/arrow/webresource/p3p.xml", CP="NON IVAa IVDa OUR NOR UNI"
cache-control: no-store
server-timing: cdn-cache; desc=HIT, edge; dur=15
accept-ranges: bytes
content-type: application/javascript
content-length: 10165
expires: Sat, 06 Mar 2021 18:49:32 GMT

GET
H2 200 AIRMILES_NOTAG.png
images.ctfassets.net/uic7tqk8tj9p/6nmg3Qp0okBIz2kPJLdnMQ/0ce0ae6e66989ad415d0f212dd6c5b35/ 70 KB
70 KB 144ms
93ms Image
image/png 2600:9000:20d7:dc00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/uic7tqk8tj9p/6nmg3Qp0okBIz2kPJLdnMQ/0ce0ae6e66989ad415d0f212dd6c5b35/AIRMILES_NOTAG.png
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:dc00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 415be8a5ca0f29d2b5f8206299d587d8fd4643ebe2cce053cbd15cf6f8003ca0

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 07:51:05 GMT
via: 1.1 c49bda74c25f4f26cc20173eec28da1f.cloudfront.net (CloudFront)
last-modified: Tue, 05 Jan 2021 14:10:34 GMT
server: Contentful Images API
age: 39508
etag: "4858c8b3f50a7bff16b6e93f9fef6481"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: ZAG50-C1
content-length: 71308
x-amz-cf-id: eQQA-xsFX_WfPLT-TuZa2CbIAxB2F-_kfx3UPRWMsFePAyh5nE51qw==

GET
H2 200 custom.js Show response
se.monetate.net/js/3/a-2d036ac5/p/rewards.airmiles.ca/t1484745711/778db9ba8b9e4c3e/ 311 B
513 B 106ms
106ms Script
application/x-javascript 23.36.232.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/3/a-2d036ac5/p/rewards.airmiles.ca/t1484745711/778db9ba8b9e4c3e/custom.js
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-2d036ac5/p/rewards.airmiles.ca/entry.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.36.232.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-5.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7f9c9ebb4bd869c68a74a7f7ca5e3b3861f193437e78c1047b8a1b799cb4f1d9

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
last-modified: Fri, 14 Aug 2020 01:13:21 GMT
server: AkamaiNetStorage
etag: "0e1ab0e62f834dca39115d0cd9bea5a6:1597367601.729868"
content-type: application/x-javascript
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
content-length: 311

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
62 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKHKRR7

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f036dea9e7404b39f35399834ebe46c6fb85a945ffa727d980efaaf27f1e180d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63534
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Mar 2021 18:49:32 GMT

POST
H2 200 delivery Show response
loyaltyone.tt.omtrdc.net/rest/v1/ 190 B
448 B 324ms
32ms XHR
application/json 52.212.193.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://loyaltyone.tt.omtrdc.net/rest/v1/delivery?client=loyaltyone&sessionId=22ab94ba2cd94ada8c9bf9a0d3098f70&version=2.1.1
Requested by: Host: www.airmiles.ca
URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/at.2.1.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a8ebdc51ffc15ddcc334ab356f6127ca5389eb357f68513c325d75b10cce7160

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rewards.airmiles.ca
date: Sat, 06 Mar 2021 18:49:32 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 39dd45a13dcb2b9429e4c0ebb4655c54
content-type: application/json;charset=UTF-8

GET
H2

200

logout Show response
rewards.airmiles.ca/merchandise/ Frame 15F8
Redirect Chain

https://auth.airmiles.ca/authorize?audience=https://members.loyalty.com&response_type=code&client_id=h0IsBFvicCzP0tztZjfDlUeQv3uKhQ8t&redirect_uri=https://rewards.airmiles.ca/merchandise/api/v1/aut...
https://rewards.airmiles.ca/merchandise/api/v1/auth/login?redirect=https%3A%2F%2Frewards.airmiles.ca%2Fmerchandise%2Flogin&error=login_required&error_description=Login%20required
https://rewards.airmiles.ca/merchandise/logout

51 KB
51 KB

109ms
108ms

Document
text/html

52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/logout

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Next.js 7.0.3

Resource Hash

a0c128881f8c852cd3ac7e76340c19626645d9615cfbd8a1ee269ff0f5d408bc

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

:method: GET
:authority: rewards.airmiles.ca
:scheme: https
:path: /merchandise/logout
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://rewards.airmiles.ca/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: merch__locale=en-CA; mt.v=2.1621222558.1615056572356; check=true; _gcl_au=1.1.1946807400.1615056573; _ga=GA1.2.1866116199.1615056573; _gid=GA1.2.1216334491.1615056573; _gat_UA-76333024-1=1; mbox=session#22ab94ba2cd94ada8c9bf9a0d3098f70#1615058433|PC#22ab94ba2cd94ada8c9bf9a0d3098f70.37_0#1678301373; mboxEdgeCluster=37; AMCVS_6A3DF65A5832D31C0A495C35%40AdobeOrg=1; AMCV_6A3DF65A5832D31C0A495C35%40AdobeOrg=1585540135%7CMCIDTS%7C18693%7CMCMID%7C03344249655364573174121479146921060213%7CMCAAMLH-1615661372%7C6%7CMCAAMB-1615661372%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1615063772s%7CNONE%7CMCSYNCSOP%7C411-18700%7CvVersion%7C4.4.0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rewards.airmiles.ca/

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
content-type: text/html; charset=utf-8
content-length: 51961
server: nginx/1.17.0
x-powered-by: Next.js 7.0.3
x-frame-options: ALLOW-FROM https://www.facebook.com
set-cookie: merch__locale=en-CA; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT merch__locale=en-CA; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
cache-control: private, no-cache, no-store, must-revalidate
expires: -1
pragma: no-cache
etag: "caf9-PDwLtiZkPLvto3B83x4OGGFmrrs"

Redirect headers

date: Sat, 06 Mar 2021 18:49:33 GMT
location: https://rewards.airmiles.ca/merchandise/logout
server: nginx/1.17.0
x-powered-by: Express
x-frame-options: ALLOW-FROM https://www.facebook.com
set-cookie: merch__locale=en-CA; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT merch__locale=en-CA; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT

GET
H2 200 omnes-regular-webfont.woff2
pattern-library.airmiles.ca/1.3.2/fonts/ 23 KB
24 KB 148ms
56ms Font
application/font-woff 13.225.80.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pattern-library.airmiles.ca/1.3.2/fonts/omnes-regular-webfont.woff2
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/css/styles.30ce2f92.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40eadf50f521cb3254dcf05696d010968ed2a80f077051ff0b4d8817c0bd4391

Request headers

Origin: https://rewards.airmiles.ca
Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:52:16 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified: Tue, 24 Nov 2020 19:32:22 GMT
server: AmazonS3
age: 25037
etag: "bf6eaba9e84dcb678c774a4388485abf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-length: 23728
x-amz-cf-id: 3DrXyWuFntZu1DY0yI80HrFOiwUj3KptgAz2Y8rB-TcU1Uwprcwk0A==

GET
H2 200 omnesmedium-webfont.woff2
pattern-library.airmiles.ca/1.3.2/fonts/ 25 KB
26 KB 148ms
60ms Font
application/font-woff 13.225.80.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pattern-library.airmiles.ca/1.3.2/fonts/omnesmedium-webfont.woff2
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/css/styles.30ce2f92.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a02be84cbfda9d8ada3bf29c66df5d614de9929029c6986d8974b6e7fcb99bb7

Request headers

Origin: https://rewards.airmiles.ca
Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified: Tue, 24 Nov 2020 19:32:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "84de26604298e6fa833e7640e933ae2b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 25744
x-amz-cf-id: 7EXGyWzpm7INRHNi_4wX6ohuKyEtUareKlXkmhqQPYDKe9wd4Nzt8w==

GET
H2 200 AM-icon.woff2
pattern-library.airmiles.ca/latest/fonts/ 25 KB
25 KB 120ms
33ms Font
font/woff2 13.225.80.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pattern-library.airmiles.ca/latest/fonts/AM-icon.woff2
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/css/styles.30ce2f92.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13d4b7b70d6cd734696559ba37e636296ce0f5a197c1718102cd12894f46caaa

Request headers

Origin: https://rewards.airmiles.ca
Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:52:16 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified: Wed, 25 Nov 2020 16:32:23 GMT
server: AmazonS3
age: 25037
etag: "d143d19068721143e5fb8c8624fcefb1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-length: 25368
x-amz-cf-id: qp-BeRZWdsPqzksrtUNr7T9KwcdOx3Jv4tftklxvHe1flfziD65Opg==

GET
H2 200 omneslight-webfont.woff2
pattern-library.airmiles.ca/1.3.2/fonts/ 24 KB
25 KB 131ms
44ms Font
application/font-woff 13.225.80.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pattern-library.airmiles.ca/1.3.2/fonts/omneslight-webfont.woff2
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/css/styles.30ce2f92.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b67b736c30ef99568857e5441e99fa5e24e2539e1db027a4baba14c6d534aba3

Request headers

Origin: https://rewards.airmiles.ca
Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 11:52:16 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified: Tue, 24 Nov 2020 19:32:22 GMT
server: AmazonS3
age: 25037
etag: "5fbca3f81cfbe197d36cb3088b704a35"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-length: 24976
x-amz-cf-id: Bl6togDRnei322FUTiLd2DIZs6sqbkGZDqu3Z-QD-Iz7bAMVmZ6MhA==

GET
H2 200 omnes-italic-webfont.woff2
pattern-library.airmiles.ca/1.3.2/fonts/ 26 KB
26 KB 139ms
51ms Font
application/font-woff 13.225.80.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pattern-library.airmiles.ca/1.3.2/fonts/omnes-italic-webfont.woff2
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/css/styles.30ce2f92.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-67.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e575cb79bf5453fd91a1867f0bc02fdc9ae835bf76ec5b156e693dfbc23e00e7

Request headers

Origin: https://rewards.airmiles.ca
Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 21:20:29 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified: Tue, 24 Nov 2020 19:32:22 GMT
server: AmazonS3
age: 77344
etag: "fe37e5cab4a00918cfee3065ff6e3c48"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
content-length: 26124
x-amz-cf-id: f0E_cB-Jwxpv3WtdjmklqYKjFsLamH7Ftk6UMkRHgIPxBMR4scBPpA==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 597 B
1 KB 127ms
33ms XHR
application/json 54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=6A3DF65A5832D31C0A495C35%40AdobeOrg&d_nsid=0&ts=1615056572581

Requested by

Host: www.airmiles.ca
URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/visitorapi.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f4a9d368d208ba63bb417f5a2df2237222b8b91eca3df1d0415f5da4d0ac5720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-0afdf8a6f.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: rOZSFdDSTcw=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://rewards.airmiles.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 436
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 404 orders Show response
rewards.airmiles.ca/merchandise/api/v1/contentful/page-alert/ 20 B
387 B 108ms
108ms XHR
text/html 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/api/v1/contentful/page-alert/orders?locale=en-CA

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

858a0c2eb105b2a418c6d025be45e2635874c719ca0996e44a584755839a3d99

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"14-hOTn3+m5nvv4Pjo1u3Q8hkG2EIY"
content-length: 20
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: text/html; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKHKRR7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2816
date: Sat, 06 Mar 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 06 Mar 2021 20:02:36 GMT

GET
H2 200 b5d0150a85d22.js Show response
t.contentsquare.net/uxa/ 248 KB
53 KB 173ms
84ms Script
application/javascript 65.9.187.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.contentsquare.net/uxa/b5d0150a85d22.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.187.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afc318742ff1be0d5fa2143545176520e5b74d4e43d8bcd678266f044a936372

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 05 Mar 2021 13:28:24 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 13:22:19 GMT
server: AmazonS3
age: 105669
etag: "7f7e6f084df4bac6ea73d0b734b625de"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
via: 1.1 43bd2d4908cb8542cdbe4153b40c694b.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 53880
x-amz-cf-id: cKLBCIXBGya9PtNWEPRSDyC9y4MNajyVDrsLJqCwj2QhUPCLS0R5Aw==

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 17:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3312
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sat, 06 Mar 2021 18:54:20 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
68 B 13ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=890421028&t=pageview&_s=1&dl=https%3A%2F%2Frewards.airmiles.ca%2Fmerchandise%2Forders%3Fext_cmp%3D_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-&ul=en-us&de=UTF-8&dt=AIR%20MILES%20Merchandise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=_ShippingConfirmation&cs=_Email-Admin&cm=Email-Admin&cc=&_u=aGBAAEAjAAAAAC~&jid=586771362&gjid=823317582&cid=1866116199.1615056573&uid=&tid=UA-76333024-1&_gid=1216334491.1615056573&_r=1&gtm=2wg2o0NKHKRR7&cd1=&cd2=ANON&cd3=level-1&cd4=en-ca&cd5=prod&cd7=TBD&cd8=https%3A%2F%2Frewards.airmiles.ca%2Fmerchandise%2Forders%3Fext_cmp%3D_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-&cd9=1615056572651&cd11=1615056572651.e1r1qt4l&cd17=&cd21=&cd22=ANON&cd49=&cd68=na&cd69=na&z=2128309593

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 18:49:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rewards.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-76333024-1&cid=1866116199.1615056573&jid=586771362&gjid=823317582&_gid=1216334491.1615056573&_u=aGBAAEAiAAAAAC~&z=1633947876

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Mar 2021 18:49:32 GMT
content-type: text/plain
access-control-allow-origin: https://rewards.airmiles.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loading.gif
rewards.airmiles.ca/merchandise/static/images/ 78 KB
79 KB 107ms
106ms Image
image/gif 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewards.airmiles.ca/merchandise/static/images/loading.gif

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

1498d81bdcc795143e564b21ae031153a918a8615168cb80a5d325df052fcea9

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
last-modified: Thu, 04 Mar 2021 16:36:31 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"139ca-177fe190e98"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: image/gif
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 80330

GET
H2 401 all Show response
rewards.airmiles.ca/merchandise/api/v1/order/ 40 B
349 B 105ms
105ms XHR
application/json 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/api/v1/order/all

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

ded03d6c75472fbf6ec984f66fcbe36df84903abf5a02ae40ca8b804a4de4984

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:32 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"28-+0rpntoBR74vVLNVM/qQSuI6XKQ"
content-length: 40
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/json; charset=utf-8

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-76333024-1&cid=1866116199.1615056573&jid=586771362&_u=aGBAAEAiAAAAAC~&z=20578723

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 18:49:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-76333024-1&cid=1866116199.1615056573&jid=586771362&_u=aGBAAEAiAAAAAC~&z=20578723

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 18:49:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
loyaltyone.demdex.net/ Frame D257 7 KB
3 KB 132ms
33ms Document
text/html 52.210.171.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://loyaltyone.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.airmiles.ca
URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/visitorapi.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.171.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-171-182.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: loyaltyone.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://rewards.airmiles.ca/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=02945497602093422064143313560628235246
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://rewards.airmiles.ca/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:32 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=02945497602093422064143313560628235246;Path=/;Domain=.demdex.net;Expires=Thu, 02-Sep-2021 18:49:32 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 7xdSpx4wT3s=
Content-Length: 2785
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YEPOvAAAALOSGQHZ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=02945497602093422064143313560628235246
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEPOvAAAALOSGQHZ

42 B
915 B

40ms
40ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEPOvAAAALOSGQHZ

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0fb9775a1.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: SmorQSnURa0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YEPOvAAAALOSGQHZ
Date: Sat, 06 Mar 2021 18:49:32 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
mboxedge37.tt.omtrdc.net/rest/v1/ 300 B
521 B 38ms
32ms XHR
application/json 52.212.193.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=loyaltyone&sessionId=22ab94ba2cd94ada8c9bf9a0d3098f70&version=2.1.1
Requested by: Host: www.airmiles.ca
URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/at.2.1.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5d2fef34837620ba282ac8c93bce7dc4a81d4cdc2187819205ff5f1fdb05b747

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rewards.airmiles.ca
date: Sat, 06 Mar 2021 18:49:32 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: cb6cfa7f1d2da364314da0b0407fbe2e
content-type: application/json;charset=UTF-8

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEJwL0u7EB8Tb2ARdRDXVU4E&google_cver=1
dpm.demdex.net/ Frame D257
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDI5NDU0OTc2MDIwOTM0MjIwNjQxNDMzMTM1NjA2MjgyMzUyNDY=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDI5NDU0OTc2MDIwOTM0MjIwNjQxNDMzMTM1NjA2MjgyMzUyNDY=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJwL0u7EB8Tb2ARdRDXVU4E&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

33ms
32ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJwL0u7EB8Tb2ARdRDXVU4E&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://loyaltyone.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-01f1e8da5.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: W9eIZA4qRjA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 18:49:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJwL0u7EB8Tb2ARdRDXVU4E&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logout.js Show response
rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/ Frame 15F8 2 KB
2 KB 112ms
110ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/logout.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

04bfdce9142353c29d219734b363d84de8ec461daffb8ea648d70763e4c780b4

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"693-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1683

GET
H2 200 _app.js Show response
rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/ Frame 15F8 54 KB
54 KB 107ms
105ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/_app.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

0360f4f155c8d6e164283db49463fa8af3b3877521a523dcf529bb50d7cb2eb7

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"d817-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 55319

GET
H2 200 _error.js Show response
rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/ Frame 15F8 6 KB
7 KB 110ms
108ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/GWohvHv8xA16pyzp6Dfi7/pages/_error.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

1e2fdb692b78a9bcc051c7d9da8cfcb365963e0cb420ccd41fd2674840c2a197

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"197b-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 6523

GET
H2 200 webpack-a264d79a0e16402b3b97.js Show response
rewards.airmiles.ca/merchandise/_next/static/runtime/ Frame 15F8 2 KB
3 KB 208ms
206ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/runtime/webpack-a264d79a0e16402b3b97.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

7f214ae69c334f27b7d02162b5935bc2c70af6f8e8ae1f3807c746b6ac1511cf

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"967-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 2407

GET
H2 200 commons.1e4e5717787d561b62f6.js Show response
rewards.airmiles.ca/merchandise/_next/static/chunks/ Frame 15F8 2 MB
2 MB 112ms
110ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

8cbc070d8f21761b427d292ac2c9d69da8bb7dc5d158ceab8cbbebb32dc9f304

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"1cc1ed-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1884653

GET
H2 200 main-a602880421b6e9fcd0af.js Show response
rewards.airmiles.ca/merchandise/_next/static/runtime/ Frame 15F8 13 KB
14 KB 108ms
106ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/runtime/main-a602880421b6e9fcd0af.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

b05f8d3cf1470e9d38d172db68f04ec523e275b059e6069fd7383afa290b5272

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"3535-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 13621

GET
H2 200 styles.6e0c1fc0899fc2cc4289.js Show response
rewards.airmiles.ca/merchandise/_next/static/chunks/ Frame 15F8 2 KB
2 KB 107ms
105ms Script
application/javascript 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/chunks/styles.6e0c1fc0899fc2cc4289.js

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

3f871b38b5fa6abd701831d21e4919d4017f9951f3157e799e45fb851d008f74

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"694-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 1684

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ Frame 15F8 72 B
174 B 15ms
13ms Script
text/javascript 2a04:4e42:600::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 199978
detected-user-agent: Chrome Mobile WebView/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 Mar 2021 19:35:42 GMT
date: Sat, 06 Mar 2021 18:49:33 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 commons.6e6fb39a.chunk.css
rewards.airmiles.ca/merchandise/_next/static/css/ Frame 15F8 36 KB
36 KB 108ms
106ms Stylesheet
text/css 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/css/commons.6e6fb39a.chunk.css

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

766ce0a6c2be9ac529abaf29954fcb2de8a11cc2fb3a14784ae6133cc563fa79

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:49 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"8eb9-177fe1c1408"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 36537

GET
H2 200 styles.30ce2f92.chunk.css
rewards.airmiles.ca/merchandise/_next/static/css/ Frame 15F8 315 KB
315 KB 110ms
108ms Stylesheet
text/css 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/_next/static/css/styles.30ce2f92.chunk.css

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

78aaadb644506ba96d3cef3a9079076d872781931b96356371edf88db63cacf7

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Referer: https://rewards.airmiles.ca/merchandise/logout
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Thu, 04 Mar 2021 16:39:50 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"4eab2-177fe1c17f0"
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 322226

GET
H2 200 entry.js Show response
se.monetate.net/js/2/a-2d036ac5/p/rewards.airmiles.ca/ Frame 15F8 6 KB
3 KB 31ms
29ms Script
application/x-javascript 23.36.232.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/2/a-2d036ac5/p/rewards.airmiles.ca/entry.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.36.232.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-5.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7081cf0d12066322813aba5e7e573eec6353e04c7f9410275793481a133013aa

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
content-encoding: gzip
last-modified: Fri, 14 Aug 2020 01:13:22 GMT
server: AkamaiNetStorage
etag: "2ec2bb0d6c90a897c0473bcaee613e72:1597367602.28611"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 2876

GET
H2 200 addresscomplete-2.30.min.css
ws1.postescanada-canadapost.ca/css/ Frame 15F8 8 KB
2 KB 42ms
40ms Stylesheet
text/css 35.241.48.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ws1.postescanada-canadapost.ca/css/addresscomplete-2.30.min.css?key=FJ92-TD69-YZ17-WH79

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

88.48.241.35.bc.googleusercontent.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

648459cdb825d21a9eab950c1bc2ba397eb0a1398a49fcc602aebfccefc61250

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public
x-robots-tag: noindex
alt-svc: clear
content-length: 2050
x-xss-protection: 1

GET
H2 200 addresscomplete-2.30.min.js Show response
ws1.postescanada-canadapost.ca/js/ Frame 15F8 86 KB
24 KB 45ms
44ms Script
text/javascript 35.241.48.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ws1.postescanada-canadapost.ca/js/addresscomplete-2.30.min.js?key=FJ92-TD69-YZ17-WH79
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.48.88 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 88.48.241.35.bc.googleusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0d7d6e68397046426517c7ba226da77368dcf126a440fad60286c32f072cc179

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
via: 1.1 google
server: nginx/1.14.0 (Ubuntu)
x-robots-tag: noindex
content-type: text/javascript;charset=UTF-8
cache-control: public
content-encoding: gzip
alt-svc: clear
content-length: 24275

GET
H2 200 at.2.1.1.js Show response
www.airmiles.ca/arrow/webresource/sections/shared/js/ Frame 15F8 89 KB
26 KB 26ms
24ms Script
application/javascript 104.109.68.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/at.2.1.1.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-68-58.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 8e79647e23908c07dea11642aba40ef86b825216ee9e57d1198921546ef4175a

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
content-encoding: br
last-modified: Thu, 04 Mar 2021 14:52:22 GMT
server: Akamai Resource Optimizer
etag: "5d91866d-16560"
vary: Accept-Encoding
p3p: policyref="https://www.airmiles.ca/arrow/webresource/p3p.xml", CP="NON IVAa IVDa OUR NOR UNI"
cache-control: no-store
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-type: application/javascript
content-length: 26726
expires: Sat, 06 Mar 2021 18:49:33 GMT

GET
H2 200 visitorapi.min.js Show response
www.airmiles.ca/arrow/webresource/sections/shared/js/ Frame 15F8 59 KB
17 KB 31ms
30ms Script
application/javascript 104.109.68.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/visitorapi.min.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-68-58.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 57ecc41460fa1fd86d50e4179caf345f970bc203757b13758b338b3bd6d1b3d4

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
content-encoding: br
last-modified: Thu, 25 Feb 2021 19:25:08 GMT
server: Akamai Resource Optimizer
etag: "5d91866d-eacb"
vary: Accept-Encoding
p3p: policyref="https://www.airmiles.ca/arrow/webresource/p3p.xml", CP="NON IVAa IVDa OUR NOR UNI"
cache-control: no-store
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-type: application/javascript
content-length: 17392
expires: Sat, 06 Mar 2021 18:49:33 GMT

GET
H2 200 dil.js Show response
www.airmiles.ca/arrow/webresource/sections/shared/js/ Frame 15F8 33 KB
10 KB 34ms
33ms Script
application/javascript 104.109.68.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/dil.js
Requested by: Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.68.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-68-58.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 4fe10d7f380355058083ee984e9b96a3090d5350c825d2079363b66ae9dd2135

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
content-encoding: br
last-modified: Mon, 01 Mar 2021 10:13:04 GMT
server: Akamai Resource Optimizer
etag: "5d91866d-8508"
vary: Accept-Encoding
p3p: policyref="https://www.airmiles.ca/arrow/webresource/p3p.xml", CP="NON IVAa IVDa OUR NOR UNI"
cache-control: no-store
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-type: application/javascript
content-length: 10165
expires: Sat, 06 Mar 2021 18:49:33 GMT

GET
H2 200 custom.js Show response
se.monetate.net/js/3/a-2d036ac5/p/rewards.airmiles.ca/t1484745711/778db9ba8b9e4c3e/ Frame 15F8 311 B
513 B 27ms
27ms Script
application/x-javascript 23.36.232.5
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://se.monetate.net/js/3/a-2d036ac5/p/rewards.airmiles.ca/t1484745711/778db9ba8b9e4c3e/custom.js
Requested by: Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-2d036ac5/p/rewards.airmiles.ca/entry.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.36.232.5 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-232-5.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7f9c9ebb4bd869c68a74a7f7ca5e3b3861f193437e78c1047b8a1b799cb4f1d9

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
last-modified: Fri, 14 Aug 2020 01:13:21 GMT
server: AkamaiNetStorage
etag: "0e1ab0e62f834dca39115d0cd9bea5a6:1597367601.729868"
content-type: application/x-javascript
cache-control: max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
content-length: 311

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame 15F8 211 KB
62 KB 46ms
32ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKHKRR7

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/logout

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f036dea9e7404b39f35399834ebe46c6fb85a945ffa727d980efaaf27f1e180d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63534
x-xss-protection: 0
last-modified: Sat, 06 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Mar 2021 18:49:33 GMT

POST
H2 200 delivery Show response
mboxedge37.tt.omtrdc.net/rest/v1/ Frame 15F8 190 B
446 B 32ms
32ms XHR
application/json 52.212.193.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mboxedge37.tt.omtrdc.net/rest/v1/delivery?client=loyaltyone&sessionId=22ab94ba2cd94ada8c9bf9a0d3098f70&version=2.1.1
Requested by: Host: www.airmiles.ca
URL: https://www.airmiles.ca/arrow/webresource/sections/shared/js/at.2.1.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.193.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8ed2cae3344982cb6b5b5e9f7430afbd511ed0e8506be2aec2eaba626741e032

Request headers

Referer: https://rewards.airmiles.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rewards.airmiles.ca
date: Sat, 06 Mar 2021 18:49:33 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: d0595e481a89e8c917183234cbaaf8d0
content-type: application/json;charset=UTF-8

POST
H2 401 logout Show response
rewards.airmiles.ca/merchandise/api/v1/auth/ 40 B
349 B 105ms
105ms XHR
application/json 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/api/v1/auth/logout

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

ded03d6c75472fbf6ec984f66fcbe36df84903abf5a02ae40ca8b804a4de4984

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Mar 2021 18:49:34 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"28-+0rpntoBR74vVLNVM/qQSuI6XKQ"
content-length: 40
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/json; charset=utf-8

GET
H2 401 me Show response
rewards.airmiles.ca/merchandise/api/v1/user/ 40 B
349 B 117ms
117ms XHR
application/json 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/api/v1/user/me

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

ded03d6c75472fbf6ec984f66fcbe36df84903abf5a02ae40ca8b804a4de4984

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:35 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"28-+0rpntoBR74vVLNVM/qQSuI6XKQ"
content-length: 40
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/json; charset=utf-8

GET
H2 401 detailedMe Show response
rewards.airmiles.ca/merchandise/api/v1/user/ 40 B
349 B 109ms
109ms XHR
application/json 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/api/v1/user/detailedMe

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

ded03d6c75472fbf6ec984f66fcbe36df84903abf5a02ae40ca8b804a4de4984

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:35 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"28-+0rpntoBR74vVLNVM/qQSuI6XKQ"
content-length: 40
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/json; charset=utf-8

GET
H2 401 me Show response
rewards.airmiles.ca/merchandise/api/v1/user/ 40 B
349 B 110ms
110ms XHR
application/json 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/api/v1/user/me

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

ded03d6c75472fbf6ec984f66fcbe36df84903abf5a02ae40ca8b804a4de4984

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:35 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"28-+0rpntoBR74vVLNVM/qQSuI6XKQ"
content-length: 40
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/json; charset=utf-8

GET
H2 401 detailedMe Show response
rewards.airmiles.ca/merchandise/api/v1/user/ 40 B
349 B 110ms
110ms XHR
application/json 52.5.125.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rewards.airmiles.ca/merchandise/api/v1/user/detailedMe

Requested by

Host: rewards.airmiles.ca
URL: https://rewards.airmiles.ca/merchandise/_next/static/chunks/commons.1e4e5717787d561b62f6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.5.125.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-125-197.compute-1.amazonaws.com

Software

nginx/1.17.0 / Express

Resource Hash

ded03d6c75472fbf6ec984f66fcbe36df84903abf5a02ae40ca8b804a4de4984

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewards.airmiles.ca/merchandise/orders?ext_cmp=_ShippingConfirmation-_-Email-Admin-_-_Email-Admin-_-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 18:49:35 GMT
server: nginx/1.17.0
x-powered-by: Express
etag: W/"28-+0rpntoBR74vVLNVM/qQSuI6XKQ"
content-length: 40
x-frame-options: ALLOW-FROM https://www.facebook.com
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 20:56:48	Name: demdex Value: 02945497602093422064143313560628235246
.airmiles.ca/	1970-01-20 10:11:41	Name: mbox Value: session#22ab94ba2cd94ada8c9bf9a0d3098f70#1615058433\|PC#22ab94ba2cd94ada8c9bf9a0d3098f70.37_0#1678301374
.airmiles.ca/	1970-01-19 18:47:12	Name: _gcl_au Value: 1.1.1946807400.1615056573
.airmiles.ca/	1969-12-31 23:59:59	Name: AMCVS_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: 1
.airmiles.ca/	1970-01-19 16:37:38	Name: mboxEdgeCluster Value: 37
.airmiles.ca/	1970-01-19 16:37:36	Name: _gat_UA-76333024-1 Value: 1
.airmiles.ca/	1970-01-20 10:08:48	Name: _ga Value: GA1.2.1866116199.1615056573
.airmiles.ca/	1969-12-31 23:59:59	Name: check Value: true
.demdex.net/	1970-01-19 20:56:48	Name: dextp Value: 771-1-1615056572862
.airmiles.ca/	1970-01-20 10:08:48	Name: AMCV_6A3DF65A5832D31C0A495C35%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18693%7CMCMID%7C03344249655364573174121479146921060213%7CMCAAMLH-1615661372%7C6%7CMCAAMB-1615661372%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1615063772s%7CNONE%7CMCSYNCSOP%7C411-18700%7CvVersion%7C4.4.0
.rewards.airmiles.ca/	1970-01-21 12:25:36	Name: mt.v Value: 2.1621222558.1615056572356
.airmiles.ca/	1970-01-19 16:39:02	Name: _gid Value: GA1.2.1216334491.1615056573
rewards.airmiles.ca/	1970-01-25 20:31:23	Name: merch__locale Value: en-CA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW-FROM https://www.facebook.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.airmiles.ca
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
email.airmiles.ca
images.ctfassets.net
loyaltyone.demdex.net
loyaltyone.tt.omtrdc.net
mboxedge37.tt.omtrdc.net
pattern-library.airmiles.ca
polyfill.io
rewards.airmiles.ca
se.monetate.net
stats.g.doubleclick.net
t.contentsquare.net
ws1.postescanada-canadapost.ca
www.airmiles.ca
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.109.68.58
13.224.197.24
13.225.80.67
142.250.185.66
159.127.187.134
23.36.232.5
2600:9000:20d7:dc00:12:94b3:c380:93a1
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9a
2a04:4e42:600::621
35.241.48.88
52.210.171.182
52.212.193.208
52.5.125.197
54.194.191.134
54.195.23.91
65.9.187.87
0360f4f155c8d6e164283db49463fa8af3b3877521a523dcf529bb50d7cb2eb7
04bfdce9142353c29d219734b363d84de8ec461daffb8ea648d70763e4c780b4
0d7d6e68397046426517c7ba226da77368dcf126a440fad60286c32f072cc179
0ec91c1fa12bbee461e4ee9991a8dcde63663d6d86919ea4b44aed28b8f9a784
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
13d4b7b70d6cd734696559ba37e636296ce0f5a197c1718102cd12894f46caaa
1498d81bdcc795143e564b21ae031153a918a8615168cb80a5d325df052fcea9
1e2fdb692b78a9bcc051c7d9da8cfcb365963e0cb420ccd41fd2674840c2a197
3f871b38b5fa6abd701831d21e4919d4017f9951f3157e799e45fb851d008f74
40eadf50f521cb3254dcf05696d010968ed2a80f077051ff0b4d8817c0bd4391
415be8a5ca0f29d2b5f8206299d587d8fd4643ebe2cce053cbd15cf6f8003ca0
43cc1506ea5d112367d9c45782064922775469c499dff5a4f33250994a960215
4fe10d7f380355058083ee984e9b96a3090d5350c825d2079363b66ae9dd2135
57ecc41460fa1fd86d50e4179caf345f970bc203757b13758b338b3bd6d1b3d4
5d2fef34837620ba282ac8c93bce7dc4a81d4cdc2187819205ff5f1fdb05b747
648459cdb825d21a9eab950c1bc2ba397eb0a1398a49fcc602aebfccefc61250
7081cf0d12066322813aba5e7e573eec6353e04c7f9410275793481a133013aa
766ce0a6c2be9ac529abaf29954fcb2de8a11cc2fb3a14784ae6133cc563fa79
78aaadb644506ba96d3cef3a9079076d872781931b96356371edf88db63cacf7
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f214ae69c334f27b7d02162b5935bc2c70af6f8e8ae1f3807c746b6ac1511cf
7f9c9ebb4bd869c68a74a7f7ca5e3b3861f193437e78c1047b8a1b799cb4f1d9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858a0c2eb105b2a418c6d025be45e2635874c719ca0996e44a584755839a3d99
8cbc070d8f21761b427d292ac2c9d69da8bb7dc5d158ceab8cbbebb32dc9f304
8e79647e23908c07dea11642aba40ef86b825216ee9e57d1198921546ef4175a
8ed2cae3344982cb6b5b5e9f7430afbd511ed0e8506be2aec2eaba626741e032
8f9910965bb8a72f9caf41ca6715786cf738a15a013f11db6bd06ec654ade6a4
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a02be84cbfda9d8ada3bf29c66df5d614de9929029c6986d8974b6e7fcb99bb7
a0c128881f8c852cd3ac7e76340c19626645d9615cfbd8a1ee269ff0f5d408bc
a8ebdc51ffc15ddcc334ab356f6127ca5389eb357f68513c325d75b10cce7160
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
afc318742ff1be0d5fa2143545176520e5b74d4e43d8bcd678266f044a936372
b05f8d3cf1470e9d38d172db68f04ec523e275b059e6069fd7383afa290b5272
b67b736c30ef99568857e5441e99fa5e24e2539e1db027a4baba14c6d534aba3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded03d6c75472fbf6ec984f66fcbe36df84903abf5a02ae40ca8b804a4de4984
e575cb79bf5453fd91a1867f0bc02fdc9ae835bf76ec5b156e693dfbc23e00e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f036dea9e7404b39f35399834ebe46c6fb85a945ffa727d980efaaf27f1e180d
f4a9d368d208ba63bb417f5a2df2237222b8b91eca3df1d0415f5da4d0ac5720
fcbf6b17c23c691f0d2a17a1787faa2713f78c2743a18f4661955782c5d1394a

rewards.airmiles.ca Open in urlscan Pro 52.5.125.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

35 %IPv6

14 Domains

21 Subdomains

16 IPs

4 Countries

6430 kBTransfer

7326 kBSize

13 Cookies

6 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rewards.airmiles.ca Open in urlscan Pro
52.5.125.197 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

35 %
IPv6

14
Domains

21
Subdomains

16
IPs

4
Countries

6430 kB
Transfer

7326 kB
Size

13
Cookies

66 HTTP transactions
0 data transactions