www.mrrebates.com Open in urlscan Pro
64.106.178.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://travis.com/
Effective URL:
https://www.mrrebates.com/Default.asp
Submission: On July 02 via api (July 2nd 2023, 11:50:04 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 57 HTTP transactions. The main IP is 64.106.178.205, located in United States and belongs to DATAPIPE, US. The main domain is www.mrrebates.com. The Cisco Umbrella rank of the primary domain is 627396.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 27th 2022. Valid for: a year.

This is the only time www.mrrebates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	69.163.153.22 69.163.153.22	26347 (DREAMHOST-AS) (DREAMHOST-AS)
3 22	64.106.178.205 64.106.178.205	14492 (DATAPIPE) (DATAPIPE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
11	54.231.201.160 54.231.201.160	16509 (AMAZON-02) (AMAZON-02)
18	52.216.210.192 52.216.210.192	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	185.14.184.154 185.14.184.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
57	9

2 69.163.153.22 (Brea, United States) 2 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-igloo.chehalem.dreamhost.com

travis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.travis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 64.106.178.205 (United States) 3 redirects

ASN14492 (DATAPIPE, US)

www.mrrebates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.231.201.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.216.210.192 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.14.184.154 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

eu.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	amazonaws.com s3.amazonaws.com s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 3841	302 KB
22	mrrebates.com 3 redirects www.mrrebates.com — Cisco Umbrella Rank: 627396	221 KB
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 ajax.googleapis.com — Cisco Umbrella Rank: 433	35 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 483	17 KB
2	travis.com 2 redirects travis.com www.travis.com	211 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	338 B
1	cookie-script.com eu.cookie-script.com — Cisco Umbrella Rank: 132677	4 KB
57	8

	Domain	Requested by
22	www.mrrebates.com	3 redirects www.mrrebates.com
18	s3.us-east-1.amazonaws.com	www.mrrebates.com
11	s3.amazonaws.com	www.mrrebates.com
3	fonts.gstatic.com	fonts.googleapis.com
2	ssl.google-analytics.com	1 redirects www.mrrebates.com
2	fonts.googleapis.com	www.mrrebates.com
1	stats.g.doubleclick.net	www.mrrebates.com
1	eu.cookie-script.com	www.mrrebates.com
1	ajax.googleapis.com	www.mrrebates.com
1	www.travis.com	1 redirects
1	travis.com	1 redirects
57	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
cookie-script.com

Subject Issuer	Validity	Valid
mrrebates.com Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-18` - `2023-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.mrrebates.com/Default.asp
Frame ID: EDAD6AABFE745A6BEE9204CB8B136D31
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr. Rebates - Cash Back Shopping at 3000+ Stores

Page URL History Show full URLs

https://travis.com/ HTTP 301
https://www.travis.com/ HTTP 302
http://www.mrrebates.com/?refid=444459 HTTP 302
https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
http://www.mrrebates.com/ HTTP 302
https://www.mrrebates.com/Default.asp Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

9
IPs

4
Countries

647 kB
Transfer

1139 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mrrebates
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/MrRebates
Title: Twitter

Search URL Search Domain Scan URL

URL: https://cookie-script.com/
Title: Free cookie consent by cookie-script.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://travis.com/ HTTP 301
https://www.travis.com/ HTTP 302
http://www.mrrebates.com/?refid=444459 HTTP 302
https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
http://www.mrrebates.com/ HTTP 302
https://www.mrrebates.com/Default.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=986432134&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr.%20Rebates%20-%20Cash%20Back%20Shopping%20at%203000%2B%20Stores&utmhid=950920257&utmr=-&utmp=%2FDefault.asp&utmht=1688341799772&utmac=UA-2785414-1&utmcc=__utma%3D144528489.282831061.1688341800.1688341800.1688341800.1%3B%2B__utmz%3D144528489.1688341800.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1092870343&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=282831061.1688341800&jid=1092870343&_v=5.7.2&z=986432134

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Default.asp Show response
www.mrrebates.com/
Redirect Chain

https://travis.com/
https://www.travis.com/
http://www.mrrebates.com/?refid=444459
https://www.mrrebates.com/Default.asp?refid=444459
http://www.mrrebates.com/
https://www.mrrebates.com/Default.asp

31 KB
8 KB

147ms
147ms

Document
text/html

64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

fbc29b3f6f025a4f0515e6af5bd506a8e66cb3da22bad71bece8c15637cdf6ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 7505
Content-Type: text/html
Date: Sun, 02 Jul 2023 23:49:57 GMT
Server: Microsoft-IIS/7.0
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 158
Content-Type: text/html
Date: Sun, 02 Jul 2023 23:49:57 GMT
Location: https://www.mrrebates.com/Default.asp
Server: Microsoft-IIS/7.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

GET
H/1.1 200
OK autocomplete.css
www.mrrebates.com/css/ 2 KB
857 B 110ms
109ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/autocomplete.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:29 GMT
Server: Microsoft-IIS/7.0
ETag: "80b2c4daa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 536

GET
H/1.1 200
OK foundation.css
www.mrrebates.com/css/ 78 KB
14 KB 219ms
107ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:38 GMT
Server: Microsoft-IIS/7.0
ETag: "0fd2113aa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 13904

GET
H/1.1 200
OK foundation-icons.css
www.mrrebates.com/css/ 20 KB
4 KB 432ms
220ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation-icons.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:04:59 GMT
Server: Microsoft-IIS/7.0
ETag: "80fe3fba944d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3641

GET
H/1.1 200
OK app_04_02_23.css
www.mrrebates.com/css/ 30 KB
5 KB 426ms
211ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/app_04_02_23.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

09fc5372a0dcaa9d0d62457c4f725e2a820d89a0aae0e6d7ed8d3e28ee86098a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 03:50:31 GMT
Server: Microsoft-IIS/7.0
ETag: "801daf6fdf65d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4807

GET
H/1.1 200
OK motion-ui.css
www.mrrebates.com/css/ 19 KB
2 KB 327ms
108ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/motion-ui.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:26 GMT
Server: Microsoft-IIS/7.0
ETag: "0effabaa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1581

GET
H/1.1 200
OK balloon.css
www.mrrebates.com/css/ 8 KB
1 KB 334ms
113ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/balloon.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Nov 2019 19:59:31 GMT
Server: Microsoft-IIS/7.0
ETag: "8053cbd9caa3d51:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1140

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 161ms
28ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8387be45312794b59f9248e0431a2005972ef84b520fd41a892146b267314a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 23:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 23:49:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 23:49:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
564 B 169ms
37ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Baloo+Paaji

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a146af07daafb63859b01378d9924e59b95f73d6d1cb4e503b9f9d37ca56be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 23:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 23:49:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 23:49:58 GMT

GET
H/1.1 200
OK common_functions.js Show response
www.mrrebates.com/includes/ 3 KB
1 KB 332ms
112ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/includes/common_functions.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Oct 2018 20:08:29 GMT
Server: Microsoft-IIS/7.0
ETag: "eed23a538c70d41:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 984

GET
H/1.1 200
OK mr_4th_of_july.png
s3.amazonaws.com/mr.basics/ 5 KB
5 KB 344ms
122ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/mr_4th_of_july.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4a8daf94251d8c27ce0a8ea5b26e6a8054ee33f5c547a2ccb08f240d3453f16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Fri, 03 Jul 2020 01:32:32 GMT
Server: AmazonS3
x-amz-request-id: AWNWSAF3PVKRH992
ETag: "5f614776be616d58aec4f70308e84d3d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4991
x-amz-id-2: oYfQqd1rto0OiEBicqNsBmvs0heRaQU2+z2wBMXhaW1WbcycBfait5SDL/nRF0v0mUEMB2DdHp0=
x-amz-meta-s3b-last-modified: 20180704T032300Z

GET
H/1.1 200
OK walmart_120_60.png
s3.amazonaws.com/mr.logos.2/ 4 KB
4 KB 350ms
129ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/walmart_120_60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 01 Feb 2021 05:50:33 GMT
Server: AmazonS3
x-amz-request-id: AWNQYSBDHZ60X91P
ETag: "bc2a78fb6eb378037206d501d7f82048"
x-amz-meta-sha256: 0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3921
x-amz-id-2: hnKQQ0MmjaO6nXEB4fay3Q1YlmQbqy3QlaBsgplL9J4PzBsgb/n/7rHHq9E8y42ysuOI0lMjdKI=
x-amz-meta-s3b-last-modified: 20210201T055027Z

GET
H/1.1 200
OK macys_120_60.png
s3.amazonaws.com/mr.logos.2/ 3 KB
3 KB 383ms
162ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/macys_120_60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 02 Dec 2019 01:36:39 GMT
Server: AmazonS3
x-amz-request-id: AWNZRYMWFDKYM7Y1
ETag: "ac947845bd19df687f4a3a22272cbb37"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2932
x-amz-id-2: tEZpl4m+AA1a9nvqa/1g4vvPH8PaHBGQ3fgxIhFpkUJ6zNHkTbJoDlxnTQ2tAo8OpEWT1uqrrsU=
x-amz-meta-s3b-last-modified: 20191202T013542Z

GET
H/1.1 200
OK ebay.gif
s3.amazonaws.com/mr.logos.2/ 5 KB
5 KB 345ms
123ms Image
image/gif 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/ebay.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 07 Oct 2019 23:32:56 GMT
Server: AmazonS3
x-amz-request-id: AWNNJMDJTCJPCR6M
ETag: "9b744c7988833ef3f9a1f06d391402f1"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 5165
x-amz-id-2: qmZdnX/BwwUogcwy/V7XpyjNtJ1DdjwIELgGaD28149uofuPV6cJM0VijU5+WetbU3sii4S1n4c=
x-amz-meta-s3b-last-modified: 20161031T161200Z

GET
H/1.1 200
OK beauty-week-2022-650.png
s3.amazonaws.com/mr.weekly.promos/2022/beauty/ 33 KB
33 KB 344ms
123ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.weekly.promos/2022/beauty/beauty-week-2022-650.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: afb53066676a49ba42207bf3620b7fd7677fcb3906479c7fec57f5a8587c47d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 27 Jun 2022 02:55:41 GMT
Server: AmazonS3
x-amz-request-id: AWNYJVAN137CFZEM
ETag: "5716ff614f639764df9ce4c7387ba4b5"
x-amz-meta-sha256: afb53066676a49ba42207bf3620b7fd7677fcb3906479c7fec57f5a8587c47d8
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 33449
x-amz-id-2: obOqDbDfEqqhaQ3ZGc1xb/iQLSPrVMQQFzbgp7784mF1Qoft76JTU/sfmOG0EO5uv/Cw9U9ZiRc=
x-amz-meta-s3b-last-modified: 20220624T105823Z

GET
H/1.1 200
OK beauty-week-2022-352.png
s3.amazonaws.com/mr.weekly.promos/2022/beauty/ 24 KB
24 KB 345ms
124ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.weekly.promos/2022/beauty/beauty-week-2022-352.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 57bfb13daa0b483812188d78e1b17cf9e0f5b2d2660d767ad22c8d6020b7f8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 27 Jun 2022 02:55:41 GMT
Server: AmazonS3
x-amz-request-id: AWNWD88QP07S7MCN
ETag: "61a13ee31beaf30474aa893e9fb425af"
x-amz-meta-sha256: 57bfb13daa0b483812188d78e1b17cf9e0f5b2d2660d767ad22c8d6020b7f8c3
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 24554
x-amz-id-2: E3dUsoIRdNyUG2+L5teGt+a+kWJ5TNaw9iqi2DWyW8eMmw4yG6DFdBEggU75tktuStw7jCtS9EA=
x-amz-meta-s3b-last-modified: 20220624T105823Z

GET
H/1.1 200
OK beauty-week-2022-310.png
s3.amazonaws.com/mr.weekly.promos/2022/beauty/ 23 KB
24 KB 118ms
118ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.weekly.promos/2022/beauty/beauty-week-2022-310.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 482eeb17ad17b7616da9fe06e78c4e378ffc827cf87d2a4e460f7c325a12b278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 27 Jun 2022 02:55:40 GMT
Server: AmazonS3
x-amz-request-id: AWNTGDTQZW14YPDH
ETag: "9333135ebfd39a3ff08db4a10bf4dedf"
x-amz-meta-sha256: 482eeb17ad17b7616da9fe06e78c4e378ffc827cf87d2a4e460f7c325a12b278
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23796
x-amz-id-2: bA2ECXz7FdOano3FU/eXP5UN2bH2sdk91rZNlo5ZQ+1C/Nh6J3AANXQzenN2ezb7yc7hiHwWSsk=
x-amz-meta-s3b-last-modified: 20220624T105823Z

GET
H/1.1 200
OK under_armour_07012023.jpg
s3.us-east-1.amazonaws.com/mr.hero/ 98 KB
99 KB 350ms
120ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.hero/under_armour_07012023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3cfbac8ebad47fb591892b47a88f4973377f4348056912ae4bd3c39e233b35f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Tue, 20 Jun 2023 16:37:55 GMT
Server: AmazonS3
x-amz-request-id: AWNY4PK5BKF2YG03
ETag: "0086f826fc6d41173490a11a9a85f9c1"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 3cfbac8ebad47fb591892b47a88f4973377f4348056912ae4bd3c39e233b35f3
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 100535
x-amz-id-2: lBtU5zdgc75iMxrcKgeu6MIS3Zt6ZoprKwVhv7Cv5Y950yoCLZaa47osBV2ZRH5376lFbyNKwns=
x-amz-meta-s3b-last-modified: 20230620T163647Z

GET
H/1.1 200
OK skin_store_120x60.jpg
s3.amazonaws.com/mr.logos.2/ 4 KB
5 KB 122ms
122ms Image
image/jpeg 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/skin_store_120x60.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25148c18c1a2a320a236a1d783b29201cbd4bb9bfdf4431473cfd9ca82045899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Thu, 05 Nov 2020 21:14:44 GMT
Server: AmazonS3
x-amz-request-id: AWNPNG1ANC712WQR
ETag: "85f3de12a1fd364366364db388bf5c1f"
x-amz-meta-sha256: 25148c18c1a2a320a236a1d783b29201cbd4bb9bfdf4431473cfd9ca82045899
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4483
x-amz-id-2: htYO65iwkplmNDlekcx8ih4ir6CNai9cqw5Krp4nDzVKfwWAGY1WRhn6yEudisvdviRh6+NHibY=
x-amz-meta-s3b-last-modified: 20201105T211200Z

GET
H/1.1 200
OK the_body_shop.png
s3.amazonaws.com/mr.logos.2/ 3 KB
3 KB 120ms
119ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/the_body_shop.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 03f024adb237a6c3a421eb123e3731c526f663f1c767e1479508faca1030d32c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 08 Mar 2021 19:06:48 GMT
Server: AmazonS3
x-amz-request-id: AWNTBMN9W4QRM3SP
ETag: "9c525edd073d08d599822207d4100849"
x-amz-meta-sha256: 03f024adb237a6c3a421eb123e3731c526f663f1c767e1479508faca1030d32c
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2708
x-amz-id-2: X6j4onJVMYoaDwLCoZi7iK3yX9Zfth7r1LecqnOUFW9VPOgo2D5huZdvvPBnuJgo2wg3LE+luQs=
x-amz-meta-s3b-last-modified: 20210308T190300Z

GET
H/1.1 200
OK the_north_face_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 4 KB
4 KB 351ms
122ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/the_north_face_logo.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e1c36871d227fc4adb87d3ab37f141349a0479765646719e0d875ccb195aeb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:21:01 GMT
Server: AmazonS3
x-amz-request-id: AWNM8GY8GCACVAEP
ETag: "c1372e17fbd16ec010d86700391aacd0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4142
x-amz-id-2: eTg/SUAeSd0dTKuicJ0sU5mzv21BOMqKPENK8L/5X2GJAbsb24Q3S4TzYFuCk1zeiqO0/zS3JJc=
x-amz-meta-s3b-last-modified: 20190621T223200Z

GET
H/1.1 200
OK under_armour_logo_2017.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
3 KB 294ms
115ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/under_armour_logo_2017.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bc9e8ad84b1ccdbf268a2a51c7b348e70f541be98a06d30decf66681fd81edb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:21:04 GMT
Server: AmazonS3
x-amz-request-id: AWNV62P61SYQVKHQ
ETag: "283240792483e63177ee56a04da271c8"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3063
x-amz-id-2: IqyY2jIunUraj+f+4VoPWPFOV+xhuKSc5Htfus1CFgBDPS7I/Cg/Vpa5JeOWyqLBlHtjB4n0qH4=
x-amz-meta-s3b-last-modified: 20181127T202800Z

GET
H/1.1 200
OK bloomingdales_logo.gif
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 2 KB
3 KB 316ms
115ms Image
image/gif 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/bloomingdales_logo.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94659a108f2d170dabfd1c524d56bbfa6d7a74323141943f6e8a27d43df332fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:17 GMT
Server: AmazonS3
x-amz-request-id: AWNW0GJTAR6MS65A
ETag: "4641efcc1b09083370d372f0c250f984"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 2256
x-amz-id-2: /k42Hb/LEnDUY/NZLXrGT+QPPnDMjAiKNECpR22MdVC5CoJJwK7tDXyudC1QtDlpjwlColKIeG4=
x-amz-meta-s3b-last-modified: 20190405T224500Z

GET
H/1.1 200
OK home_depot_06222023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 6 KB
7 KB 116ms
116ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/home_depot_06222023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ca21700a81e0eb29f37ae719b2a43188592d3dcca9338e82a5b13689a4e6c991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 14 Jun 2023 16:23:29 GMT
Server: AmazonS3
x-amz-request-id: AWNR3EBZZSARH6RA
ETag: "732d25456f96c37ae0bb675ee88cf444"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: ca21700a81e0eb29f37ae719b2a43188592d3dcca9338e82a5b13689a4e6c991
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6448
x-amz-id-2: K9veOLwxANqhBRtDjLU+NoX4rx0FP3kA0WVn8P4Hzn14zv7niiosvzp7Mel/TDwlz7fFhBhjvGg=
x-amz-meta-s3b-last-modified: 20230614T162245Z

GET
H/1.1 200
OK belk_logo_2019.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 2 KB
3 KB 147ms
146ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/belk_logo_2019.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4baa39b03dad19b6f05a9cb939794cd191cf2462b19a287a7b91c70628cf1e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Fri, 22 Nov 2019 22:50:27 GMT
Server: AmazonS3
x-amz-request-id: AWNQ66NQ1HVJQYZP
ETag: "04c72d7d5d4c124b31de96ae9dcf6386"
x-amz-meta-sha256: 4baa39b03dad19b6f05a9cb939794cd191cf2462b19a287a7b91c70628cf1e3c
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2184
x-amz-id-2: 7RGl2zC2t12g1gVKwl0WXqA2SlQ6MdSrqT+KQKWTJA+QcEzZTBZdV3MERxMMa8v85MJplyMJtYE=
x-amz-meta-s3b-last-modified: 20191122T224800Z

GET
H/1.1 200
OK macys_logo_2019.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 10 KB
10 KB 121ms
120ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/macys_logo_2019.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 539f7785660d9419ffc3a0956eebc8eae001b4658896736a84d61030844db2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:43 GMT
Server: AmazonS3
x-amz-request-id: AWNHK9JE0X57KMW8
ETag: "310004b54a80026b3c4193853628be3a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9954
x-amz-id-2: /zgSla8FGAaA7e3hq9oqM5JxPIlfMYlKIHpYQ0b6zfITJxeaddr7abZaSs33acKSA1szO0jrAp4=
x-amz-meta-s3b-last-modified: 20190829T193100Z

GET
H/1.1 200
OK vitamin_world_logo_2023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
3 KB 127ms
115ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/vitamin_world_logo_2023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f9b501f500d4eff727517ac4e624e31b6e6f9c1b22ab2ce26e35b306da35c84b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Fri, 23 Jun 2023 20:10:36 GMT
Server: AmazonS3
x-amz-request-id: AWNW4A8755PR34Y5
ETag: "4331c0db5717ed2663a8b03e08849987"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: f9b501f500d4eff727517ac4e624e31b6e6f9c1b22ab2ce26e35b306da35c84b
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2864
x-amz-id-2: u5aeGA1Sehj7og5VtQUa9MVPf6rSQBorXPpGN0lcetjBWgF+k2VhbKmMUBnuctMN6VWIjhJEq38=
x-amz-meta-s3b-last-modified: 20230623T201014Z

GET
H/1.1 200
OK perricone_logo.gif
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
3 KB 172ms
117ms Image
image/gif 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/perricone_logo.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 06 Nov 2019 20:42:47 GMT
Server: AmazonS3
x-amz-request-id: AWNZB53RQVTT69A7
ETag: "135b9afa93ecc58a4bdabf8a918a2f98"
x-amz-meta-sha256: 3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 2836
x-amz-id-2: eUN62i/IcOqyfx0v+v2Q6ZwJXhW4KW2wq3BR2ukf6BJs+Hkr7oKQ4xTXPzzELXS5MZkK7p+jyK0=
x-amz-meta-s3b-last-modified: 20170120T202800Z

GET
H/1.1 200
OK ihg_logo_2021.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
4 KB 120ms
120ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/ihg_logo_2021.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Fri, 30 Apr 2021 19:24:47 GMT
Server: AmazonS3
x-amz-request-id: AWNZWH3XTHBDFE2D
ETag: "d16595a6fb197d881aacffded688e43f"
x-amz-meta-sha256: ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3336
x-amz-id-2: Wh59d1Hhr9/GQxS8+sc8vwK/xV4584mAh7nzBuNd1Vqi89uvF5Zs0tWNCzWB8q6mnNdItWHO6i0=
x-amz-meta-s3b-last-modified: 20210430T192439Z

GET
H/1.1 200
OK space_nk_logo.png
s3.us-east-1.amazonaws.com/mr.newsletter/ 6 KB
7 KB 117ms
116ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.newsletter/space_nk_logo.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 603a60e3f4ff3bbb95297d0d73c5fb9da134b68284331a2e4cd51138e4eb123c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 08 May 2023 16:34:28 GMT
Server: AmazonS3
x-amz-request-id: AWNYX1ZQWGJA4J54
ETag: "db663a34d771b770219d391f07ca92b9"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 603a60e3f4ff3bbb95297d0d73c5fb9da134b68284331a2e4cd51138e4eb123c
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6198
x-amz-id-2: jakO3KhxTExqplZgRaRKeD4uLqh7lEKTCE4ZcjP2jYBTY+/3EHeBn65AbJ6tsQsPW1w7dkCv0Mo=
x-amz-meta-s3b-last-modified: 20230508T163418Z

GET
H/1.1 200
OK gopuff_logo.png
s3.us-east-1.amazonaws.com/mr.newsletter/ 7 KB
8 KB 117ms
116ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.newsletter/gopuff_logo.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2bdee1fdf2a6455442114f2179e783a9d070a8b9d578e017b2dff1a7c361d98b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 29 Aug 2022 20:35:45 GMT
Server: AmazonS3
x-amz-request-id: AWNRCDYY4R913DD0
ETag: "92ea0c132e948e81c53302cbcb07baac"
x-amz-meta-sha256: 2bdee1fdf2a6455442114f2179e783a9d070a8b9d578e017b2dff1a7c361d98b
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7251
x-amz-id-2: XIpH9awoOArlWwMXmCEskVPDR/b62VLN4O7O7ozPVJGNfIsMQHEmkMnL3LzPcNpObQAtKlawUIc=
x-amz-meta-s3b-last-modified: 20220829T203500Z

GET
H/1.1 200
OK levis_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 26 KB
27 KB 136ms
117ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/levis_logo.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f507fd5767c7df5ecf7a68c8572a985de5f809a433628b50d703ce52d0cc4fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:42 GMT
Server: AmazonS3
x-amz-request-id: AWNGKVR0X4DNG7A8
ETag: "20534f424baa87c0470611a79d243962"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 26807
x-amz-id-2: Vhk3lSgUi6pJEmzUbRdGq16RWhpc7lx5+38IY+Hzrpn6LczbAqCYikXRESJFDgPOOoC940LAUP8=
x-amz-meta-s3b-last-modified: 20181229T002100Z

GET
H/1.1 200
OK iron_flask_88x31.png
s3.amazonaws.com/mr.logos.1/ 2 KB
2 KB 127ms
126ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.1/iron_flask_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e55fca5b87deaeb843e54119a42f9ad334217f3a3c4d358d26fa58e534bd114d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 07 Oct 2020 19:39:18 GMT
Server: AmazonS3
x-amz-request-id: AWNNPBWG7T3EQHBB
ETag: "843272267828bc2b51b395f19daa6335"
x-amz-meta-sha256: e55fca5b87deaeb843e54119a42f9ad334217f3a3c4d358d26fa58e534bd114d
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1585
x-amz-id-2: 3ECFB51bWHn7n9RyiCt/NeCp+hdYsZJiUpOa73eqQWYDEymIVkdXIXEF6+PDR/KfkRX/bjxN+II=
x-amz-meta-s3b-last-modified: 20201007T193839Z

GET
H/1.1 200
OK ez_contacts_88x31.jpg
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
2 KB 116ms
116ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/ez_contacts_88x31.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13fa4260b29d13781d9b6559ed087e5a820b77627e51160556b8ee861e989997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 28 Jun 2023 19:59:20 GMT
Server: AmazonS3
x-amz-request-id: AWNT9Q761NA9Y2MJ
ETag: "4f81f276166b9b039c3eab31a8c7c0ae"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 13fa4260b29d13781d9b6559ed087e5a820b77627e51160556b8ee861e989997
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1770
x-amz-id-2: 0KKCjYzy2Gfnnc+gmGNgA0l4JuIwk+FrlRGAJwf6Lik4psG16b4r5U+2UojwoHx7wqp+7DMPUFA=
x-amz-meta-s3b-last-modified: 20230628T195832Z

GET
H/1.1 200
OK finn_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 1 KB
2 KB 120ms
120ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/finn_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 405497f1c151b84592651b8420e6b4a13fec08b14bb47eb8510361bb923c0b47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:11:19 GMT
Server: AmazonS3
x-amz-request-id: AWNGK2RR6KDJ1DX2
ETag: "0058dc42d8b0d65daa0d4befa347f696"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 405497f1c151b84592651b8420e6b4a13fec08b14bb47eb8510361bb923c0b47
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1123
x-amz-id-2: 38Ddp+SEG7OzErUHDWtB4bhDyX11JASkBvpDE/3CMkUSjHhcDnRYW7EzzSe8v+BWHBFl1mZGiiE=
x-amz-meta-s3b-last-modified: 20230628T200818Z

GET
H/1.1 200
OK air_doctor_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 3 KB
3 KB 118ms
118ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/air_doctor_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 214ff01695c07da1069a66f57ac0656ab50a2b0b0d77463cfd7ef0072a09d4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:17:09 GMT
Server: AmazonS3
x-amz-request-id: AWNVSKNEA3JPYZ5Q
ETag: "3d7e89545aed92a6b75051ee8732113c"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 214ff01695c07da1069a66f57ac0656ab50a2b0b0d77463cfd7ef0072a09d4b5
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2888
x-amz-id-2: 0VsVsPOK9UB7t/f6QsETUanaX8rnjFyjg5wD23lJ7yF/VMyWOrEsmMQSv//EWYuU5ib532o+wII=
x-amz-meta-s3b-last-modified: 20230628T201630Z

GET
H/1.1 200
OK decathalon_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
3 KB 116ms
115ms Image
image/png 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/decathalon_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 566488b564a96e84f103ff5ead2947fd27d6cdabec09c6abf03e23d3260946bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:27:59 GMT
Server: AmazonS3
x-amz-request-id: AWNWT1BQP3PG49RE
ETag: "9eb8473737b75a0c145aae780571ec6d"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 566488b564a96e84f103ff5ead2947fd27d6cdabec09c6abf03e23d3260946bf
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2377
x-amz-id-2: z0NDQKy6Ov2t431f55jyHyXMCYaeDoXwDEZXRyeuSFij7RXBOkD0Q4DqTKsl/FxIZju+uXJLkqY=
x-amz-meta-s3b-last-modified: 20230628T202726Z

GET
H/1.1 200
OK magid_88x31.jpg
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
2 KB 115ms
115ms Image
image/jpeg 52.216.210.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/magid_88x31.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.210.192 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1eb2b5f41ce1dabcae9dd8e6600bc582b4c3ada12cfd75bedb7269e9a0ce146b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:41:14 GMT
Server: AmazonS3
x-amz-request-id: AWNSEHGWJZMBHHPD
ETag: "4b70692b692b7075ddd6929a74095786"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1eb2b5f41ce1dabcae9dd8e6600bc582b4c3ada12cfd75bedb7269e9a0ce146b
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1723
x-amz-id-2: 4SHQE5bIbRf5iPECrty1/s6Fx1RUV61uVJUoHR0J3dNpxGqqAflJh48WAAQIpDlmVUBXQQ5hsd8=
x-amz-meta-s3b-last-modified: 20230628T203837Z

GET
H/1.1 200
OK Chrome_Icon_tiny.png
s3.amazonaws.com/mr.basics/ 493 B
897 B 115ms
114ms Image
image/png 54.231.201.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/Chrome_Icon_tiny.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.201.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:50:00 GMT
Last-Modified: Mon, 11 Nov 2019 21:11:58 GMT
Server: AmazonS3
x-amz-request-id: AWNZMKM4SXYHAHAZ
ETag: "2dd7917117914767d869c2100764e9e6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 493
x-amz-id-2: cDIYJFSbaVgK0EoVRvGLwQSdNuMYhNtijds5oInn+JIethdtA7TK9FUxUz+1/Mhwlk7TJ0RIOvc=
x-amz-meta-s3b-last-modified: 20171201T203000Z

GET
H/1.1 200
OK jquery.js Show response
www.mrrebates.com/js/vendor/ 83 KB
38 KB 339ms
339ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/jquery.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:03 GMT
Server: Microsoft-IIS/7.0
ETag: "4792cb55f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 38298

GET
H/1.1 200
OK jquery.min.js Show response
www.mrrebates.com/js/vendor/ 82 KB
37 KB 339ms
338ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/jquery.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:02 GMT
Server: Microsoft-IIS/7.0
ETag: "e7d83055f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 37750

GET
H/1.1 200
OK what-input.min.js Show response
www.mrrebates.com/js/vendor/ 2 KB
1 KB 108ms
107ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/what-input.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:01 GMT
Server: Microsoft-IIS/7.0
ETag: "871f9654f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 995

GET
H/1.1 200
OK foundation.min.js Show response
www.mrrebates.com/js/ 91 KB
31 KB 337ms
337ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:18 GMT
Server: Microsoft-IIS/7.0
ETag: "2722493bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 31728

GET
H/1.1 200
OK app.js Show response
www.mrrebates.com/js/ 25 B
480 B 107ms
106ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/app.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:20 GMT
Server: Microsoft-IIS/7.0
ETag: "27b1403cf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 142

GET
H/1.1 200
OK foundation.equalizer.js Show response
www.mrrebates.com/js/foundation/ 3 KB
2 KB 107ms
105ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation/foundation.equalizer.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:45 GMT
Server: Microsoft-IIS/7.0
ETag: "c78584bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1260

GET
H/1.1 200
OK foundation.dropdown.js Show response
www.mrrebates.com/js/foundation/ 11 KB
4 KB 107ms
107ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation/foundation.dropdown.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:46 GMT
Server: Microsoft-IIS/7.0
ETag: "e784f74bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3589

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 156ms
20ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 14:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 14:16:33 GMT

GET
H/1.1 200
OK jquery.autocompleter.js Show response
www.mrrebates.com/js/ 33 KB
9 KB 214ms
214ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/jquery.autocompleter.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:17 GMT
Server: Microsoft-IIS/7.0
ETag: "8720a03af833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 8889

GET
H/1.1 200
OK ac_stores.js Show response
www.mrrebates.com/js/ 95 KB
30 KB 112ms
112ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/ac_stores.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

c88bb5e7001f8a3cd01492d3347aec539ca4a89dbd8a60eca8a24aff7619c49f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Sun, 02 Jul 2023 23:28:00 GMT
Server: Microsoft-IIS/7.0
ETag: W/"ec5e3ed73cadd91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 29870

GET
H/1.1 200
OK ac_create.js Show response
www.mrrebates.com/js/ 1 KB
795 B 107ms
107ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/ac_create.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:19 GMT
Server: Microsoft-IIS/7.0
ETag: "67acc93bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 457

GET
H2 200 43b83f81b3c085a4cb6db4ed98b96827.js Show response
eu.cookie-script.com/s/ 12 KB
4 KB 176ms
34ms Script
application/javascript 185.14.184.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.cookie-script.com/s/43b83f81b3c085a4cb6db4ed98b96827.js
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.14.184.154 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Jul 2023 23:49:59 GMT
content-encoding: gzip
last-modified: Sun, 02 Jul 2023 17:36:41 GMT
x-cache-status: HIT
content-length: 3709
content-type: application/javascript

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 25 KB
26 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:06:17 GMT
x-content-type-options: nosniff
age: 445422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 20:06:17 GMT

GET
H2 200 8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2
fonts.gstatic.com/s/baloopaaji/v21/ 25 KB
25 KB 85ms
36ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloopaaji/v21/8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baloo+Paaji

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:59:18 GMT
x-content-type-options: nosniff
age: 103841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25900
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 18:59:18 GMT

GET
H/1.1 200
OK foundation-icons.woff
www.mrrebates.com/css/ 31 KB
32 KB 112ms
108ms Font
application/x-font-woff 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation-icons.woff

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/css/foundation-icons.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mrrebates.com/css/foundation-icons.css
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sun, 02 Jul 2023 23:49:58 GMT
Last-Modified: Sat, 14 Oct 2017 05:05:37 GMT
Server: Microsoft-IIS/7.0
ETag: "a386913aa44d31:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Accept-Ranges: bytes
Content-Length: 32020

GET
H2 200 u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2
fonts.gstatic.com/s/cabin/v26/ 16 KB
16 KB 82ms
47ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:32 GMT
x-content-type-options: nosniff
age: 387387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16732
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 12:13:32 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 66ms
18ms Script
text/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrrebates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Jul 2023 22:51:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3480
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 03 Jul 2023 00:51:59 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=986432134&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=282831061.1688341800&jid=1092870343&_v=5.7.2&z=986432134

35 B
338 B

92ms
26ms

Image
image/gif

2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=282831061.1688341800&jid=1092870343&_v=5.7.2&z=986432134

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Jul 2023 23:49:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jul 2023 23:49:59 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=282831061.1688341800&jid=1092870343&_v=5.7.2&z=986432134
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 368
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.mrrebates.com/Default.asp(Line 598) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.mrrebates.com/Default.asp(Line 598) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
eu.cookie-script.com
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
ssl.google-analytics.com
stats.g.doubleclick.net
travis.com
www.mrrebates.com
www.travis.com
185.14.184.154
2a00:1450:4001:809::2008
2a00:1450:4001:809::200a
2a00:1450:4001:811::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c0a::9a
52.216.210.192
54.231.201.160
64.106.178.205
69.163.153.22
03f024adb237a6c3a421eb123e3731c526f663f1c767e1479508faca1030d32c
074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d
09fc5372a0dcaa9d0d62457c4f725e2a820d89a0aae0e6d7ed8d3e28ee86098a
0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13fa4260b29d13781d9b6559ed087e5a820b77627e51160556b8ee861e989997
19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48
1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9
1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca
1eb2b5f41ce1dabcae9dd8e6600bc582b4c3ada12cfd75bedb7269e9a0ce146b
214ff01695c07da1069a66f57ac0656ab50a2b0b0d77463cfd7ef0072a09d4b5
25148c18c1a2a320a236a1d783b29201cbd4bb9bfdf4431473cfd9ca82045899
2bdee1fdf2a6455442114f2179e783a9d070a8b9d578e017b2dff1a7c361d98b
3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e
3cfbac8ebad47fb591892b47a88f4973377f4348056912ae4bd3c39e233b35f3
3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8
405497f1c151b84592651b8420e6b4a13fec08b14bb47eb8510361bb923c0b47
40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be
4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9
439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375
482eeb17ad17b7616da9fe06e78c4e378ffc827cf87d2a4e460f7c325a12b278
49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2
4a8daf94251d8c27ce0a8ea5b26e6a8054ee33f5c547a2ccb08f240d3453f16c
4baa39b03dad19b6f05a9cb939794cd191cf2462b19a287a7b91c70628cf1e3c
539f7785660d9419ffc3a0956eebc8eae001b4658896736a84d61030844db2fd
55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90
566488b564a96e84f103ff5ead2947fd27d6cdabec09c6abf03e23d3260946bf
57bfb13daa0b483812188d78e1b17cf9e0f5b2d2660d767ad22c8d6020b7f8c3
603a60e3f4ff3bbb95297d0d73c5fb9da134b68284331a2e4cd51138e4eb123c
610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8
70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8e1c36871d227fc4adb87d3ab37f141349a0479765646719e0d875ccb195aeb9
94659a108f2d170dabfd1c524d56bbfa6d7a74323141943f6e8a27d43df332fd
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801
9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e
a146af07daafb63859b01378d9924e59b95f73d6d1cb4e503b9f9d37ca56be94
aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2
afb53066676a49ba42207bf3620b7fd7677fcb3906479c7fec57f5a8587c47d8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bc9e8ad84b1ccdbf268a2a51c7b348e70f541be98a06d30decf66681fd81edb6
c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee
c88bb5e7001f8a3cd01492d3347aec539ca4a89dbd8a60eca8a24aff7619c49f
ca21700a81e0eb29f37ae719b2a43188592d3dcca9338e82a5b13689a4e6c991
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9
e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3
e55fca5b87deaeb843e54119a42f9ad334217f3a3c4d358d26fa58e534bd114d
e8387be45312794b59f9248e0431a2005972ef84b520fd41a892146b267314a1
e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3
ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
f507fd5767c7df5ecf7a68c8572a985de5f809a433628b50d703ce52d0cc4fa8
f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde
f9b501f500d4eff727517ac4e624e31b6e6f9c1b22ab2ce26e35b306da35c84b
fbc29b3f6f025a4f0515e6af5bd506a8e66cb3da22bad71bece8c15637cdf6ee

www.mrrebates.com Open in urlscan Pro 64.106.178.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

50 %IPv6

8 Domains

11 Subdomains

9 IPs

4 Countries

647 kBTransfer

1139 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mrrebates.com Open in urlscan Pro
64.106.178.205 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

9
IPs

4
Countries

647 kB
Transfer

1139 kB
Size

0
Cookies

57 HTTP transactions
0 data transactions