urlscan.io logo urlscan.io
SecurityTrails logo

win.rewardsadvisor.com Open in urlscan Pro
172.67.185.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html#XWzDWrz:3FM:LOICPE:91517:DHM61:22EP:0:0:0:21:29:B:159:2K2:5LEH:A
Effective URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid...
Submission: On October 21 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 21 domains to perform 131 HTTP transactions. The main IP is 172.67.185.201, located in and belongs to . The main domain is win.rewardsadvisor.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.
This is the only time win.rewardsadvisor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    20.150.39.132 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
jbhksbzqxp.blob.core.windows.net
1    46.166.128.248 (Netherlands)

ASN43350 (NFORCE, NL)
PTR: draftspout.com
draftspout.com
4    138.128.7.214 (Canada)

ASN55286 (SERVER-MANIA, CA)
rainbowgrand.com
3    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    143.204.98.82 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
static.traversedlp.com
7    18.133.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
script.anura.io
2    104.18.31.151 (United States)

ASN13335 (CLOUDFLARENET, US)
signals.aimtell.com
20    34.202.70.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-70-163.compute-1.amazonaws.com
api.traversedlp.com
1    52.30.233.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-233-225.eu-west-1.compute.amazonaws.com
partner.mediawallahscript.com
2    104.21.57.170 (United States)

ASN13335 (CLOUDFLARENET, US)
offer-notavailable.com
2    104.21.74.134 (None, )

ASN- ()
rapid-cdn.com
1    216.189.51.90 (None, )

ASN- ()
go.nanzerkalo.com
3    172.67.185.201 (None, )

ASN- ()
go.rewardsadvisor.com
win.rewardsadvisor.com
58    143.204.101.100 (None, )

ASN- ()
d3v5pe6rebecos.cloudfront.net
3    142.250.184.234 (None, )

ASN- ()
fonts.googleapis.com
3    104.16.88.20 (None, )

ASN- ()
cdn.jsdelivr.net
5    104.18.23.52 (None, )

ASN- ()
kit.fontawesome.com
ka-p.fontawesome.com
1    151.101.129.26 (None, )

ASN- ()
cdn.polyfill.io
1    104.16.18.94 (None, )

ASN- ()
cdnjs.cloudflare.com
16    104.21.88.158 (None, )

ASN- ()
win.rewardsadvisor.com
2    172.217.23.99 (None, )

ASN- ()
fonts.gstatic.com
1    143.204.98.87 (None, )

ASN- ()
ads.anura.io
2    142.250.186.142 (None, )

ASN- ()
www.google-analytics.com
1    66.102.1.154 (None, )

ASN- ()
stats.g.doubleclick.net
Domain Requested by
58 d3v5pe6rebecos.cloudfront.net win.rewardsadvisor.com
20 api.traversedlp.com 7 redirects static.traversedlp.com
rainbowgrand.com
17 win.rewardsadvisor.com offer-notavailable.com
win.rewardsadvisor.com
d3v5pe6rebecos.cloudfront.net
7 script.anura.io jbhksbzqxp.blob.core.windows.net
script.anura.io
d3v5pe6rebecos.cloudfront.net
4 ka-p.fontawesome.com kit.fontawesome.com
win.rewardsadvisor.com
4 rainbowgrand.com jbhksbzqxp.blob.core.windows.net
rainbowgrand.com
3 cdn.jsdelivr.net win.rewardsadvisor.com
3 fonts.googleapis.com win.rewardsadvisor.com
d3v5pe6rebecos.cloudfront.net
3 www.googletagmanager.com rainbowgrand.com
d3v5pe6rebecos.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 go.rewardsadvisor.com 2 redirects
2 rapid-cdn.com 2 redirects
2 offer-notavailable.com rainbowgrand.com
offer-notavailable.com
2 signals.aimtell.com
2 static.traversedlp.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ads.anura.io script.anura.io
1 cdnjs.cloudflare.com win.rewardsadvisor.com
1 cdn.polyfill.io win.rewardsadvisor.com
1 kit.fontawesome.com win.rewardsadvisor.com
1 go.nanzerkalo.com 1 redirects
1 partner.mediawallahscript.com rainbowgrand.com
1 draftspout.com 1 redirects
1 jbhksbzqxp.blob.core.windows.net
131 25

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2021-08-13 -
2022-08-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.traversedlp.com
Go Daddy Secure Certificate Authority - G2		 2020-12-29 -
2022-01-30		 a year crt.sh
script.anura.io
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
aimtell.com
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.mediawallahscript.com
Amazon		 2021-05-19 -
2022-06-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-09 -
2022-09-08		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
ads.anura.io
Amazon		 2021-07-29 -
2022-08-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 3 frames:

Primary Page: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Frame ID: FDD1C69214EB6A856D8B27C78D42712D
Requests: 113 HTTP requests in this frame

Frame: https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F0.gif%3FemailMd5Lower%3D%26ic%3D8b79bbbb-310f-4415-b5c2-7ebb75796857%26offset%3D1
Frame ID: EB32F63D198390B0CA4EF3497742D8D5
Requests: 10 HTTP requests in this frame

Frame: https://win.rewardsadvisor.com/sites/all/themes/zeeto/libs/vendor/forge.min.js
Frame ID: 600915E97ED54EB0E110FB8E2587092C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The page you are looking for is no longer available

Page URL History Show full URLs

  1. https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html Page URL
  2. http://draftspout.com/XWzDWrz:3FM:LOICPE:91517:DHM61:22EP:0:0:0:21:29:B:159:2K2:5LEH:A HTTP 302
    http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464... Page URL
  3. http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=24... Page URL
  4. https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140 Page URL
  5. http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid= HTTP 307
    http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=13779... HTTP 302
    http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
    http://go.rewardsadvisor.com/?zRid=RT&utm_source=RobT2Waterfall&utm_campaign=%5Bcid%5D&utm_content=tc_ama... HTTP 301
    https://go.rewardsadvisor.com/?zRid=RT&utm_source=RobT2Waterfall&utm_campaign=%5Bcid%5D&utm_content=tc_ama... HTTP 302
    https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

131
Requests

95 %
HTTPS

0 %
IPv6

21
Domains

25
Subdomains

22
IPs

4
Countries

1134 kB
Transfer

2705 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html Page URL
  2. http://draftspout.com/XWzDWrz:3FM:LOICPE:91517:DHM61:22EP:0:0:0:21:29:B:159:2K2:5LEH:A HTTP 302
    http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53 Page URL
  3. http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click= Page URL
  4. https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140 Page URL
  5. http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid= HTTP 307
    http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1377923715672873380 HTTP 302
    http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89 HTTP 307
    http://go.rewardsadvisor.com/?zRid=RT&utm_source=RobT2Waterfall&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_term=tc_amazon&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&[pub]=1377923721685486973 HTTP 301
    https://go.rewardsadvisor.com/?zRid=RT&utm_source=RobT2Waterfall&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_term=tc_amazon&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&[pub]=1377923721685486973 HTTP 302
    https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://draftspout.com/XWzDWrz:3FM:LOICPE:91517:DHM61:22EP:0:0:0:21:29:B:159:2K2:5LEH:A HTTP 302
  • http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Request Chain 10
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower= HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=8b79bbbb-310f-4415-b5c2-7ebb75796857 HTTP 302
  • https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F0.gif%3FemailMd5Lower%3D%26ic%3D8b79bbbb-310f-4415-b5c2-7ebb75796857%26offset%3D1
Request Chain 11
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower= HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1634796559064
Request Chain 12
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
Request Chain 13
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
Request Chain 14
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
Request Chain 15
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
Request Chain 16
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
Request Chain 17
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
Request Chain 18
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif HTTP 302
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ehlyybhlbs.html
jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ 		102 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.150.39.132 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d62fa864f3979680b3209803f094b1ff7031dd10cd0c6d0b05e2f83a33a2ff91

Request headers

Host
jbhksbzqxp.blob.core.windows.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Length
102
Content-Type
text/html
Content-MD5
jxvMIUSYoKt8KiBF6mZgMQ==
Last-Modified
Thu, 21 Oct 2021 01:29:43 GMT
ETag
0x8D9943242CE9551
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
f301f268-a01e-000c-1642-c6fd94000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 21 Oct 2021 06:09:14 GMT
Cookie set /
rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/
Redirect Chain
  • http://draftspout.com/XWzDWrz:3FM:LOICPE:91517:DHM61:22EP:0:0:0:21:29:B:159:2K2:5LEH:A
  • http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Requested by
Host: jbhksbzqxp.blob.core.windows.net
URL: https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html
Protocol
HTTP/1.1
Server
138.128.7.214 , Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.31
Resource Hash
0a5f4bf572de3c765c82952713d3deffc290c93a42f3740ea90ef40462b810eb

Request headers

Host
rainbowgrand.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html#XWzDWrz:3FM:LOICPE:91517:DHM61:22EP:0:0:0:21:29:B:159:2K2:5LEH:A

Response headers

Server
nginx
Date
Thu, 21 Oct 2021 06:19:37 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.31
Set-Cookie
clkcheck27150=efe9ea6a6d20ca7371859cac2d8702d8_107546; expires=Sat, 20-Nov-2021 06:19:37 GMT; Max-Age=2592000; path=/; SameSite=Lax

Redirect headers

Date
Thu, 21 Oct 2021 06:09:15 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
location
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8bfccd32d42fb4272ed5783d90b22d98a05e3f0241ce131d65fbca5c069d5028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33004
x-xss-protection
0
expires
Thu, 21 Oct 2021 06:09:18 GMT
fp.php
rainbowgrand.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rainbowgrand.com/fp.php
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
HTTP/1.1
Server
138.128.7.214 , Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.31
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
http://rainbowgrand.com
Accept-Encoding
gzip, deflate
Host
rainbowgrand.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Cookie
clkcheck27150=efe9ea6a6d20ca7371859cac2d8702d8_107546
Connection
keep-alive
Content-Length
1042
Referer
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 21 Oct 2021 06:19:37 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.31
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 10 Jun 2021 05:37:15 GMT
Server
AmazonS3
Age
513
ETag
W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Thu, 21 Oct 2021 06:00:45 GMT
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
pBfpYkBmqNfNhM2o0NC1fyAGAftokjpuVhKHJhoHjYg92GxDTqZSeg==
request.js
script.anura.io/ 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=56309078&source=107546&campaign=27150&exid=efe9ea6a6d20ca7371859cac2d8702d8&122578344841
Requested by
Host: jbhksbzqxp.blob.core.windows.net
URL: https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d3c41035f5b7b649359487e72a945de6780f06a47fada2f433fbe77167db694b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:18 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-content-type-options
nosniff
expires
Sun, 28 Dec 1980 18:57:00 EST
server
nginx
content-type
application/javascript; charset=utf-8
matches
signals.aimtell.com/ 		43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
6a1850fa8d6e2790-PRG
access-control-allow-headers
Content-Type, *
content-length
43
cookie
api.traversedlp.com/retargeting/v1/ 		117 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargeting/v1/cookie
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
7d0a16d51847f87844abfee3932fca527ba87b13e6c629e040a6faf56bbe418d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
etag
W/"75-3F9TP8/gQnpxVJAowXzNRg"
vary
Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://rainbowgrand.com
access-control-expose-headers
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
117
enqueue
api.traversedlp.com/retargetinginclusion/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol
H2
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://rainbowgrand.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 21 Oct 2021 06:09:19 GMT
content-type
text/html; charset=utf-8
content-length
228
server
nginx/1.20.0
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://rainbowgrand.com
access-control-allow-credentials
true
access-control-expose-headers
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers
content-type,authorization
allow
ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag
W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary
Accept-Encoding
enqueue
api.traversedlp.com/retargetinginclusion/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Referer
http://rainbowgrand.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
http://rainbowgrand.com
date
Thu, 21 Oct 2021 06:09:19 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary
X-HTTP-Method-Override
access-control-expose-headers
enqueue.gif
api.traversedlp.com/retargeting/v1/match/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/0.gif?emailMd5Lower=&ic=8b79bbbb-310f-4415-b5c2-7ebb75796857
  • https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F...
0
0
/
partner.mediawallahscript.com/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/1.gif?emailMd5Lower=
  • https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1634796559064
0
0
2.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:19 GMT
server
nginx/1.20.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/2.gif?emailMd5Lower=
date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
3.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/3.gif?emailMd5Lower=
date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
4.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/4.gif?emailMd5Lower=
date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
5.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:19 GMT
server
nginx/1.20.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/5.gif?emailMd5Lower=
date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
6.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
35 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/6.gif?emailMd5Lower=
date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
7.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/7.gif?emailMd5Lower=
date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
8.gif
api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/ Frame EB32
Redirect Chain
  • https://api.traversedlp.com/retargeting/v1/match/lookup?campaignId=d220d921-1a8c-418d-b956-8b678623a024&redirect=api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif
  • https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
35 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
image/gif
etag
W/"23-whlt6LpBLGDCKrSRr3sUCQ"
content-length
35
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"

Redirect headers

location
https://api.traversedlp.com/v1/7f2715a7-b8fd-48f4-9443-d095cbdcc02e/8.gif?emailMd5Lower=
date
Thu, 21 Oct 2021 06:09:18 GMT
server
nginx/1.20.0
content-type
text/plain; charset=UTF-8
content-length
110
vary
Accept, Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
/
partner.mediawallahscript.com/ Frame EB32 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=8b79bbbb-310f-4415-b5c2-7ebb75796857&tag_format=img&tag_action=sync&cb=1634796558783
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.233.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-233-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
Cookie set /
rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click=
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Protocol
HTTP/1.1
Server
138.128.7.214 , Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.31
Resource Hash
26794b63ef60165efac168a405beaa84fb82359806863207804931c2674842c0

Request headers

Host
rainbowgrand.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53
Accept-Encoding
gzip, deflate
Cookie
clkcheck27150=efe9ea6a6d20ca7371859cac2d8702d8_107546
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53

Response headers

Server
nginx
Date
Thu, 21 Oct 2021 06:19:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.31
Set-Cookie
clkcheck4740=222375640e3782ae1f99cff09c101093_107546; expires=Sat, 20-Nov-2021 06:19:38 GMT; Max-Age=2592000; path=/; SameSite=Lax
response.json
script.anura.io/ 		43 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=107546&campaign=27150&exid=efe9ea6a6d20ca7371859cac2d8702d8&122578344841
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://rainbowgrand.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
gtm.js
www.googletagmanager.com/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
295205cc690e2ac0acd479c2ab41d52beebc28b64f7264dd7f3ee72d5251fa25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33004
x-xss-protection
0
expires
Thu, 21 Oct 2021 06:09:19 GMT
fp.php
rainbowgrand.com/ 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://rainbowgrand.com/fp.php
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click=
Protocol
HTTP/1.1
Server
138.128.7.214 , Canada, ASN55286 (SERVER-MANIA, CA),
Reverse DNS
Software
nginx / PHP/7.3.31
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
http://rainbowgrand.com
Accept-Encoding
gzip, deflate
Host
rainbowgrand.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click=
Cookie
clkcheck27150=efe9ea6a6d20ca7371859cac2d8702d8_107546; clkcheck4740=222375640e3782ae1f99cff09c101093_107546
Connection
keep-alive
Content-Length
970
Referer
http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click=
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 21 Oct 2021 06:19:38 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.31
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
retargeting.js
static.traversedlp.com/v1/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MB79N3N
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 10 Jun 2021 05:37:15 GMT
Server
AmazonS3
Age
514
ETag
W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Thu, 21 Oct 2021 06:00:45 GMT
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
qJgaHqgj88_HPG6aC7zxqKPCXonqr3IwM95gAPo4EYKDAM3fv4O98A==
request.js
script.anura.io/ 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=56309078&source=107546&campaign=4740&exid=222375640e3782ae1f99cff09c101093&767065258362
Requested by
Host: jbhksbzqxp.blob.core.windows.net
URL: https://jbhksbzqxp.blob.core.windows.net/dfkbulrvbr/ehlyybhlbs.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8612fc89c375ef78aa0b3aeda0dd9498b6b9850ffbf4efa0fc9cdf94f2e1f038
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:19 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-content-type-options
nosniff
expires
Sun, 28 Dec 1980 18:57:00 EST
server
nginx
content-type
application/javascript; charset=utf-8
matches
signals.aimtell.com/ 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
6a1851013ef32790-PRG
access-control-allow-headers
Content-Type, *
content-length
43
cookie
api.traversedlp.com/retargeting/v1/ 		119 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargeting/v1/cookie
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
9bea0f4182391e14d8d879fc549035c3e4bf70cda3fc806d9c9f93e1b0e46d07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:19 GMT
server
nginx/1.20.0
etag
W/"77-zoF+oz144HFn5lndSg15RA"
vary
Accept-Encoding
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://rainbowgrand.com
access-control-expose-headers
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
119
enqueue
api.traversedlp.com/retargetinginclusion/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Protocol
H2
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
http://rainbowgrand.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 21 Oct 2021 06:09:19 GMT
content-type
text/html; charset=utf-8
content-length
228
server
nginx/1.20.0
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
access-control-allow-origin
http://rainbowgrand.com
access-control-allow-credentials
true
access-control-expose-headers
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers
content-type,authorization
allow
ACL,BIND,CHECKOUT,CONNECT,COPY,DELETE,GET,HEAD,LINK,LOCK,M-SEARCH,MERGE,MKACTIVITY,MKCALENDAR,MKCOL,MOVE,NOTIFY,PATCH,POST,PROPFIND,PROPPATCH,PURGE,PUT,REBIND,REPORT,SEARCH,SOURCE,SUBSCRIBE,TRACE,UNBIND,UNLINK,UNLOCK,UNSUBSCRIBE
etag
W/"e4-6lFXkgJZ15OAZuBnvvjMtg"
vary
Accept-Encoding
enqueue
api.traversedlp.com/retargetinginclusion/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.traversedlp.com/retargetinginclusion/enqueue
Requested by
Host: static.traversedlp.com
URL: https://static.traversedlp.com/v1/retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-163.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://rainbowgrand.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
http://rainbowgrand.com
date
Thu, 21 Oct 2021 06:09:19 GMT
access-control-allow-credentials
true
server
nginx/1.20.0
p3p
CP="CAO PSAo CONo OUR OTRo BUS PHY ONL UNI COM NAV DEM STA"
vary
X-HTTP-Method-Override
access-control-expose-headers
response.json
script.anura.io/ 		43 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=56309078&source=107546&campaign=4740&exid=222375640e3782ae1f99cff09c101093&767065258362
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://rainbowgrand.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
/
offer-notavailable.com/bettercontent/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140
Requested by
Host: rainbowgrand.com
URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.57.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dba8f52818ae72e3b7cadd92c26250056cbcc1f3224b59c9b7716994bcecc4d

Request headers

:method
GET
:authority
offer-notavailable.com
:scheme
https
:path
/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://rainbowgrand.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://rainbowgrand.com/

Response headers

date
Thu, 21 Oct 2021 06:09:20 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcxRBeuLk9Se2WvzrfMmAnxoryAGMXqysAp50btNNsvVBZ4pDxK1vW5T%2FmvyFCPCvUFai1n7YdB09szI%2FW%2Boz4YKmzlJpuoAk1Wk5gO14yDLEPnhXUn5eDKp9Vdqe247pwlez8LKRs%2BU"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a18510478395be1-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
desktop.png
offer-notavailable.com/bettercontent/images/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offer-notavailable.com/bettercontent/images/desktop.png
Requested by
Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.57.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864

Request headers

:path
/bettercontent/images/desktop.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
offer-notavailable.com
referer
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
972963
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
94237
last-modified
Wed, 06 Nov 2019 23:26:55 GMT
server
cloudflare
etag
"5dc356bf-1701d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR2ly88mM1btTIqxMgC7YNpWLsW6%2FtxxVVw1aKYI29fYXp3Dp2z6nDniI3FxQT3wCSTkdQDsYUmj1DmSOomrBjKqw6P87qGxNyqLBFVExhbhaP01XKR1lZMlKFHxbq4YLJ8RJRHaD0Th"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
6a1851061fbb4ed4-FRA
expires
Mon, 08 Nov 2021 23:53:17 GMT
Primary Request a
win.rewardsadvisor.com/
Redirect Chain
  • http://rapid-cdn.com/?flux_fts=ioxtixzzcotllizozxeiclzclcqzllcaqxxzi74b5b&pubid=107546&vert=&cid=
  • http://go.nanzerkalo.com/ts464-internationalemail-general?flux_txid=475075720557923304&flux_hid=1377923715672873380
  • http://rapid-cdn.com/?flux_fts=ioxtozxqpptqqqxtlleioapoxtlxlazzpqzxt9ac89
  • http://go.rewardsadvisor.com/?zRid=RT&utm_source=RobT2Waterfall&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_term=tc_amazon&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_...
  • https://go.rewardsadvisor.com/?zRid=RT&utm_source=RobT2Waterfall&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_term=tc_amazon&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click...
  • https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amaz...
30 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Requested by
Host: offer-notavailable.com
URL: https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.185.201 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
520fe0b366f799be0adf3e1a990c12fb1809893c403eb56a4394f18f400f758d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
win.rewardsadvisor.com
:scheme
https
:path
/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://offer-notavailable.com/bettercontent/?utm_source=107546&utm_medium=27&utm_campaign=268&utm_content=140

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.9
cache-control
must-revalidate, no-cache, private
x-drupal-dynamic-cache
MISS
link
<http://win.rewardsadvisor.com/a>; rel="canonical" <//d3v5pe6rebecos.cloudfront.net>; rel=preconnect; crossorigin <//d3v5pe6rebecos.cloudfront.net>; rel=dns-prefetch
x-ua-compatible
IE=edge
content-language
en
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
expires
Sun, 19 Nov 1978 05:00:00 GMT
vary
Accept-Encoding
x-generator
Drupal 8 (https://www.drupal.org)
x-dns-prefetch-control
on
x-drupal-cache
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHZy26AY8gMqHiKJkSq%2BSb667%2F9hEiRomCvEjLDUltRAygGExTonVoBL712EGy3FDdtCyYCmAM6CHn8jsqKrQXgNkGJV7AO6yvKiDBsyD%2BG28j66iPnetMFiuBAgkeZGaWOVMBRklrMI"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a1851224c575c20-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Thu, 21 Oct 2021 06:09:24 GMT
content-type
text/html; charset=utf-8
location
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
vary
Accept-Encoding Accept
x-powered-by
Express
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E1QEXjrG1EMhX3JmFWQwlcc8k9WcxpXLBk8YqSLVNyb0HsCey0HIPNMYtk%2B6BtMpbaPILACzELKkuxmddhpAq2mKHBPF0AEbOgPm%2BuGkoeYpyrPKNR77ydqvxAzUHOImsTfzWGtW2g%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a18511efe435c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
align.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		484 B
580 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/align.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:31:37 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
49069
etag
"1e4-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
216
x-amz-cf-id
xtXkrHpXpHGCg5Rh9HilgBIjr8KLl6Gtpxsq4LB2ip84Lm-x2oA1zw==
fieldgroup.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		95 B
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/fieldgroup.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:57:32 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
7914
etag
"5f-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
95
x-amz-cf-id
uiy22RKjIaXCnTmS7aBUagwMsO4hUIbiAPs3ij_t3jscPvLJUWLbtQ==
container-inline.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		228 B
521 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/container-inline.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
c2529163c61006009fa7188d9593ac6f89fca1ca723628479b53c2c5a27bd9a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:31:37 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
49069
etag
"e4-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
157
x-amz-cf-id
JMrrKiS-Z07MzUYvG7eDnWwk6Zii_OJ2FZOEESeZFKUaQpeXlx9Tew==
clearfix.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		306 B
587 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/clearfix.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
52618
etag
"132-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
221
x-amz-cf-id
MckFZ3BIKZvwKtlTqxTLSDwHCg3dSw6HqZ3k01UaAw3-jiMFT3Chkw==
details.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		127 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/details.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 20:35:41 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
34425
etag
"7f-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
121
x-amz-cf-id
aoyCo1_A08DkLSiYIkNlD_UKWXAytMr3t8ZDN6AANhFq4Ap-CUIAVA==
hidden.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		1 KB
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/hidden.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
52618
etag
"54f-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
649
x-amz-cf-id
y8PfPSe9mhtCJ64TtkuLjx-gY8YiLGMO9lNKQu1U8rLW1AHAjAh9Fw==
item-list.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		285 B
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/item-list.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"11d-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
154
x-amz-cf-id
a-8biMAL6X6qhITBjXYVMO3idCF4zmxng68ZBQb-mxUaXz1ldvpbtQ==
js.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		402 B
596 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/js.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"192-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
232
x-amz-cf-id
0mSE9o8W003SU0YNU3BFkVgsHq8stjys-bKz_WhSAPCtlTvZJNRJpQ==
nowrap.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		96 B
467 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/nowrap.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 19:49:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
37202
etag
"60-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
104
x-amz-cf-id
0QYi1jjqtG552FywQnlyqi3Zk9kkYtGHRWZJ8sC_0RiCqC1FATzAqQ==
position-container.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		95 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/position-container.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"5f-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
94
x-amz-cf-id
JqWkXefLqWPxY3DuhJUQjHhY9bP9QhkcDTygpKaYQYUXzXBTywBl5A==
progress.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		825 B
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/progress.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
a5803ddaa8803d2ebad80b4242dea531e65882423af375267e474ffb8048ca60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"339-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
350
x-amz-cf-id
lPcXXhsTajh1Lhe6H34zRjTnHPApl7ANUwTSRYI3u1eBNE6pVdduOg==
reset-appearance.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		274 B
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/reset-appearance.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"112-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
189
x-amz-cf-id
SsLarD7GYxMzzhT3oG1EfvCtX3cs20n0ryo85xPyLN2SqRBD00J_rg==
resize.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		270 B
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/resize.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"10e-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
155
x-amz-cf-id
6T_u1Ef6sot_EuGLhbiGAgrLu6ujp6CSaG2ZUlSHHqgw0qwczeCFQA==
sticky-header.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		163 B
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/sticky-header.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"a3-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
144
x-amz-cf-id
p4UTfNlGbPOWtVvsXz5g3Dq54Nbb4dwm-KeAYZxqjUDvAjsgAOLTYA==
system-status-counter.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		761 B
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/system-status-counter.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
4a7faa6dfcd1854a535efc4d1c1969ef3478f9a0e67bf974a5a78ef7e8ba7b9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 10:20:03 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
71363
etag
"2f9-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
313
x-amz-cf-id
MbvV5MkaY8lcpFtkNN2CvJHu9Q-cvJFS2fPdUvq5bVewe-TLX-uGqQ==
system-status-report-counters.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		557 B
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/system-status-report-counters.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:50:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55138
etag
"22d-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
305
x-amz-cf-id
KbCx3S0OLaiyfZUhWcBRSzJPdGCB4fWm_AGk_3gv5BDZKVubKeRIHQ==
system-status-report-general-info.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		255 B
536 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/system-status-report-general-info.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 11:57:39 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
65506
etag
"ff-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
173
x-amz-cf-id
OfR5YIDfOo3VFQL7XKQIA0_95IgHBzxY94baPtnqk4HxdBrkS3t3_g==
tablesort.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		365 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/tablesort.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
2298e6d2bafbe82af2f8c1a4f963d9df7f04ecd5092a08bb06011f01ea9655c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 06:41:23 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
84483
etag
"16d-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
208
x-amz-cf-id
ogVAfT7oTpYbDShrzZrEsIw4VxIwRVaLPGQAvx2OKB74L5wG2voGeA==
tree-child.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/ 		466 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/system/css/components/tree-child.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
3df1425dd2f62d5691f438779fe77fb918f267fa1c0f514de90a910a8b421031

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:50:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55138
etag
"1d2-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
219
x-amz-cf-id
t-fVGPz0uW_NrtX4fQwA_kZXQPiuaWuRQf8kyqF8v09Z-O8Kd-bgXg==
views.module.css
d3v5pe6rebecos.cloudfront.net/core/modules/views/css/ 		434 B
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/modules/views/css/views.module.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
34169af71b02b45feb08dbe27772638c0b3bed26fe26d9f015b019be64e4389b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 19:33:01 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
38185
etag
"1b2-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
215
x-amz-cf-id
rQnk9cdtKMT4TFc8PYHrmEUs_up1LmTrLIAh7QpEqpc2BGSocB5qsw==
webform_bootstrap.css
d3v5pe6rebecos.cloudfront.net/modules/zPub/webform/modules/webform_bootstrap/css/ 		1 KB
936 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/modules/zPub/webform/modules/webform_bootstrap/css/webform_bootstrap.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
efb1c66161b290de18a4304929273dc5e0b01d197b4ca83cfbc4d2983de5cebe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"503-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
574
x-amz-cf-id
bUFb2tpzVLwg4tiKU21V-ETfzkX3s41ld2ImxDSQidcq2TU03dfYkg==
paragraphs.unpublished.css
d3v5pe6rebecos.cloudfront.net/modules/zPub/paragraphs/css/ 		57 B
379 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/modules/zPub/paragraphs/css/paragraphs.unpublished.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
f1eea94c1d7f9c6747515e1d7af60618498e8197905f290bc3851da41fbd5588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 19:33:01 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
38185
etag
"39-5c9298160cc40"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
57
x-amz-cf-id
Pm6ifM_IimPZ23NNJoGzo5yaF2cLQPNlLgLYyheqDcFv45AnxA8cEg==
css
fonts.googleapis.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,400i,700,700i|Source+Sans+Pro:400,600,700
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
eaeee758bd049abda8af9085f1873990ad6088759defed206e2643a372ffeebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 06:09:26 GMT
server
ESF
date
Thu, 21 Oct 2021 06:09:26 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 21 Oct 2021 06:09:26 GMT
settings.css
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/css/settings/ 		1 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/css/settings/settings.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
3f1df4b382237885cc16254b51e81bad62760b0e37061f3fad146ca9d4df193e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"496-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
524
x-amz-cf-id
YFg5-suClXiKU4XOqe4BgHFE2lYiRC6ztEuX1gvo9AWwwTKzHnGP1w==
mixins.css
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/css/settings/ 		0
311 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/css/settings/mixins.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 10:18:53 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
71433
etag
"0-5c9298160cc40"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
0hJm89zU1Kv7QIlOaJdpaJGw48PZiG20suUjVJ4N1aJSab-0mA2PQA==
bootstrap.css
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/ 		143 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/css/bootstrap.css
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3594245
x-jsd-version
3.4.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19175-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"23a0d-+GduH0qQKmMIj0WYLz+bamxAG0c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a18512a7d022790-PRG
drupal-bootstrap.css
cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@unicorn-fail/drupal-bootstrap-styles@0.0.2/dist/3.4.0/8.x-3.x/drupal-bootstrap.css
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d4e006425282efc92a03f2bf292b71885fcad8f387fcfaa6c2224db17266b4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3594183
x-jsd-version
0.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19163-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"36f9-z981a03J7uHngtMwrs4UwcaV6aU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a18512a7d042790-PRG
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,500i,600,700|Roboto:400,500,700
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
617d2ec57923ff99c00670af068767841596a61297e741e97343d8fb6b4dfbbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 06:09:26 GMT
server
ESF
date
Thu, 21 Oct 2021 06:09:26 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 21 Oct 2021 06:09:26 GMT
progressStepsWithCart_teal.css
d3v5pe6rebecos.cloudfront.net/themes/dms/css/properties/rewardsadvisor/paragraphs/progressStepsWithCart_teal/ 		2 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/themes/dms/css/properties/rewardsadvisor/paragraphs/progressStepsWithCart_teal/progressStepsWithCart_teal.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8e8bcf7862a70d0443fa415d55210037b1f5e1fa349e28941707449bf46fa9a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:12:14 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
Apache/2.4.25 (Debian)
age
10632
etag
"64b-5c92980e6ba40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
556
x-amz-cf-id
l-3AziRLdDcRqMcdOd6KaynTJmV-D6mbV71fBu6BYOO_WGFLoFeDjw==
ra-gcTheme.css
d3v5pe6rebecos.cloudfront.net/themes/dms/css/properties/rewardsadvisor/libs/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/themes/dms/css/properties/rewardsadvisor/libs/css/ra-gcTheme.css?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
cdd7d54cbe9cc22f3cd30caa456a0f75496416ac3efed6540c992ef1ad97a678

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:46:45 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
Apache/2.4.25 (Debian)
age
22960
etag
"2675-5c92980e6ba40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2206
x-amz-cf-id
lCqnwYyjmRlHjNXqaOvd2fXCVVWP0zy-0gr-hA5PTvQqkey59XJO6A==
jquery.min.js
d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
52618
etag
"15851-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
30677
x-amz-cf-id
kWhsMAaZA4s29fB8fLz5rYBy12Qlnqstc-tPx6rf4cUgEbJLs-UsEg==
settings.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/settings/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/settings/settings.js?v=1.2.6
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
31fb58210ab319112d84d3a18c02cc805bdafd77ae33ec73c60a4f4f71be6a9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 10:56:41 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
69165
etag
"2f27-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3941
x-amz-cf-id
rtskakr0uOBxy2HAphDb_Ef9XpzYQBHKq6YEXUvm7h46053dz_pd3Q==
a889da91de.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/a889da91de.js
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
784a11e7d91a92fe841f5f2fa9496345b18dca1ebad48111a08c7cf03a06a58c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6a18512a8a58f9de-PRG
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
Fq4cMueyjeYLvYjKDaBh
globalFormUtils.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/settings/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/settings/globalFormUtils.js?v=1.2.6
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
ec39a145f7f8a61bd27f8002f66be3cf97d2796c89f2b2cc6526ea2119afadda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:52 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
55414
etag
"f2c-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1002
x-amz-cf-id
GzKHIU9UQgQySDp2hR4POouL9VqVGj_vVJREGlQELvsXU-OEie5aqg==
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Element.prototype.dataset
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.26 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
471337
detected-user-agent
Chrome/93.0.4577
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Fri, 15 Oct 2021 00:11:36 GMT
date
Thu, 21 Oct 2021 06:09:26 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/93.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
polyfill.min.js
cdnjs.cloudflare.com/ajax/libs/babel-polyfill/6.26.0/ 		102 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/babel-polyfill/6.26.0/polyfill.min.js
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2535145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29511
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d6b-19873"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXeIS4M9ldtn9JpLQpht%2BYQWmq63ubSBko5BcvjZwHO0vfrmnVVB4EEehaKfPk3iUSRMrGq0tkO%2BpZCfpUcPjC%2FTHt2zTy1SpaDGah1cEHlZkWO0Ffdo4c8XkMTMcttGOEnO3d7n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a18512a7afe4132-PRG
expires
Tue, 11 Oct 2022 06:09:26 GMT
lodash.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/vendor/ 		466 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/vendor/lodash.js?v=1.2.6
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
a68e937492d709d6352c0e27fed8ea3cf15ea786f6cc9bed1b79492a0c363d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
52618
etag
"7476b-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
9GUSXrq4UHBPhc8xuukmg92TJXGUWMacEspM4w8nyYXU799DQK5TDQ==
touch-detection.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/ 		795 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/touch-detection.js?v=1.2.6
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
ff5fab5e568a75827d7d71d0b6ea84654f33c9648b65ba444b461cecdbd30e6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:24 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
55442
etag
"31b-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
404
x-amz-cf-id
nVlaJ4YVJhnxm87QKCTx-ZKROkWF3oPbK9CtFMYO8pb1OIn5nOrjJA==
anura-script.js
d3v5pe6rebecos.cloudfront.net/themes/dms/js/libs/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/themes/dms/js/libs/js/anura-script.js?v=1.0.0
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
ef666e476c0c44bed4d0b0cad90a114bd1e8482eb27817672f2bc1d57eb112a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 06:16:28 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
Apache/2.4.25 (Debian)
age
85978
etag
"c5a-5c92980e6ba40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1171
x-amz-cf-id
4przy3h0gTH7ygDJ7oldCC3X-BH6dAA8MfaTdyHwooer8EKiEXJ5Qg==
RewardsAdvisor_logo_250_b.png
d3v5pe6rebecos.cloudfront.net/sites/default/files/2018-05/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/default/files/2018-05/RewardsAdvisor_logo_250_b.png
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
ffb28ecaf2e96a3ab6cddf1b39973b1eef26de9cc5f2769d65e1ad27dbd83379

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:46:46 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Tue, 08 May 2018 18:32:27 GMT
server
Apache/2.4.25 (Debian)
age
22960
etag
"251e-56bb6021984c0"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
9502
x-amz-cf-id
9pqA30VWvLc8FfA-btuE_p4TOyRZ_F2zqWESlXeL5Mw8xEogVECOyQ==
carticon_small_icon_white.png
win.rewardsadvisor.com/sites/default/files/inline-images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://win.rewardsadvisor.com/sites/default/files/inline-images/carticon_small_icon_white.png
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a4195d88af2494fa1e8b5ae1dccf7463bb568ba038265d34ca767355b425e8

Request headers

:path
/sites/default/files/inline-images/carticon_small_icon_white.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1545
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1103
last-modified
Tue, 27 Apr 2021 23:59:23 GMT
server
cloudflare
etag
"44f-5c0fd0d2b6968"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp7KDimwTU1KP%2Bbt3CS%2FhtggKl28sYvvAW4b0mL7UG5D9ShDyPHwatE7fbquqf%2F2iqw0%2FYshbktkNMnHMrLA1r9fj4LATU074tT%2B0sx9o0vCak8Tjn%2FlGWog%2FNu3bGnjvZ4W7daFG%2BXJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6a18512b5fce4114-PRG
yellow-cards_3.png
d3v5pe6rebecos.cloudfront.net/sites/default/files/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/default/files/yellow-cards_3.png
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
fefe7a41ce6890f74467722ed8ec72b16e92471931c65bfe06169fa3001d5f63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 01:49:59 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 18:39:22 GMT
server
Apache/2.4.25 (Debian)
age
15567
etag
"39f5a-59350dadaea80"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
237402
x-amz-cf-id
7nSvuFOLulwyIAb1tJkiKzWOSzFuLTe8BjPYLmT3rAvTiuUmokphsw==
Banner-mobile.png
d3v5pe6rebecos.cloudfront.net/sites/default/files/inline-images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/default/files/inline-images/Banner-mobile.png
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
89153a27348cde59ecfab4daf75760ac920ab699c2f86baa50a4226decc841cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 21:14:20 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Tue, 24 Sep 2019 18:47:42 GMT
server
Apache/2.4.25 (Debian)
age
32105
etag
"4234-59350f8a84f80"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
16948
x-amz-cf-id
hz-Gh5HgxSoLQ7_5xBg44AZgUtWAvlp9AkivNR5mblXXfzGtWIz2Yg==
amzn_gc_800x450_100.png
d3v5pe6rebecos.cloudfront.net/sites/default/files/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/default/files/images/amzn_gc_800x450_100.png
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
b04591e6cbe28de034cf8774eb7a763ae0f87e220c7a248977ce3ec7fb6db92a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 11:57:41 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
last-modified
Fri, 05 Feb 2021 18:23:29 GMT
server
Apache/2.4.25 (Debian)
age
65505
etag
"423c-5ba9aeab4ca40"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
16956
x-amz-cf-id
sobu-zpo0OSMoDxByx2sGcMdcsZ-C5xTnMzqUz8AGeplDz1UmJIuQA==
underscore-min.js
d3v5pe6rebecos.cloudfront.net/core/assets/vendor/underscore/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/underscore/underscore-min.js?v=1.8.3
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:45:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55441
etag
"4041-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5845
x-amz-cf-id
_EM2BFYQ7v8ZBbK-G4BBUYq7C5Ne-PbvnMi-_ewJaB6ZX8vSAMRKew==
jquery.once.min.js
d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery-once/ 		872 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery-once/jquery.once.min.js?v=2.2.0
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
c311fb9284e9f5b1b6675d300b86264305c08526350fd0b9b08a035f73ad3987

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:50:29 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55137
etag
"368-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
428
x-amz-cf-id
3dNy6vV_kGq32oJu-V-V51CavrOk06Htgmv72t5hMAHeJ48nUfdq4A==
drupalSettingsLoader.js
d3v5pe6rebecos.cloudfront.net/core/misc/ 		519 B
689 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/misc/drupalSettingsLoader.js?v=8.8.1
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 17:17:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
46292
etag
"207-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
314
x-amz-cf-id
ZR_6OKsDh5kREjT_SWEws5KL2nIzqL0LQHUNZn5cGrj4yPYIwvJYeg==
drupal.js
d3v5pe6rebecos.cloudfront.net/core/misc/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/misc/drupal.js?v=8.8.1
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:50:29 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
55137
etag
"18a8-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1855
x-amz-cf-id
YKx3OUjRUZsMO_LWxpfb70CVUn8T3JCCGhv8U2ZXwT-xNO9pVHchgg==
drupal.init.js
d3v5pe6rebecos.cloudfront.net/core/misc/ 		727 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/misc/drupal.init.js?v=8.8.1
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:58:09 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
54677
etag
"2d7-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
389
x-amz-cf-id
1VwWqgRnQgqttETgCNXMvvY9h5Dm4HBzcacCfVHb5OFgB-qzElBZFA==
qualificationRules.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/paragraphs/qualificationRules/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/paragraphs/qualificationRules/qualificationRules.js?v=1.0.2
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
1e5a050bb207145e56a6fb9dcbd1b41555682ed7b49ce25ad1b550c7de56446f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 17:17:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
46292
etag
"1fb1-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2072
x-amz-cf-id
N-qIusk7eXoncc_T7QslA31IiE3a42y7fC9bOKzJ7_k_yYixD3x8LA==
variationView.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/variationView.js?v=1.2.3
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
dc74c8a1f98029e168d36c3a23999336647dfd563faf33f0c02f6a42a3e17850

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
52616
etag
"474a-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4521
x-amz-cf-id
93y5J7J_T2b0XkliwHqmP3UxM8RdPr3bX1kuex7Y_Lgo38TfOQwp5A==
variationViewRewardsAdvisor.js
d3v5pe6rebecos.cloudfront.net/themes/dms/js/properties/rewardsadvisor/libs/js/ 		411 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/themes/dms/js/properties/rewardsadvisor/libs/js/variationViewRewardsAdvisor.js?v=1.0.5
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
40c5c89a67536b078e7dda8fef9e0a92acac31d06edc9bdeacdce163490bb058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 20:35:41 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:22:57 GMT
server
Apache/2.4.25 (Debian)
age
34425
etag
"19b-5c92980e6ba40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
216
x-amz-cf-id
glRYj60AR9jH2Fz5NV0NBSNJRzdZMOEhESAyqELa6tdKYPzwfpfukQ==
blacklistAPI.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/ 		1 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/blacklistAPI.js?v=1.0.0
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
9142ceac94249f25f1dd63f18e9b6be27cfe25db2008d4fabe7cb27c2fe32c03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 06:41:26 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
84480
etag
"54b-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
627
x-amz-cf-id
DjGVGQ6PpxZ1m81ETi7w-hC8M0KpsuAOd5F32ED-MHKoY2XPvuwvyg==
uaparser.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/vendor/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/vendor/uaparser.js?v=1.2.7
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
98db81eb77049d1aa713fc2c5558300a28d7cb7e07e12b5a5bb90eac13e89d21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:50:29 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
55137
etag
"5082-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
6500
x-amz-cf-id
ey1IIe7ZJxhYR6dk7_o9y1q5eoWmHsSMCjq8OTFdXo66zN3nvIbbJA==
zeetoPixels.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/zeetoPixels.js?v=1.0.9
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
3b49b444dcffd5cf7e9748e901707035311a3f97b1aa0768200c915ed8a8304a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
52616
etag
"1203-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1210
x-amz-cf-id
unflr-4sivrSxaz3L3j48akGV2eqJBFYqo4FokkTsMRSFaDTyI_75Q==
visitAPI.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/visitAPI.js?v=1.2.7
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
fdaae265db2f1e297b09ec13be927172715552763ae2d6bc04697808db03b907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 19:49:25 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
37201
etag
"5767-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5950
x-amz-cf-id
QuuurSGWSSqTG-nAWH1FC8ibzCbE1ZtyXUAm8m7cVoNdKOFKRq0FSA==
visitorAPI.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/visitorAPI.js?v=1.1.7
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
7c1c1f257c85ac535047e2e4d2da4eb29b214ec356cfbe91b9d04f2dd49d3ece

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 17:17:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
46292
etag
"5ee6-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5196
x-amz-cf-id
I_wvODRsNW4r9aarY5Hy56aXoOXSy3rin3OZc0QcRxi5xbhirvCd7Q==
bootstrap.js
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/ 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.js
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.rewardsadvisor.com/
Origin
https://win.rewardsadvisor.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3594245
x-jsd-version
3.4.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19142-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"126dc-ESd/TgTPBwo1DlZrBT7yIVmTcgw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a18512b591c2788-PRG
drupal.bootstrap.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/drupal.bootstrap.js?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
5da6ba1ae0ed7f029fe55376c38828291658d40d2e900880f26fbd55b6fcbced

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 17:17:54 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
46292
etag
"48e4-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4975
x-amz-cf-id
DXPIM4U-_z90ln87TG9G-BMx5QyYVmb9c2rK-CZm9dWisd_2PNLjEg==
attributes.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/attributes.js?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
cb00f2c965256d4ca2a749551d02a5fe6ed56d7eba6b6517c876e50ab2f4a800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
52616
etag
"2752-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2771
x-amz-cf-id
rX4FTEDXF5AKkh5CZpPRYo_AOJypOzDyNp2BqpM4oOAf-3oxEg_mKw==
theme.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/theme.js?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
59131f4a37c0393c46ee7b1fa51473071aaf4596883577e91f29785beb0eef7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 19:33:02 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
38184
etag
"1480-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1244
x-amz-cf-id
qK9Ms4LEX06NDbUH1ZGSMrzxm0JyanyzZPBPVAM7acvpf4krZqrMrQ==
states.js
d3v5pe6rebecos.cloudfront.net/core/misc/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/core/misc/states.js?v=8.8.1
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
0be3e233056517843182733fd7368fa997e64034895fc54ae7a61de4adf559ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:42:06 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
Apache/2.4.25 (Debian)
age
52040
etag
"2821-5c9298376db00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2693
x-amz-cf-id
naLkuJ2g7iF3lBx6s6CUjkZSGkR_CqzTrTuGwOIAIHubSrjGwwyPIg==
states.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/misc/ 		1 KB
939 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/misc/states.js?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
cfa50d69b8deb0fa875b7d9b8a414cb2b05582626251756437c6d368ff2babf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:50:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
55136
etag
"416-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
566
x-amz-cf-id
jWoTAeJVsCMhnSRHpe0gaOnG8iv6TKtJbT89alhLOUILVrZGuqcsEg==
webform.states.js
d3v5pe6rebecos.cloudfront.net/modules/zPub/webform/js/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/modules/zPub/webform/js/webform.states.js?v=8.8.1
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
7018999dad84ce5d605ee1a973b84bd29497034513451f7a1063c25986da7785

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 14:50:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
55136
etag
"3201-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3176
x-amz-cf-id
PqyfuI1Ze-U5Df8UR6JNSUhWSvzWS9OJ44r-sgBhtG6MEWEt1LJBOQ==
webform_bootstrap.states.js
d3v5pe6rebecos.cloudfront.net/modules/zPub/webform/modules/webform_bootstrap/js/ 		713 B
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/modules/zPub/webform/modules/webform_bootstrap/js/webform_bootstrap.states.js?v=8.8.1
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
74f16a4531ed9e75c88ee49f27756839bba883a2d84e481ea3f43a90a33ca5eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 23:46:29 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
22977
etag
"2c9-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
371
x-amz-cf-id
SQmpjNGeQIF-b6gY5qzi7pBsj93ReJdrYbN-uei104rDDtGrn-MMCA==
popover.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/popover.js?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
d801cd424daf1a5adf9ca2444ac7581c51c4545f63c8976d35fa2b63878ea46a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
52616
etag
"161b-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1777
x-amz-cf-id
Bz3_viPe9jIa5UYigVArJuKx1NOWWOJlpgd4SykCsdKqyPvR1xOwSA==
tooltip.js
d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/ 		2 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/bootstrap/js/tooltip.js?qxlloi
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.100 -, , ASN (),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
1b029e55af64ea7794d55a09a0c338f8770eaa7f79eac99e7a5b3e3fdc9a0dc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 15:32:30 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
Apache/2.4.25 (Debian)
age
52616
etag
"694-5c9298160cc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
638
x-amz-cf-id
oFY6GZoVQ0fhhty7xMYc7nV4NT5FMaSfV1nfUzyWcOt0er1hdmq0RA==
css
fonts.googleapis.com/ 		4 KB
556 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700&display=swap
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/themes/dms/css/properties/rewardsadvisor/libs/css/ra-gcTheme.css?qxlloi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
0e3bb71c511321095637207a1ee57300a329689589464ee1b6b86f7b3d8e35d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d3v5pe6rebecos.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 06:09:26 GMT
server
ESF
date
Thu, 21 Oct 2021 06:09:26 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Thu, 21 Oct 2021 06:09:26 GMT
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=a889da91de
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a889da91de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
1546
etag
"610ae215-d3b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6a18512b4de4f9d6-PRG
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=a889da91de
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a889da91de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
416615
etag
"610ae215-1062"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6a18512b4de7f9d6-PRG
content-length
4194
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		27 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=a889da91de
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a889da91de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
1546
etag
"610ae215-a2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6a18512b4de5f9d6-PRG
content-length
2603
request.js
script.anura.io/ 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=1670155133&source=RobT2Waterfall&campaign=%255Bsid1%255D&callback=anuraCallbackFunction&797757906170
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/themes/dms/js/libs/js/anura-script.js?v=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4a35c9d8baefa61e977a6d3a04afd2f0f076d19db21e9014559751fa05e62ae9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:26 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
x-content-type-options
nosniff
expires
Sun, 28 Dec 1980 18:57:00 EST
server
nginx
content-type
application/javascript; charset=utf-8
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://win.rewardsadvisor.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 04:13:09 GMT
x-content-type-options
nosniff
age
179777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 04:13:09 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://win.rewardsadvisor.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 12:19:14 GMT
x-content-type-options
nosniff
age
496212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 15 Oct 2022 12:19:14 GMT
blacklist-check
win.rewardsadvisor.com/ 		26 B
967 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/blacklist-check?ip=216.131.114.12
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
5afdfcbd229f595910d86b8e6ec9b3ab58b067667288e50c61f573ceba6bbd53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973
:path
/blacklist-check?ip=216.131.114.12
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
via
1.1 ee46fdde6e68c4ab6c791f98f3f42706.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C2
x-amz-apigw-id
Hi2TmFJqPHcFYYg=
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26
x-ua-compatible
IE=edge
x-amzn-requestid
b248d49a-601f-4d4f-84cb-2dadc36383fa
server
cloudflare
x-amzn-trace-id
Root=1-61710416-777661e43d7e83421e1dee02
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHU%2BFlgbi%2Bw9IN00n98%2BmthblXO9uZm%2Bnigii7lv2R%2Fwu7S%2BV1gRf1cQ1fHXKQcioA3wlvZYAF75mR%2BfmMJtyn8ypcFjOThgWwWFQTWDPIP5iOLMQl%2F50lp8HZJyT6HSWMdp8IAoTFfl"}],"group":"cf-nel","max_age":604800}
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512bc88a4114-PRG
x-amz-cf-id
xeDYglixnTV5nNBF7wWXQqhLT6tmFijfgH_i8jeplk39WfgNa1FSIA==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973
content-length
1154
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
via
1.1 0c96ded7ff282d2dbcf47c918b6bb501.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TmGzhPHcFhFw=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
3db057fd-65fa-4de3-bc71-d2b964299cea
server
cloudflare
x-amzn-trace-id
Root=1-61710416-69494a63160a39d043a39543
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az0wMrwkoLPeOwokE86dNK2IcCd7l9QjmJDQuNKj1Y78hrocXmmN7fodZd5zsrQpWMORXaYOWEZ6y4DkuoyH3Te2GbbU1p628g2EaBIB9GI9ogV0TEC0fpWz%2BOX2M56ajr1a1iHPSiKM"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512bc88d4114-PRG
x-amz-cf-id
vuj0YkMPoSpI77I4-lOhmEagnXcaQ5vnh8gb0Y8G9T_IySHK9yDEjQ==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973
content-length
1155
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
via
1.1 0aebf3fe433ff96e68d785fad4ea4c0f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TlGzyPHcFaMg=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
aa4461e7-90ed-4541-a791-dfb4265261b7
server
cloudflare
x-amzn-trace-id
Root=1-61710416-3d1efa175fc245dc1f8e3c3a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AF8ZyYJXza%2BPVM3AGX%2BCMWqi72wTWBL3ALVlbbmPcB9SRVe2hkJ2LOJWB%2F6rY5eswiYhAoHRpYOIVB%2F4PXhHDZGNNnKq7Vwc2XePTNCPgP5hhGK9JXrNsxxyrDkO04gOJEnk0MSdJM50"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512bc88f4114-PRG
x-amz-cf-id
OsEEryzSis2s9B3fSUPdcjv_W-HnUAeSlNH-VbDXLeecdbY_4xglOA==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1005 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973
content-length
1155
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
via
1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TmF3bPHcFbHQ=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
04a262bb-d8d6-408f-b70e-0364aeca01a2
server
cloudflare
x-amzn-trace-id
Root=1-61710416-6158ec3550f8893207cc76bd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH53MNXfK6kePhARZSNBNiq6IHZNQXFiBcavRu7v4ctHOXpXkOH9VEHUFTDgbbcpSdJVVFXCWr9syqKyC7iUQWR5ATdD6Ed5VtsFu2NFwtOOpLUkSjessvPq2fxG8NCeaTiblk%2FeGg0E"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512bc8914114-PRG
x-amz-cf-id
Lrm6FhEnhf0UnlDLaEuT5zNIk38oOKbRdno8BQ1tLf-o34LjPEZWKA==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973
content-length
1159
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
via
1.1 9c60d6224ac0b44e908b5c9dcf70e9a5.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TlEdhPHcF7Zg=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
26d6da47-dad2-4fd1-aa4d-22001c6a4404
server
cloudflare
x-amzn-trace-id
Root=1-61710416-078a07483c000c3b5053775e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JivRv1p7zh2LSJ80bXx0qPAYCSnORf4gEph7M9gTl4e7yGyICjhTFE5Jjf2lSoBFhp23fIHltE5oMlwM4UkPeJugMkBXDBeq7bmTMztGFk20%2FpUet2N19BgMzXGdrQsoZqAslHxEYuTk"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512bd8944114-PRG
x-amz-cf-id
ChVnWuUOdKwNZ4-70tuHBir-dPJDyoN4-tR_wDREa6mpZHLVeGx5aQ==
expires
Sun, 19 Nov 1978 05:00:00 GMT
pageLoad
win.rewardsadvisor.com/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/ 		321 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/pageLoad
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
8694e84b53940f1b821ad6ab8bf851a0bc3df3365e72e7f11900d86241294319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
:path
/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/pageLoad
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.9
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible
IE=edge
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWntn1gBr9phTtWeR6l2njAY46007zhMYRlxb5FSl3YP6B8aGlMy9oEqNxHMzIhhu7EzuF3f5aj9T9fT%2FJW6CWGTwpjLmJHFW%2Ftm%2BnUhzRthyIUjwb40YSXnxHzGQ6%2B5WplFw7AJVxGH"}],"group":"cf-nel","max_age":604800}
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512bd89d4114-PRG
expires
Sun, 19 Nov 1978 05:00:00 GMT
pro-fa-regular-400-5.10.2.woff2
ka-p.fontawesome.com/releases/v5.15.4/webfonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/webfonts/pro-fa-regular-400-5.10.2.woff2
Requested by
Host: win.rewardsadvisor.com
URL: https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e272d442a9319692de4cc42fa2de41167f7f3731f247aa94399e07230f2ae46f

Request headers

Referer
https://win.rewardsadvisor.com/
Origin
https://win.rewardsadvisor.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:58:37 GMT
server
cloudflare
age
268831
etag
"610ae35d-3f78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6a18512c3ed8f9d6-PRG
content-length
16248
showads.js
ads.anura.io/ 		0
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?256878456261
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=1670155133&source=RobT2Waterfall&campaign=%255Bsid1%255D&callback=anuraCallbackFunction&797757906170
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:15:45 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
server
nginx
age
60821
access-control-allow-methods
GET
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
1y9mj_2r6F_cul5Q6uS0xU-ht6DHLP6RFXQk9dG0IycjUALXipsyYw==
response.json
script.anura.io/ 		121 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=1670155133&source=RobT2Waterfall&campaign=%255Bsid1%255D&callback=anuraCallbackFunction&797757906170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4112855f3e024252c062da4fbfea5deee6f5b1ee6f55e125d6dcdb46c5da455a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.rewardsadvisor.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
forge.min.js
win.rewardsadvisor.com/sites/all/themes/zeeto/libs/vendor/ Frame 6009 		266 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/sites/all/themes/zeeto/libs/vendor/forge.min.js
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/zeetoPixels.js?v=1.0.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4f042f9ea6c72a580e93b7922b1ff89f2c1fca28a5843ab473db79cd74d1a7

Request headers

:path
/sites/all/themes/zeeto/libs/vendor/forge.min.js
pragma
no-cache
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
cloudflare
age
1545
etag
W/"429bd-5c9298160cc40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BxZlrGPU08%2Fm7AFHSHSDSBnuK%2Bby7a1k5mYivWX5XxmBI8Bp9%2B%2BcZYiT14pxDdWHpIaatk7pSSpxUtGP8eeYkOTq8p010C1NHqJ1MEbJpB8syqPVzBH%2FrAiVyhKj2v6UYVRZwSqV0EH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a18512f2cfa4114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
forgeCryptoHelper.js
win.rewardsadvisor.com/sites/all/themes/zeeto/js/libs/settings/ Frame 6009 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/sites/all/themes/zeeto/js/libs/settings/forgeCryptoHelper.js
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/zeetoPixels.js?v=1.0.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
31c2e841b7b12453e6e0cf6782b922da20aacc8a2c587057951ba7ee56c1f201

Request headers

:path
/sites/all/themes/zeeto/js/libs/settings/forgeCryptoHelper.js
pragma
no-cache
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 00:23:05 GMT
server
cloudflare
age
1545
etag
W/"67e-5c9298160cc40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbJjscqLhEG1ALAb3xpDd%2FyFTqaci5MOskKpYiiNpg0uuapTpSxH%2FgTRbZ2ImxlsAexSMrE77RRfFNCM%2F%2Fe0X%2BxnXHRYCpWp29yAhOQ%2B6JAM3jNdWhZJOlSuL%2Bt8%2BVxWQ3KgXDKSdEL4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a18512f2cfc4114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame 6009 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-149256405-1
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/sites/all/themes/zeeto/js/libs/zeetoPixels.js?v=1.0.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1e8d35a1f1fc4add915fce93640d1fb5e448cee81e63fbd33a8dcf21a2fea393
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
36866
x-xss-protection
0
expires
Thu, 21 Oct 2021 06:09:26 GMT
zeeto.unload
win.rewardsadvisor.com/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/ 		321 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/zeeto.unload
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
8694e84b53940f1b821ad6ab8bf851a0bc3df3365e72e7f11900d86241294319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
:path
/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/zeeto.unload
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.9
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible
IE=edge
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwPZ9W7ym2haap7v9FMVwR35tppzn786iyMRsdWVm0KwdZ%2B%2Fc2eyuI1SSjjZ%2FeZDLdVqFICf123CWnkGPDm71uBNhlMrtKh6FtHh2YFmw%2BmfxHJMoeHyV5H5SGobaN3j2ItjdKqFZTFW"}],"group":"cf-nel","max_age":604800}
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512f2cfd4114-PRG
expires
Sun, 19 Nov 1978 05:00:00 GMT
zeeto.preloadConversion
win.rewardsadvisor.com/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/ 		321 B
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/zeeto.preloadConversion
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
8694e84b53940f1b821ad6ab8bf851a0bc3df3365e72e7f11900d86241294319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
:path
/getPixels/5ae204427eae0c0001777cae/RobT2Waterfall/zpub-landing/null/%5Bcid%5D/zeeto.preloadConversion
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.9
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-ua-compatible
IE=edge
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dg2wd%2FsXpXoV4foka0kyTPqy7vCDDU3dMKt%2F2SkqiHDfwodn%2Fej4MCEBf5IxrBC4fbHUNlcuIGSQ4NXhok%2F0qGSsibS2hSoVXBavRkFjkDIQh%2BlD5pS9BrVTBhOFR%2FXXk91lj3faSlm0"}],"group":"cf-nel","max_age":604800}
content-language
en
x-generator
Drupal 8 (https://www.drupal.org)
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512f2d004114-PRG
expires
Sun, 19 Nov 1978 05:00:00 GMT
result.json
script.anura.io/ 		70 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/result.json
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/themes/dms/js/libs/js/anura-script.js?v=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.97.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-97-68.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
79044b36f0b3d8433275bcdd382e6a1f928a76e67ed84c9a20e8d41aec570af4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.rewardsadvisor.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
postVisit
win.rewardsadvisor.com/ 		49 B
1014 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
content-length
1156
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
via
1.1 28a7186077f9b5270d98dd053f31303f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TpHu6PHcFfAw=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
6f5fbe91-be69-4a2b-9fbb-7e7fe308fc32
server
cloudflare
x-amzn-trace-id
Root=1-61710417-29b905836b14620417e1d493
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Qxu%2FpsqFElq0sHv%2B7UI%2FjkSN%2FeFhNcqc7EQMlHL%2Bi5Rpo9Oz%2Ftothbg5LNwf5krPFU0%2B9uAoW61%2Ba66m6yQ2mjGfmL9M5s90ZN2DRqwYfoumpGJG51ghuJoNh7zLhxjHMGsXosDtD63"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512f7d604114-PRG
x-amz-cf-id
VDLQAPJiKLHxNwGZXv7Nt6L9_fmaWndxCQxi4FBgvF2JXnEoBoOpMQ==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1009 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
content-length
1155
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
via
1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TrFe4PHcF3xQ=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
92c871df-aea8-49c5-bdfc-a9d3ee5d5497
server
cloudflare
x-amzn-trace-id
Root=1-61710417-49074d051258b8f42ac64f6b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ix21hISC89e4hglKBzE45V4V%2BxYp6z9qvTmV0SEtH7SGGc3faiTXpkFF37A9UqFpi%2BhDkc13%2BRcxt3hjNl4Ack8XU%2F34tNj1%2B1RpGRZg1LDivaLj53WwYjXogiVROhnxGNorPgT9s16%2F"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512f7d634114-PRG
x-amz-cf-id
pGDbiUDbTBTq3InRwiwT-Q2o2BKEh5tk9M2Wcze7ZyC4GMTmjbBB_Q==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
content-length
1156
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
via
1.1 86b676273517904f44af31586adb06af.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TrHtyPHcFc1g=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
6e67f352-c09d-4de5-bbc0-6d965cd9d894
server
cloudflare
x-amzn-trace-id
Root=1-61710417-155d0dd43e16940f0dafc48c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctpGvBj3aE5eGKS38GSXP4Ft7om7U5uaPGekxKnNxFHRsS7OieNhwBJoYirQGZTwH09evkCPMFs%2FFaC0GA%2FZ%2F02DH%2FP7db3GfQ8Whm6LfCv%2F0N0cus6ZTL0yQRDzCcHlX%2B2rp9Ld%2BNi2"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512f8d674114-PRG
x-amz-cf-id
FI0eBsHLEAzSLl0sHUsOtpkPXqZ6owYrpMqNwR-2ZyccrqRgABodDg==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
content-length
1156
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
via
1.1 4dde8ec6d6c12741888c2d3a059d4a2f.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TrGh0vHcFoVw=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
9a3d53c8-f0dc-423d-8ce6-1848d5f7ab3b
server
cloudflare
x-amzn-trace-id
Root=1-61710417-7105e57f0d3eb20952f45a03
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvJUFTPDDyIa2a6yYDvQUeAXr1MwPTquBpaBbVPiIckOpq0VO82YsbZ19wU1xCLcVWW5HLuylpRCrRMfJhZ2H5o43qDrkIRq74XmUankkjrcxzyuT2jJTx2v%2FutyhZr3jpdQGaCanvGE"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512f8d6b4114-PRG
x-amz-cf-id
Aptlne2IJ2DzyD2tq-HYtzUlmwmB50r19yREwKxHrG3JsbqhTNrFGQ==
expires
Sun, 19 Nov 1978 05:00:00 GMT
postVisit
win.rewardsadvisor.com/ 		49 B
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://win.rewardsadvisor.com/postVisit
Requested by
Host: d3v5pe6rebecos.cloudfront.net
URL: https://d3v5pe6rebecos.cloudfront.net/core/assets/vendor/jquery/jquery.min.js?v=3.4.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.88.158 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.9
Resource Hash
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://win.rewardsadvisor.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
visitorType=unknown; visitId=9540542492-5549636690-6925322497-1634796566349; uuid=bfb0bd9d-791f-4ac3-b605-bbeba6c78068; utm_source=RobT2Waterfall; utm_campaign=%5Bcid%5D; utm_content=tc_amazon_100_7; utm_medium=cpa; utm_term=tc_amazon; zrid=RT; zdc=Desktop; zvr=RT0003; zvv=a; visitCustomAttribute-vid=; visitCustomAttribute-c1=[sid1]; visitCustomAttribute-c2=[sid2]; visitCustomAttribute-c3=[sid3]; visitCustomAttribute-click_id=[clickid]; visitCustomAttribute-pub=1377923721685486973; zpub-landing=true
content-length
1156
:path
/postVisit
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
win.rewardsadvisor.com
referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://win.rewardsadvisor.com/a?vid=&zDc=Desktop&zEx=&zVr=RT0003&c1=%5Bsid1%5D&c2=%5Bsid2%5D&c3=%5Bsid3%5D&click_id=%5Bclickid%5D&pub=1377923721685486973&utm_campaign=%5Bcid%5D&utm_content=tc_amazon_100_7&utm_medium=cpa&utm_source=RobT2Waterfall&utm_term=tc_amazon&zRid=RT
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 21 Oct 2021 06:09:27 GMT
via
1.1 1cc6ed0d2d3dd9529ce544f9dfe61a53.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
HIO50-C1
x-powered-by
PHP/7.2.9
x-cache
Miss from cloudfront
content-type
application/json
content-encoding
gzip
x-amz-apigw-id
Hi2TqEeRvHcF_VQ=
x-ua-compatible
IE=edge
x-generator
Drupal 8 (https://www.drupal.org)
x-amzn-requestid
5d43e675-994b-473a-b6bb-a550d0c8c0f9
server
cloudflare
x-amzn-trace-id
Root=1-61710417-215f5648160d73ed20f26be1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yb1SUJUglO%2Fdsri%2B%2FVfE8LtC1ZJ6GEiSYJyNqhD2CA7TBbCqj7mvE89B0%2Fn5AnQLG%2F7V4NGYOpfTBtMSE2YpXHsvs1V2CCISYbX8yD8Ng%2BsfrB0kwSRFWnVTo22izJTIzX4SGYIReCqt"}],"group":"cf-nel","max_age":604800}
content-language
en
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
vary
cache-control
must-revalidate, no-cache, private
cf-ray
6a18512f8d724114-PRG
x-amz-cf-id
WjMhCfhC_c3rqBamEWxfztGHTpYx7yH1HNgUl66mg2k54HdrRx3nrQ==
expires
Sun, 19 Nov 1978 05:00:00 GMT
analytics.js
www.google-analytics.com/ Frame 6009 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149256405-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://win.rewardsadvisor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
501
date
Thu, 21 Oct 2021 06:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Thu, 21 Oct 2021 08:01:06 GMT
collect
www.google-analytics.com/j/ Frame 6009 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&a=2004330513&t=pageview&_s=1&dl=https%3A%2F%2Fwin.rewardsadvisor.com%2Fa%3Fvid%3D%26zDc%3DDesktop%26zEx%3D%26zVr%3DRT0003%26c1%3D%255Bsid1%255D%26c2%3D%255Bsid2%255D%26c3%3D%255Bsid3%255D%26click_id%3D%255Bclickid%255D%26pub%3D1377923721685486973%26utm_campaign%3D%255Bcid%255D%26utm_content%3Dtc_amazon_100_7%26utm_medium%3Dcpa%26utm_source%3DRobT2Waterfall%26utm_term%3Dtc_amazon%26zRid%3DRT&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUABAAAAAC~&jid=1436767439&gjid=146368085&cid=922716847.1634796567&tid=UA-149256405-1&_gid=1230989841.1634796567&_r=1&gtm=2ouai0&z=543344146
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://win.rewardsadvisor.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 06:09:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://win.rewardsadvisor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 6009 		1 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-149256405-1&cid=922716847.1634796567&jid=1436767439&gjid=146368085&_gid=1230989841.1634796567&_u=YEBAAUAAAAAAAC~&z=1618518138
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://win.rewardsadvisor.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 21 Oct 2021 06:09:27 GMT
content-type
text/plain
access-control-allow-origin
https://win.rewardsadvisor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.traversedlp.com
URL
https://api.traversedlp.com/retargeting/v1/match/enqueue.gif?partnerId=7f2715a7-b8fd-48f4-9443-d095cbdcc02e&redirect=https%3A%2F%2Fapi.traversedlp.com%2Fv1%2F7f2715a7-b8fd-48f4-9443-d095cbdcc02e%2F0.gif%3FemailMd5Lower%3D%26ic%3D8b79bbbb-310f-4415-b5c2-7ebb75796857%26offset%3D1
Domain
partner.mediawallahscript.com
URL
https://partner.mediawallahscript.com/?account_id=1006&partner_id=1028&tag_format=img&tag_action=email&cb=1634796559064

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster string| url string| delay function| GoToURL

4 Cookies

Domain/Path Name / Value
rainbowgrand.com/ Name: clkcheck27150
Value: efe9ea6a6d20ca7371859cac2d8702d8_107546
.traversedlp.com/ Name: v1.cookieId
Value: s%3A8b79bbbb-310f-4415-b5c2-7ebb75796857.CBEmgLGbSyikDySZaMF1Y6cXA8vZpt4Awr3uo7KsGQ4
.traversedlp.com/ Name: v1.syncTimestamp
Value: s%3A1634796558729.sO2YZmzfftZqmn7FoX3BXhbcqaXl2sX3KFOrRe3UWbs
rainbowgrand.com/ Name: clkcheck4740
Value: 222375640e3782ae1f99cff09c101093_107546

6 Console Messages

Source Level URL
Text
deprecation warning URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53(Line 118)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
deprecation warning URL: https://script.anura.io/request.js?instance=56309078&source=107546&campaign=27150&exid=efe9ea6a6d20ca7371859cac2d8702d8&122578344841(Line 14)
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network error URL: https://partner.mediawallahscript.com/?account_id=1006&partner_id=2080&uid=8b79bbbb-310f-4415-b5c2-7ebb75796857&tag_format=img&tag_action=sync&cb=1634796558783
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
deprecation warning URL: http://rainbowgrand.com/aeb3f02f75c0cbef2e5cafd883142d88b/?newcid=4740&sid1=36893_6254509_11&sid2=2440_260801464_0_0_0_4133773_53_1874_102457_6254509_10_815&sid3=53&sid4=&dev_click=(Line 118)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
deprecation warning URL: https://script.anura.io/request.js?instance=56309078&source=107546&campaign=4740&exid=222375640e3782ae1f99cff09c101093&767065258362(Line 14)
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
deprecation warning URL: https://script.anura.io/request.js?instance=1670155133&source=RobT2Waterfall&campaign=%255Bsid1%255D&callback=anuraCallbackFunction&797757906170(Line 14)
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
api.traversedlp.com
cdn.jsdelivr.net
cdn.polyfill.io
cdnjs.cloudflare.com
d3v5pe6rebecos.cloudfront.net
draftspout.com
fonts.googleapis.com
fonts.gstatic.com
go.nanzerkalo.com
go.rewardsadvisor.com
jbhksbzqxp.blob.core.windows.net
ka-p.fontawesome.com
kit.fontawesome.com
offer-notavailable.com
partner.mediawallahscript.com
rainbowgrand.com
rapid-cdn.com
script.anura.io
signals.aimtell.com
static.traversedlp.com
stats.g.doubleclick.net
win.rewardsadvisor.com
www.google-analytics.com
www.googletagmanager.com
api.traversedlp.com
partner.mediawallahscript.com
104.16.18.94
104.16.88.20
104.18.23.52
104.18.31.151
104.21.57.170
104.21.74.134
104.21.88.158
138.128.7.214
142.250.184.200
142.250.184.234
142.250.186.142
143.204.101.100
143.204.98.82
143.204.98.87
151.101.129.26
172.217.23.99
172.67.185.201
18.133.97.68
20.150.39.132
216.189.51.90
34.202.70.163
46.166.128.248
52.30.233.225
66.102.1.154
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a5f4bf572de3c765c82952713d3deffc290c93a42f3740ea90ef40462b810eb
0ac01ab832b811cdc2dfddaf28ba2f1ee3ef3bb6486cbaeb424226fde71ee625
0b61e01fa0fa02eba3c6a074427ddf2a6cf98c01727b2796309b2b5b005fac70
0be3e233056517843182733fd7368fa997e64034895fc54ae7a61de4adf559ae
0e3bb71c511321095637207a1ee57300a329689589464ee1b6b86f7b3d8e35d2
132298c08776faea963092e83b7c30712bde095c62530bd3a613322987c4663e
144c2b996574a2f16003848858de86dc5ad3486fb4fe14a5d5a79d134086e763
1b029e55af64ea7794d55a09a0c338f8770eaa7f79eac99e7a5b3e3fdc9a0dc8
1e5a050bb207145e56a6fb9dcbd1b41555682ed7b49ce25ad1b550c7de56446f
1e8d35a1f1fc4add915fce93640d1fb5e448cee81e63fbd33a8dcf21a2fea393
2298e6d2bafbe82af2f8c1a4f963d9df7f04ecd5092a08bb06011f01ea9655c1
26794b63ef60165efac168a405beaa84fb82359806863207804931c2674842c0
295205cc690e2ac0acd479c2ab41d52beebc28b64f7264dd7f3ee72d5251fa25
299064cf3027c5efab4ab6df345de1302dfa562db83eca51965371938480f56c
31c2e841b7b12453e6e0cf6782b922da20aacc8a2c587057951ba7ee56c1f201
31fb58210ab319112d84d3a18c02cc805bdafd77ae33ec73c60a4f4f71be6a9b
34169af71b02b45feb08dbe27772638c0b3bed26fe26d9f015b019be64e4389b
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
3b49b444dcffd5cf7e9748e901707035311a3f97b1aa0768200c915ed8a8304a
3df1425dd2f62d5691f438779fe77fb918f267fa1c0f514de90a910a8b421031
3f1df4b382237885cc16254b51e81bad62760b0e37061f3fad146ca9d4df193e
40c5c89a67536b078e7dda8fef9e0a92acac31d06edc9bdeacdce163490bb058
4112855f3e024252c062da4fbfea5deee6f5b1ee6f55e125d6dcdb46c5da455a
41683e0bdfed00e74de14d86441e289271ca70b2a94c721653b9a49dc32fb24e
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
4a35c9d8baefa61e977a6d3a04afd2f0f076d19db21e9014559751fa05e62ae9
4a4fa2a793d87c88f1509f370dbc40b6deec2188b6a918f92365f873b7bc566d
4a7faa6dfcd1854a535efc4d1c1969ef3478f9a0e67bf974a5a78ef7e8ba7b9b
4b4f042f9ea6c72a580e93b7922b1ff89f2c1fca28a5843ab473db79cd74d1a7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
520fe0b366f799be0adf3e1a990c12fb1809893c403eb56a4394f18f400f758d
5251ec9a6d7f9cc54b205363d70eb38bf67517f8e02b3ae04e85c9cf5f908228
59131f4a37c0393c46ee7b1fa51473071aaf4596883577e91f29785beb0eef7e
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
5afdfcbd229f595910d86b8e6ec9b3ab58b067667288e50c61f573ceba6bbd53
5da6ba1ae0ed7f029fe55376c38828291658d40d2e900880f26fbd55b6fcbced
5f8f69ec521f7998af455985a8ede6d8dcf3527b43795fe3d26f1f1b57a5a554
617d2ec57923ff99c00670af068767841596a61297e741e97343d8fb6b4dfbbd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7018999dad84ce5d605ee1a973b84bd29497034513451f7a1063c25986da7785
74f16a4531ed9e75c88ee49f27756839bba883a2d84e481ea3f43a90a33ca5eb
784a11e7d91a92fe841f5f2fa9496345b18dca1ebad48111a08c7cf03a06a58c
79044b36f0b3d8433275bcdd382e6a1f928a76e67ed84c9a20e8d41aec570af4
7c1c1f257c85ac535047e2e4d2da4eb29b214ec356cfbe91b9d04f2dd49d3ece
7d0a16d51847f87844abfee3932fca527ba87b13e6c629e040a6faf56bbe418d
7dba8f52818ae72e3b7cadd92c26250056cbcc1f3224b59c9b7716994bcecc4d
8612fc89c375ef78aa0b3aeda0dd9498b6b9850ffbf4efa0fc9cdf94f2e1f038
8694e84b53940f1b821ad6ab8bf851a0bc3df3365e72e7f11900d86241294319
89153a27348cde59ecfab4daf75760ac920ab699c2f86baa50a4226decc841cc
8bfccd32d42fb4272ed5783d90b22d98a05e3f0241ce131d65fbca5c069d5028
8e8bcf7862a70d0443fa415d55210037b1f5e1fa349e28941707449bf46fa9a7
9142ceac94249f25f1dd63f18e9b6be27cfe25db2008d4fabe7cb27c2fe32c03
92931ceb6a0ad1c9b3e8fc6f335b9dfd6f0c7c8ee36f089bb10241c142a78faa
97fe5992208187911c3daff7fe8556ee254ca0a340ab9af0e3ba04ce7e40e2e3
98db81eb77049d1aa713fc2c5558300a28d7cb7e07e12b5a5bb90eac13e89d21
990fda61c1303a87f6317b47fef824552d611209f0537bd4faaa9648d3de1363
9bea0f4182391e14d8d879fc549035c3e4bf70cda3fc806d9c9f93e1b0e46d07
a0645960ade152760a6cefc0b03736a9565c09a46c94b2dd39e54da585bde30d
a1b6400a21ddee090e93d8882ffa629963132785bfa41b0abbea199d278121e9
a5803ddaa8803d2ebad80b4242dea531e65882423af375267e474ffb8048ca60
a68e937492d709d6352c0e27fed8ea3cf15ea786f6cc9bed1b79492a0c363d18
a8a00b576cc9fad532a52ecdf8024724ddaa83cb0f5ca5d1b1d6eb8841103d60
b04591e6cbe28de034cf8774eb7a763ae0f87e220c7a248977ce3ec7fb6db92a
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
c2529163c61006009fa7188d9593ac6f89fca1ca723628479b53c2c5a27bd9a4
c311fb9284e9f5b1b6675d300b86264305c08526350fd0b9b08a035f73ad3987
c799ec87fb8a6e52bd93a883abdc71eef0dec77d2365ce4c2f46178a3e0909fd
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb00f2c965256d4ca2a749551d02a5fe6ed56d7eba6b6517c876e50ab2f4a800
cdd7d54cbe9cc22f3cd30caa456a0f75496416ac3efed6540c992ef1ad97a678
cfa50d69b8deb0fa875b7d9b8a414cb2b05582626251756437c6d368ff2babf0
d106f9ce97021e6ce9a05e593a70ec7e4956667eab83726c9eb1b473b709fb8e
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d2045d0866bddf138e48d90562aa48f8ca39534341007ece86ad364f452ba811
d3c41035f5b7b649359487e72a945de6780f06a47fada2f433fbe77167db694b
d4e006425282efc92a03f2bf292b71885fcad8f387fcfaa6c2224db17266b4d9
d62fa864f3979680b3209803f094b1ff7031dd10cd0c6d0b05e2f83a33a2ff91
d801cd424daf1a5adf9ca2444ac7581c51c4545f63c8976d35fa2b63878ea46a
da6360a75aac69be7076b4a5a4a2d0bfbd3bc4a674bba2e7a9cb698035719159
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
dc74c8a1f98029e168d36c3a23999336647dfd563faf33f0c02f6a42a3e17850
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e272d442a9319692de4cc42fa2de41167f7f3731f247aa94399e07230f2ae46f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa36f72eb72b3aff2db9f718a8dd759386c865beb007d21521c120d4a1c1864
eaeee758bd049abda8af9085f1873990ad6088759defed206e2643a372ffeebb
ec39a145f7f8a61bd27f8002f66be3cf97d2796c89f2b2cc6526ea2119afadda
ef666e476c0c44bed4d0b0cad90a114bd1e8482eb27817672f2bc1d57eb112a7
efb1c66161b290de18a4304929273dc5e0b01d197b4ca83cfbc4d2983de5cebe
f1eea94c1d7f9c6747515e1d7af60618498e8197905f290bc3851da41fbd5588
f31746cbb75773acc9358471805e24d2f80184a9686f2e4dfbf57530c3a583c0
f7a4195d88af2494fa1e8b5ae1dccf7463bb568ba038265d34ca767355b425e8
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fdaae265db2f1e297b09ec13be927172715552763ae2d6bc04697808db03b907
fefe7a41ce6890f74467722ed8ec72b16e92471931c65bfe06169fa3001d5f63
ff5fab5e568a75827d7d71d0b6ea84654f33c9648b65ba444b461cecdbd30e6e
ffb28ecaf2e96a3ab6cddf1b39973b1eef26de9cc5f2769d65e1ad27dbd83379