www.quidco.com Open in urlscan Pro
2606:4700:4400::ac40:9b08 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.quidco.com/blackcircles/
Submission: On November 13 via api (November 13th 2023, 4:55:39 am UTC) from FI — Scanned from FI

Summary HTTP 51 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 51 HTTP transactions. The main IP is 2606:4700:4400::ac40:9b08, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.quidco.com. The Cisco Umbrella rank of the primary domain is 331200.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 4th 2023. Valid for: a year.

This is the only time www.quidco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	2606:4700:440... 2606:4700:4400::ac40:9b08	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6812:83ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
7	2606:4700:440... 2606:4700:4400::ac40:920c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:1438	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.193.208 151.101.193.208	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:e800:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.132.198.1 3.132.198.1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
1	3.219.183.191 3.219.183.191	14618 (AMAZON-AES) (AMAZON-AES)
51	17

11 2606:4700:4400::ac40:9b08 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.quidco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:4400::ac40:920c (United States)

ASN13335 (CLOUDFLARENET, US)

i.cashbacksrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:1438 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.208 (United States)

ASN54113 (FASTLY, US)

sdk.fra-01.braze.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:e800:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.132.198.1 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-198-1.us-east-2.compute.amazonaws.com

collector-31691.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.183.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-183-191.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 342	210 KB
11	quidco.com 1 redirects www.quidco.com — Cisco Umbrella Rank: 331200	508 KB
7	cashbacksrv.com i.cashbacksrv.com — Cisco Umbrella Rank: 316154	90 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	252 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2317	273 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1771 api-iam.intercom.io — Cisco Umbrella Rank: 2191	6 KB
2	google.fi www.google.fi — Cisco Umbrella Rank: 34851	517 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	398 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	664 B
2	tvsquared.com collector-31691.tvsquared.com — Cisco Umbrella Rank: 509879	9 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	braze.eu sdk.fra-01.braze.eu — Cisco Umbrella Rank: 8340	482 B
1	dwin1.com www.dwin1.com — Cisco Umbrella Rank: 4480	11 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 590	308 B
1	appboycdn.com js.appboycdn.com — Cisco Umbrella Rank: 3928	56 KB
51	15

	Domain	Requested by
12	cdn.cookielaw.org	www.quidco.com cdn.cookielaw.org
11	www.quidco.com	1 redirects www.quidco.com
7	i.cashbacksrv.com	www.quidco.com
3	www.googletagmanager.com	www.quidco.com www.googletagmanager.com
2	js.intercomcdn.com	widget.intercom.io
2	www.google.fi	www.quidco.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	collector-31691.tvsquared.com	www.quidco.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sdk.fra-01.braze.eu	js.appboycdn.com
1	api-iam.intercom.io	js.intercomcdn.com
1	widget.intercom.io	www.quidco.com
1	www.google.com	www.quidco.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	js.appboycdn.com	www.quidco.com
51	17

This site contains links to these domains. Also see Links.

Domain
www.blackcircles.com
support.quidco.com
www.jobs.moneysupermarketgroup.com
www.facebook.com
www.twitter.com
www.instagram.com
www.onetrust.com

Subject Issuer	Validity	Valid
quidco.com Cloudflare Inc ECC CA-3	`2023-09-04` - `2024-09-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
i.cashbacksrv.com Cloudflare Inc ECC CA-3	`2023-09-29` - `2024-09-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-12`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.fra-01.braze.eu GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-16` - `2024-11-16`	a year	crt.sh
*.dwin1.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.tvsquared.com Amazon RSA 2048 M02	`2023-07-16` - `2024-08-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.quidco.com/blackcircles/
Frame ID: 06AC961697216693357E88DF990C75D4
Requests: 45 HTTP requests in this frame

Frame: https://www.quidco.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 6617C293E2BFA797CB7B3A36CFBE1414
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.dde4c2cb.js
Frame ID: 9A5CD247C22AFCA348A806321B2550C8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BlackCircles Coming Soon! Cashback | Quidco Back ButtonFilter Button

Detected technologies

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

51
Requests

98 %
HTTPS

71 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

1436 kB
Transfer

4877 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.blackcircles.com/
Title: Visit retailer

Search URL Search Domain Scan URL

URL: https://support.quidco.com/en/
Title: Help centre

Search URL Search Domain Scan URL

URL: https://www.jobs.moneysupermarketgroup.com/
Title: Careers

Search URL Search Domain Scan URL

URL: http://www.facebook.com/quidco
Title: 176,130 fans

Search URL Search Domain Scan URL

URL: http://www.twitter.com/quidco
Title: 52,283 followers

Search URL Search Domain Scan URL

URL: https://www.instagram.com/quidco_it/
Title: 11,541 followers

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://www.quidco.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.quidco.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.quidco.com/blackcircles/ 344 KB
51 KB 498ms
410ms Document
text/html 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.29

Resource Hash

70d000c8198bc0b51eaebdaa6d75bb9471b0d242a7af221728f896bc63dc0f09

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private
cf-cache-status: DYNAMIC
cf-ray: 82546c509df64c85-HEL
content-encoding: gzip
content-security-policy: frame-ancestors www.quidco.com
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
content-type: text/html; charset=UTF-8
date: Mon, 13 Nov 2023 04:55:33 GMT
expires: -1
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 1bc30f616a6ad2ebab98d656f04c65b0.cloudfront.net (CloudFront)
x-amz-cf-id: yrbufoQNuPB9I061qTzlMdxDN3lEqkT_A1tg0-AeeLYHrPPxdqbhYA==
x-amz-cf-pop: HEL51-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.29
x-xss-protection: 1; mode=block

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/ 11 KB
3 KB 132ms
58ms Script
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/OtAutoBlock.js

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

725f0b6a4ed7ab3601cc3d5ac58102e1f9fce4e8e8cb024a5cb048e5dc7a5749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26957
content-md5: tIyQ0u525pxQRxM8R7nwMA==
content-length: 2679
x-ms-lease-status: unlocked
last-modified: Thu, 03 Nov 2022 14:52:28 GMT
server: cloudflare
etag: 0x8DABDAB073578D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1793bb16-e01e-007a-1f83-f024c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c53ad1d4e19-HEL
expires: Tue, 14 Nov 2023 04:55:33 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 116ms
42ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R1P6TtSHAQZyvOSI/KawHw==
age: 62101
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6821
x-ms-lease-status: unlocked
last-modified: Thu, 09 Nov 2023 14:41:49 GMT
server: cloudflare
etag: 0x8DBE13201873ECE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 615f4d5d-701e-0057-437a-1397b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c53ad204e19-HEL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 207ms
76ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5946757-2

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e256671d72995a638c9489ecea787352eec201a940658a77f32789d9b2d9ee67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64579
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Nov 2023 04:55:33 GMT

GET
H2 200 brand-logo.svg
www.quidco.com/cfassets/dist/static/img/ 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quidco.com/cfassets/dist/static/img/brand-logo.svg?v=1

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74212072ffb91867fba2fc9ae2ca2a3be40067cbafa83382a3b321180382dd44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/blackcircles/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
content-security-policy: frame-ancestors www.quidco.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 67837
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Oct 2023 14:54:22 GMT
server: cloudflare
etag: W/"652ea01e-8be"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 82546c535a1c4c85-HEL
x-amz-cf-id: emmSNPwXADPFTr4lcOsiJQOT6QyUqNM7CHg9qZvnwrtGrtMRaOHp-Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 currys.gif
i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/ 2 KB
3 KB 165ms
60ms Image
image/webp 2606:4700:4400::ac40:920c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/currys.gif
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:920c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d654c7e1dedf20ed2c7301a9257e153d428bbbf5bb6d85624b8006cef48f6a94

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
via: 1.1 c7b77c915dff1aaf04e31040a3e9f3ec.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ARN1-C1
age: 43838
cf-polished: origFmt=gif, origSize=2988
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="currys.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2284
cf-bgj: imgq:85,h2pri
last-modified: Tue, 05 Oct 2021 06:31:36 GMT
server: cloudflare
etag: "da45dc1a494e3c524c8cdee8abc227d6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82546c540f793769-HEL
x-amz-cf-id: TZsT3c5Pzna9YEFIdA6CbovHdBYY4xb0HwB70ctmyIwv0t-6-HYirQ==
expires: Tue, 14 Nov 2023 04:55:33 GMT

GET
H2 200 hughes.gif
i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/ 3 KB
4 KB 104ms
49ms Image
image/webp 2606:4700:4400::ac40:920c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/hughes.gif
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:920c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 164547c198784b10d9562d397b7609dbc678cb23b504efd746e2cecd434e43f6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
via: 1.1 f46b6835a58763129c9d1db5dc3ef62e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ARN1-C1
age: 43837
cf-polished: origFmt=gif, origSize=4031
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline; filename="hughes.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3290
cf-bgj: imgq:85,h2pri
last-modified: Wed, 11 Oct 2023 13:55:07 GMT
server: cloudflare
etag: "5c37cf3529db88206c1d83d86c5c04b2"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82546c540f7b3769-HEL
x-amz-cf-id: HUlY-V8wvFXPpmpF283pX8-LCvXThrHNcsZ3UWqdOwrWx2B_UgVNKA==
expires: Tue, 14 Nov 2023 04:55:33 GMT

GET
H2 200 tui.gif
i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/ 2 KB
3 KB 47ms
45ms Image
image/webp 2606:4700:4400::ac40:920c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/tui.gif
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:920c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca2636fe48184a194ee816c6f6faa1bad4d2925cf03919d5de5b19e10d372f8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: OSL50-C1
age: 67837
cf-polished: origFmt=gif, origSize=2803
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-disposition: inline; filename="tui.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2100
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Oct 2021 14:55:21 GMT
server: cloudflare
etag: "f97ea6b5b8e5a6b8dbc83b3530cbb844"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82546c542f9d3769-HEL
x-amz-cf-id: bjg2NzA7wYpFoAYvY2wOHf4PYZY2p8sAAR0U8zUtwsKhsdH2YLOSXw==
expires: Tue, 14 Nov 2023 04:55:33 GMT

GET
H2 200 marella.gif
i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/ 4 KB
4 KB 122ms
120ms Image
image/webp 2606:4700:4400::ac40:920c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-100x62/marella.gif
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:920c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee98680134c06a24a295e1a97c2e92e168f8220c38e017c06900d08b8ecf64b5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
via: 1.1 10ba4f180c8b00c38f956300d7b2f4c8.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ARN1-C1
cf-polished: origFmt=gif, origSize=4730
x-cache: Hit from cloudfront
content-disposition: inline; filename="marella.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3800
cf-bgj: imgq:85,h2pri
last-modified: Wed, 24 Apr 2019 11:34:30 GMT
server: cloudflare
etag: "be0cb74bc0f6227f3521f02efa7b8000"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82546c542fa03769-HEL
x-amz-cf-id: InOtli0OCsPwCUZ2PhyD_ukJ90ddtH-Nx4lPUoiHXD3OexBZa0Js-A==
expires: Tue, 14 Nov 2023 04:55:33 GMT

GET
H2 200 blackcircles.png
i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-150/ 6 KB
7 KB 314ms
313ms Image
image/png 2606:4700:4400::ac40:920c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.cashbacksrv.com/quidco_com/p/static/uploads/a/img/merchant-150/blackcircles.png
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:920c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d088b23c3427c48834bfd6445e722bac21d98436a7f1b39ebf37a192629c3184

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
via: 1.1 50f8df1bd48d77c6aa66214d7e928e72.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: HEL50-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6639
last-modified: Tue, 02 Oct 2018 21:57:04 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:65534/gname:nfsnobody/uname:nfsnobody/gid:65534/mode:33188/mtime:1476892601/atime:1488098792/md5:252e743c76da9d2b34c3b33156021f29/ctime:1480916906
etag: "252e743c76da9d2b34c3b33156021f29"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 82546c542fa23769-HEL
x-amz-cf-id: LiXC2pN6P8SU4riCKo5EkNyzQ6GWeoMLNt1oOdaUCmpz5cdxTD5p0g==
expires: Tue, 14 Nov 2023 04:55:34 GMT

GET
H3 200 merchant-profile.8e4f4ab45a4b32124a02.js Show response
www.quidco.com/cfassets/dist/Theme/js/ 493 KB
163 KB 61ms
60ms Script
application/javascript 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quidco.com/cfassets/dist/Theme/js/merchant-profile.8e4f4ab45a4b32124a02.js

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2489993a48419079bd830e64b3143fe16b0fbeb8b7523a932b2d98f4957903c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/blackcircles/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors www.quidco.com
via: 1.1 59202edf772149f3e7805f2a4994d252.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ARN56-P1
age: 43837
cf-cache-status: HIT
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Oct 2023 14:59:10 GMT
server: cloudflare
etag: W/"652ea13e-7b436"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82546c542e1d4e16-HEL
x-amz-cf-id: pV-_7mmEAb2Zi07ugbmCD91KaL-yEf7J2f8qrBENTd2TVENHWUAmMg==
expires: Mon, 13 Nov 2023 06:27:28 GMT

GET
H2 200 dc66aa71-1b8d-42ae-a473-6a1c64b4b002.json Show response
cdn.cookielaw.org/consent/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/ 4 KB
2 KB 113ms
48ms XHR
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/dc66aa71-1b8d-42ae-a473-6a1c64b4b002.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6b41b284085a3c216333188969107fe831975ae01f767928eeafb0fd095f1de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26956
content-md5: bGPp2wObQkggrPwlH2MKbw==
content-length: 1576
x-ms-lease-status: unlocked
last-modified: Thu, 03 Nov 2022 14:52:28 GMT
server: cloudflare
etag: 0x8DABDAB070965DA
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 847ca6a4-501e-00a4-4c7f-eb3025000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c547e0770fa-HEL
expires: Tue, 14 Nov 2023 04:55:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 353 KB
95 KB 313ms
183ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-D34R

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecb3c89791f5fc6da55691e7e24e1d27b7c0269fe1d4233891a40247e66b2f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97557
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Nov 2023 04:55:33 GMT

GET
H2 200 braze.min.js Show response
js.appboycdn.com/web-sdk/4.5/ 202 KB
56 KB 165ms
78ms Script
application/javascript 2606:4700::6810:1438
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/4.5/braze.min.js
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1438 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4adff3c1c64b9816a0b089544ce135490356f3c87a34b43c59660cf94bc3eba

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 17:51:35 GMT
server: cloudflare
x-amz-request-id: F72NRCEFAKMW7FD5
etag: W/"88cddc3df06c791edbaadbe7a552a0ef"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 82546c54bf39d933-HEL
x-amz-id-2: 8iGyk9MVnUBuv5El1S24vCwxC3y4sQADUoWoDdW0mHrr31b8/uJCPsOrvMqrAZdoW9t7E1exqgo=
expires: Mon, 13 Nov 2023 08:55:33 GMT

GET
H2 200 rubik-v11-latin-regular-300-400-500.woff2
i.cashbacksrv.com/cbfe/p/static/fonts/ 35 KB
36 KB 364ms
295ms Font
binary/octet-stream 2606:4700:4400::ac40:920c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.cashbacksrv.com/cbfe/p/static/fonts/rubik-v11-latin-regular-300-400-500.woff2
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:920c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a

Request headers

Referer: https://www.quidco.com/
Origin: https://www.quidco.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: OSL50-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 35668
last-modified: Fri, 08 Jan 2021 15:31:42 GMT
server: cloudflare
etag: "88307eeb3415ec154b3bd77ac2564885"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.quidco.com
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82546c54bd6e4c78-HEL
x-amz-cf-id: xVk6PcpkCvKLhDZLebmeYn7cyutpK0A04QOKDEntK7Cq2ypQfUzmMA==
expires: Mon, 13 Nov 2023 08:55:34 GMT

GET
H2 200 rubik-v11-latin-italic-300-400-500.woff2
i.cashbacksrv.com/cbfe/p/static/fonts/ 33 KB
34 KB 386ms
323ms Font
binary/octet-stream 2606:4700:4400::ac40:920c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.cashbacksrv.com/cbfe/p/static/fonts/rubik-v11-latin-italic-300-400-500.woff2
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:920c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27e171e743ba047b5388c7eb2c361a2c2fee31a108efa30019800cebe0868b2

Request headers

Referer: https://www.quidco.com/
Origin: https://www.quidco.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
via: 1.1 e0a5445a9b6b20c3399e57d2c05d4520.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: ARN1-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 34104
last-modified: Fri, 08 Jan 2021 15:31:39 GMT
server: cloudflare
etag: "b24ccacd64efef5da83494c000efc7e0"
access-control-max-age: 3000
access-control-allow-methods: HEAD, GET
content-type: binary/octet-stream
access-control-allow-origin: https://www.quidco.com
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 82546c54bd704c78-HEL
x-amz-cf-id: DL9OLTLNq7F34_C4X65hrjAOuXQIsK_Id5KQN8lZrFpGpg2JTbi1WQ==
expires: Mon, 13 Nov 2023 08:55:34 GMT

GET
H3 200 quidco.svg
www.quidco.com/cfassets/dist/static/icon/ 850 B
1 KB 142ms
142ms Image
image/svg+xml 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.quidco.com/cfassets/dist/static/icon/quidco.svg

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efae1d56290cad6ef306d84070e29cd246c13846711a86f55b855b3d676644cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/blackcircles/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
content-security-policy: frame-ancestors www.quidco.com
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 797e08d987207122bff536abc6502d6c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: ARN56-P1
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
x-cache: Miss from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 Oct 2023 14:54:22 GMT
server: cloudflare
etag: W/"652ea01e-352"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
cf-ray: 82546c547e844e16-HEL
x-amz-cf-id: vcpFctigtKYtM9f4iZNqL-is8HZkLOzLtSN9ZYmSmaQB5-XalVxh4A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
308 B 118ms
50ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.quidco.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 82546c553a0cd987-HEL
access-control-allow-headers: Content-Type

GET
H3 200 356.3cd565827f86cc134c70.js Show response
www.quidco.com/cfassets/dist/Theme/js/ 1 MB
284 KB 55ms
54ms Script
application/javascript 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quidco.com/cfassets/dist/Theme/js/356.3cd565827f86cc134c70.js

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/cfassets/dist/Theme/js/merchant-profile.8e4f4ab45a4b32124a02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38da5dd0d65ef387185be191902dde0de589d1ef325cea6fc52ec48c69452647

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/blackcircles/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors www.quidco.com
via: 1.1 30a448a0dbd4a52ea118d2e64f0535c8.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ARN56-P1
age: 67838
cf-cache-status: HIT
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Nov 2023 14:23:13 GMT
server: cloudflare
etag: W/"654ceb51-1321b7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82546c55e9394e16-HEL
x-amz-cf-id: DVW7W8edNU8Gm2vq-WC9E2xstPT4yr6VCxbb-Nh8N4qbHKaZI9XvEg==
expires: Sun, 12 Nov 2023 11:06:02 GMT

GET
H3 200 934.1775cc4fcc7401ac7af9.js Show response
www.quidco.com/cfassets/dist/Theme/js/ 3 KB
2 KB 117ms
116ms Script
application/javascript 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quidco.com/cfassets/dist/Theme/js/934.1775cc4fcc7401ac7af9.js

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/cfassets/dist/Theme/js/merchant-profile.8e4f4ab45a4b32124a02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ced1b1af14ade5293a09b96c0fc3789f6358981af838480f44aacf54401c81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/blackcircles/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors www.quidco.com
via: 1.1 a626e6748fd7659cdc58de81924341d6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: ARN56-P1
age: 67838
cf-cache-status: HIT
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 Nov 2023 14:23:13 GMT
server: cloudflare
etag: W/"654ceb51-b61"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
cf-ray: 82546c55e93c4e16-HEL
x-amz-cf-id: YAvJh7FHHfU9Ia51r0NUkEew9b1y5Qe4oR6E3SFY5IO1wiBCJYMr8A==
expires: Sun, 12 Nov 2023 11:55:50 GMT

POST
H2 201 / Show response
sdk.fra-01.braze.eu/api/v3/data/ 334 B
482 B 185ms
185ms XHR
application/json 151.101.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.fra-01.braze.eu/api/v3/data/

Requested by

Host: js.appboycdn.com
URL: https://js.appboycdn.com/web-sdk/4.5/braze.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0ac62ea7669ae66afef50832666e57dcd353876adaa210e314e4279c08a504d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key: f14d04a9-122b-464b-9f90-814cadf1cf6b
X-Braze-TriggersRequest: true
X-Braze-DataRequest: true
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/json
Referer: https://www.quidco.com/
X-Requested-With: XMLHttpRequest

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: MISS
x-request-id: 04d35e07-17ac-4c4c-9fb0-849752d4e521
x-served-by: cache-fra-eddf8230121-FRA
x-runtime: 0.125440
x-timer: S1699851334.270237,VS0,VE131
etag: W/"f0ac62ea7669ae66afef50832666e57d"
access-control-max-age: 7200
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin,Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 /
sdk.fra-01.braze.eu/api/v3/data/ Frame 0
0 187ms
59ms Preflight 151.101.193.208
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.fra-01.braze.eu/api/v3/data/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.208 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.quidco.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods: POST, GET
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
content-encoding: gzip
date: Mon, 13 Nov 2023 04:55:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230121-FRA
x-timer: S1699851334.210630,VS0,VE4

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/ 381 KB
91 KB 41ms
41ms Script
application/javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DjzI+HdyHvhC2OCs+qd+pw==
age: 11818
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93164
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:44 GMT
server: cloudflare
etag: 0x8DADF1BA4D9E9D9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d8bb8c58-601e-0064-227c-ebc81b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c55f8be4e19-HEL

GET
H3 200 get_chat_details Show response
www.quidco.com/ajax/user/ 21 B
909 B 188ms
187ms Fetch
application/json 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quidco.com/ajax/user/get_chat_details

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930a8d58f49401d4b77537a9b2e465f5f79fd50ea48f5b96d07b3636615f4a7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/blackcircles/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
via: 1.1 972d4acd04a2126f84b4c0b10ef11856.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors www.quidco.com
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: HEL51-P3
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
cf-ray: 82546c5609894e16-HEL
x-amz-cf-id: H5zVNyQEpOoiA7MQ3uEaiTSSMhOYVGYNGERlf4a67kP5IMYZFxTY7A==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 user_header_data Show response
www.quidco.com/ajax/user/ 190 B
1016 B 160ms
159ms XHR
application/json 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quidco.com/ajax/user/user_header_data

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/cfassets/dist/Theme/js/merchant-profile.8e4f4ab45a4b32124a02.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffb684306d66b0a0103e7c8fc13411974399d4d21dc4298a3e99f3080c1073f4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.quidco.com/blackcircles/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
via: 1.1 06ef4e5ae64b0b7defaeafbb170bba26.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors www.quidco.com
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: HEL51-P3
content-security-policy-report-only: frame-ancestors www.quidco.com; frame-src www.quidco.com secure.maplesyrupgroup.com secure.quidco.co.uk service.force.com www.google.com recaptcha.google.com googletagmanager.com bid.g.doubleclick.net widget.trustpilot.com a8787468851.cdn.optimizely.com www.awin1.com www.facebook.com td.doubleclick.net; report-uri https://4aebf68775085774dfe9a3f70aa6df97.report-uri.com/r/d/csp/reportOnly
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
cf-ray: 82546c5629d14e16-HEL
x-amz-cf-id: SlCChEdLVKu1bF-SDIfWy37y6YdhZVCy9CmizguvAh-DOQRBXrSZzQ==
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

main.js Show response
www.quidco.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 6617
Redirect Chain

https://www.quidco.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.quidco.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

39ms
39ms

Script
application/javascript

2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.quidco.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Server

2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

928ee47afcd34e0ff286494748eb0a506d8e9341056cd26ef700565c39ca9a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82546c56caa14e16-HEL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 82546c565a0a4e16-HEL
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 188ms
60ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5946757-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 03:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3953
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 13 Nov 2023 05:49:41 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/1050034c-4017-4387-9a0e-4ce978d35574/ 60 KB
14 KB 49ms
49ms Fetch
application/x-javascript 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/1050034c-4017-4387-9a0e-4ce978d35574/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d1ce6c0dc4dfa307fae71a5bc22274ce2144d54ccf5f8b91178efd17b2154e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26957
content-md5: MNLVdZ0OaNJKIYE8FqkzWg==
content-length: 14588
x-ms-lease-status: unlocked
last-modified: Thu, 03 Nov 2022 14:52:31 GMT
server: cloudflare
etag: 0x8DABDAB09356E84
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 34d4d897-001e-0019-40b7-a5f48e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c56d9b470fa-HEL
expires: Tue, 14 Nov 2023 04:55:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
93 KB 77ms
74ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DTHHGDY710&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-D34R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

14c82b0ce780baaee67bdeb56b993ad404bffc2107d84da81ce048853ef78616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94875
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 13 Nov 2023 04:55:34 GMT

GET
H2 200 15819.js Show response
www.dwin1.com/ 38 KB
11 KB 290ms
147ms Script
application/javascript 2600:9000:214f:e800:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/15819.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-D34R
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e800:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57f9a6a4d10a7059d280c155dc333cd1f74529c1a912bf68316ccb0a486c230f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: uOGMoBtGJQIzmiF8hr3n6clR2PZ6jSFD
content-encoding: gzip
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 04:55:35 GMT
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 27 Oct 2023 06:30:22 GMT
server: AmazonS3
etag: W/"cfbdf678a4e9d81ba39864802a353e7e"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: Hr9iN_d1l60EdqdD19fL7nTB2P0n8JYjQ2i2HnSjqNGYyqGox-C8-w==

GET
H/1.1 200
OK tv2track.js Show response
collector-31691.tvsquared.com/ 20 KB
9 KB 605ms
146ms Script
application/javascript 3.132.198.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-31691.tvsquared.com/tv2track.js
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.198.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-198-1.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 04:55:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 12:34:33 GMT
Server: nginx
ETag: "654245d9-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Mon, 13 Nov 2023 05:05:34 GMT

POST
H3 200 82546c509df64c85 Show response
www.quidco.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6617 0
290 B 52ms
50ms XHR
text/plain 2606:4700:4400::ac40:9b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.quidco.com/cdn-cgi/challenge-platform/h/g/jsd/r/82546c509df64c85
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:9b08 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 82546c587d514e16-HEL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 13 KB
3 KB 42ms
41ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JuDKxv1jf1Hw0JXasvCaSg==
age: 26957
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3007
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:35 GMT
server: cloudflare
etag: 0x8DADF1B9F221620
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fc2b4a1b-401e-00f0-09e1-5a0888000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c589c9d70fa-HEL

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/ 62 KB
13 KB 42ms
41ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67e40afea590dbd487bf12f6ceaa5c16e606cbec9268c64b69a371d5fb3cc09b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cWUYtlJNLE0cQ+nS16W3mQ==
age: 26957
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13271
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:38 GMT
server: cloudflare
etag: 0x8DADF1BA0C0E16F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 0e75d2a9-d01e-00b1-0fe1-5a209b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c589ca270fa-HEL

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 5 KB
2 KB 42ms
42ms Fetch
application/json 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: N/8bGYVpO/n/qpqmCLjZRA==
age: 26957
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1767
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:37 GMT
server: cloudflare
etag: 0x8DADF1BA03DE291
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e0c592a4-f01e-00e9-16e1-5a24e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c589ca570fa-HEL

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202210.1.0/assets/ 21 KB
4 KB 50ms
49ms Fetch
text/css 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202210.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202210.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: oQsmwuIlJWH4cKDxpI1ltA==
age: 26957
x-ms-lease-status: unlocked
last-modified: Fri, 16 Dec 2022 04:11:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a03cefd2-001e-005d-357f-eb3307000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 82546c589ca970fa-HEL

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 68ms
67ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=225295969&t=pageview&_s=1&dl=https%3A%2F%2Fwww.quidco.com%2Fblackcircles%2F&ul=en-us&de=UTF-8&dt=BlackCircles%20Coming%20Soon!%20Cashback%20%7C%20Quidco&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1162249566&gjid=1890424944&cid=2090968159.1699851334&tid=UA-5946757-2&_gid=707845253.1699851334&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd10=CB-FE&jsscut=1&z=899625755

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quidco.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 04:55:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.quidco.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 101ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DTHHGDY710&gtm=45je3b81v878031208z8553025&_p=1699851333758&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2090968159.1699851334&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fblackcircles%2F&dl=https%3A%2F%2Fwww.quidco.com%2Fblackcircles%2F&sid=1699851334&sct=1&seg=0&dt=BlackCircles%20Coming%20Soon!%20Cashback%20%7C%20Quidco&en=page_view&_fv=1&_ss=2&ep.page_hostname=www.quidco.com&ep.channelId=406&ep.clientId=15&ep.pageTypeCategory=merchant&ep.productCategory=cashback&ep.subProductCategory=null&ep.verticalCategory=null&ep.sourceCode=&ep.enquiryId=notset&ep.full_page_location=https%3A%2F%2Fwww.quidco.com%2Fblackcircles%2F&ep.quidco_environment=CB-FE&ep.pageId=null&ep.pageTemplate=null&ep.pageDate=null&ep.subPageType=null&ep.mobileAppTraffic=false&ep.eventId=w1T7qGzX-LLB1-yv4M-6N1B-9QQtSBu0avkO&tfd=1416
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DTHHGDY710&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 04:55:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.quidco.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 198ms
68ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DTHHGDY710&cid=2090968159.1699851334&gtm=45je3b81v878031208z8553025&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DTHHGDY710&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 04:55:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.quidco.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
409 B 200ms
71ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DTHHGDY710&cid=2090968159.1699851334&gtm=45je3b81v878031208z8553025&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1900074337

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 41ms
41ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 5886
x-ms-lease-status: unlocked
last-modified: Thu, 09 Nov 2023 14:41:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 88e7c1fe-601e-0016-42ae-13cf54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 82546c592e364e19-HEL

GET
H2 200 2560px-Quidco.svg.png
cdn.cookielaw.org/logos/29d5d6a5-d071-423b-8e38-a6e779152280/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/98f6b7ea-7cf8-4f36-b621-8cbd278aa093/ 68 KB
68 KB 43ms
43ms Image
image/png 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/29d5d6a5-d071-423b-8e38-a6e779152280/dc66aa71-1b8d-42ae-a473-6a1c64b4b002/98f6b7ea-7cf8-4f36-b621-8cbd278aa093/2560px-Quidco.svg.png

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a96403faf6d671c471b43d8cf51f8897e36c0163bfa12b64027ad3873483817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WGYM1MozA1Lj//5mtDEUtg==
age: 54564
content-length: 69207
x-ms-lease-status: unlocked
last-modified: Fri, 15 Oct 2021 16:20:10 GMT
server: cloudflare
etag: 0x8D98FF7A94439BE
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ae08b0ce-b01e-0015-4e87-0c2e30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 82546c595e944e19-HEL

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 42ms
42ms Image
image/svg+xml 2606:4700::6812:83ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 13 Nov 2023 04:55:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 1554
x-ms-lease-status: unlocked
last-modified: Thu, 09 Nov 2023 14:41:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 67068720-f01e-0049-7aa0-137b68000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 82546c595e994e19-HEL

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 124ms
65ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-5946757-2&cid=2090968159.1699851334&jid=1162249566&gjid=1890424944&_gid=707845253.1699851334&_u=YEBAAUAAAAAAACAAI~&z=344314947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.quidco.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 13 Nov 2023 04:55:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.quidco.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 203ms
71ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5946757-2&cid=2090968159.1699851334&jid=1162249566&_u=YEBAAUAAAAAAACAAI~&z=255613142

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
108 B 73ms
72ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-5946757-2&cid=2090968159.1699851334&jid=1162249566&_u=YEBAAUAAAAAAACAAI~&z=255613142

Requested by

Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 04:55:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-31691.tvsquared.com/ 42 B
276 B 145ms
145ms Image
image/gif 3.132.198.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-31691.tvsquared.com/tv2track.php?action_name=BlackCircles%20Coming%20Soon!%20Cashback%20%7C%20Quidco&idsite=TV-6381360981-1&rec=1&r=895621&h=6&m=55&s=34&url=https%3A%2F%2Fwww.quidco.com%2Fblackcircles%2F&_id=70b3b4b25c9b80ba&_idts=1699851335&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=441
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.198.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-198-1.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Mon, 13 Nov 2023 04:55:34 GMT
Server: nginx
Connection: keep-alive
Request-Id: c5147b42-033d-46a4-9ef4-7e0b50e0c6c4
Content-Length: 42
Content-Type: image/gif

GET
H2 200 ptct73a9 Show response
widget.intercom.io/widget/ 7 KB
3 KB 191ms
56ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/ptct73a9
Requested by: Host: www.quidco.com
URL: https://www.quidco.com/blackcircles/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4567cb911c40f7e7001a6166af28fdf31f0638424ee8e3917b7578c102972d1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://www.quidco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: x4Lousezywab.D43lyz6zVTN5bap1sqb
content-encoding: gzip
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 04:49:02 GMT
x-amz-cf-pop: FRA50-C1
age: 412
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Fri, 10 Nov 2023 12:05:51 GMT
server: AmazonS3
etag: "d12793474b7ab3e698db31b139691830"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: zlyiHcF2ep0N4Oa6vFI2ik0cUfTxdTZc_o2ZQjozO0O1Xq2Dq4F2KA==

GET
H2 200 frame-modern.dde4c2cb.js Show response
js.intercomcdn.com/ Frame 9A5C 510 KB
141 KB 316ms
184ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.dde4c2cb.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ptct73a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

bfd89a26b624bdccfd5ebcdf7e719e1fc8268ee3fb9f6b264b52c1d084606f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: _uFXWd.uxQrUGWryiyIMi3EemtEsiZD3
content-encoding: gzip
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 04:05:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144045
last-modified: Fri, 10 Nov 2023 12:02:24 GMT
server: AmazonS3
etag: "b314c5ca23a657834ce986462da01632"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: oFbLY5Hde44KIoKPIwfAOIpWQC0hP62jw8HEkgp5qKTjlqdtn5deCw==

GET
H2 200 vendor-modern.39b0b15a.js Show response
js.intercomcdn.com/ Frame 9A5C 426 KB
131 KB 196ms
64ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.39b0b15a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ptct73a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-43.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6b0d063dfaebbc19c739741e85c8a273b960240b710774c74fd1947a343f6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:07:47 GMT
content-encoding: gzip
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-version-id: W8FVPRTKc6ymDZmFP6h1BAvX7PPx2J38
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 2869
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133793
last-modified: Fri, 10 Nov 2023 12:02:24 GMT
server: AmazonS3
etag: "c3d7c800929ac60bd7338a4bf9c3f40b"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: GWcoQmSGbEdsEW-0NPZctLrN0h_unJgD6fHj3cJxOYAwngcjvv8Zww==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 9A5C 5 KB
3 KB 711ms
430ms XHR
application/json 3.219.183.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.dde4c2cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.219.183.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-183-191.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8340212bd0bedd0447854f4813f2378234047ea17916e4f4d46cc6505f5c3ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 13 Nov 2023 04:55:36 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-04e46d1ae8301b5d8
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 003s0b5moh38ck8kb76g
x-runtime: 0.259017
server: nginx
etag: W/"8340212bd0bedd0447854f4813f23782"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.quidco.com
x-intercom-version: b487b9d3771c4f40bea52a18fd9a66fc8b2c64fa
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.quidco.com/	1970-01-20 16:12:17	Name: QUIDCO_COOKIE_CBFE_HOMEPAGE Value: auth-F-type-4-adult-T-gambling-T
.quidco.com/	1970-01-20 16:10:53	Name: __cf_bm Value: qu5IhkxwhtUroeuDuxlhXD989mc2m4aS4oIIhy8c764-1699851333-0-AfiiqsL3h/dbOkW87YmrF1hWU7HRNmBi/TAsZZzmr4GjOaWG3hiWzQv/y4jmRmWfIOi2U+e036F2+glrxun4fHc=
.quidco.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 6IydOyFtH0OdQSjUxZk88g0ZBWawr_nBIysu0o313tw-1699851333594-0-604800000
.quidco.com/	1970-01-21 01:46:51	Name: ab.storage.sessionId.f14d04a9-122b-464b-9f90-814cadf1cf6b Value: %7B%22g%22%3A%22a987c4f1-8c90-4fe4-0f73-8c5488411217%22%2C%22e%22%3A1699853133966%2C%22c%22%3A1699851333966%2C%22l%22%3A1699851333966%7D
.quidco.com/	1970-01-21 01:46:51	Name: ab.storage.deviceId.f14d04a9-122b-464b-9f90-814cadf1cf6b Value: %7B%22g%22%3A%229a3a443a-cf83-93bb-a115-81e9d23ea979%22%2C%22c%22%3A1699851333970%2C%22l%22%3A1699851333970%7D
www.quidco.com/	1970-01-21 01:46:51	Name: QUIDCO_COOKIE_FEA Value: {%22utm_source%22:null%2C%22utm_source_session%22:%221699851334021%22%2C%22utm_medium%22:null%2C%22utm_medium_session%22:%221699851334021%22%2C%22utm_content%22:null%2C%22utm_content_session%22:%221699851334021%22%2C%22utm_campaign%22:null%2C%22utm_campaign_session%22:%221699851334021%22%2C%22original_http_referer%22:null%2C%22original_http_referer_session%22:%221699851334021%22%2C%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit/537.36%20(KHTML%2C%20like%20Gecko)%20Chrome/119.0.6045.123%20Safari/537.36%22%2C%22landing_page_url%22:%22https://www.quidco.com/blackcircles/%22%2C%22landing_page_url_session%22:%221699851334021%22%2C%22fn%22:null%2C%22fn_session%22:%221699851334021%22}
www.quidco.com/	1969-12-31 23:59:59	Name: QUIDCO_COOKIE_SEARCH_FEA Value: {}
.cashbacksrv.com/	1970-01-20 16:10:53	Name: __cf_bm Value: XeB4oF494105CKor3oQbkJZ0.Z0AIu0N7ZIzAAtusPQ-1699851334-0-ASJpWVgfwt5uZ+sBCCfiSlRvm59CXE6Zfe066Nttec1TLrI/5NmEErB0vLu/hJruohfYbSXCahczObDxuvcxENo=
.quidco.com/	1970-01-20 18:20:27	Name: _gcl_au Value: 1.1.2097805290.1699851334
www.quidco.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 26cbb0d6471bfec8959af2468d0a5033
www.quidco.com/	1969-12-31 23:59:59	Name: login_form_token Value: 3876513daebae9932fcebe4ac8c1e800
.quidco.com/	1970-01-20 16:12:17	Name: _gid Value: GA1.2.707845253.1699851334
.quidco.com/	1970-01-20 16:10:51	Name: _gat_gtag_UA_5946757_2 Value: 1
.quidco.com/	1970-01-21 00:56:27	Name: cf_clearance Value: 98NV9ZzQ9McT4MZIGLGIjAHuhMlUbbKtob8wP.0S50g-1699851334-0-1-fad39f60.56467dcc.3ad3ddc3-0.2.1699851334
.quidco.com/	1970-01-21 01:46:51	Name: _ga Value: GA1.1.2090968159.1699851334
.quidco.com/	1970-01-21 01:46:51	Name: _ga_DTHHGDY710 Value: GS1.1.1699851334.1.0.1699851334.60.0.0
.quidco.com/	1970-01-21 00:56:27	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Nov+13+2023+06%3A55%3A34+GMT%2B0200+(Eastern+European+Standard+Time)&version=202210.1.0&isIABGlobal=false&hosts=&consentId=a9c2a199-c0b0-4a5c-a7bb-1174fa817780&interactionCount=0&landingPath=https%3A%2F%2Fwww.quidco.com%2Fblackcircles%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
www.quidco.com/	1970-01-21 01:46:51	Name: _tq_id.TV-6381360981-1.cd36 Value: 70b3b4b25c9b80ba.1699851335.0.1699851335..
.quidco.com/	1970-01-20 22:39:41	Name: intercom-id-ptct73a9 Value: d3c5cf11-5f1c-41c3-b117-e3dee7525135
.quidco.com/	1970-01-20 16:20:56	Name: intercom-session-ptct73a9 Value:
.quidco.com/	1970-01-20 22:39:41	Name: intercom-device-id-ptct73a9 Value: d8044b1a-112e-42bb-b5a8-106a491c5e36

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors www.quidco.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cdn.cookielaw.org
collector-31691.tvsquared.com
geolocation.onetrust.com
i.cashbacksrv.com
js.appboycdn.com
js.intercomcdn.com
region1.analytics.google.com
sdk.fra-01.braze.eu
stats.g.doubleclick.net
widget.intercom.io
www.dwin1.com
www.google-analytics.com
www.google.com
www.google.fi
www.googletagmanager.com
www.quidco.com
143.204.98.110
151.101.193.208
18.66.147.43
2001:4860:4802:32::36
2600:9000:214f:e800:f:8ce2:fb80:93a1
2606:4700:4400::ac40:920c
2606:4700:4400::ac40:9b08
2606:4700:4400::ac40:9b77
2606:4700::6810:1438
2606:4700::6812:83ec
2a00:1450:4001:801::2003
2a00:1450:4001:812::2008
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
3.132.198.1
3.219.183.191
087d847ee64707e372f572145600ecbcb13f2dd2382fd8962326f2fed03dd85d
14c82b0ce780baaee67bdeb56b993ad404bffc2107d84da81ce048853ef78616
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
164547c198784b10d9562d397b7609dbc678cb23b504efd746e2cecd434e43f6
2489993a48419079bd830e64b3143fe16b0fbeb8b7523a932b2d98f4957903c2
2d1ce6c0dc4dfa307fae71a5bc22274ce2144d54ccf5f8b91178efd17b2154e5
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
38da5dd0d65ef387185be191902dde0de589d1ef325cea6fc52ec48c69452647
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
57f9a6a4d10a7059d280c155dc333cd1f74529c1a912bf68316ccb0a486c230f
5c90b7af2ba867dc9291d978e41c1573ca710536b064541c75f539208e794b7a
67e40afea590dbd487bf12f6ceaa5c16e606cbec9268c64b69a371d5fb3cc09b
6b1fc966c38b12c845f9fd8bdb76027106b776783fd44eeed917663942b5fd16
70d000c8198bc0b51eaebdaa6d75bb9471b0d242a7af221728f896bc63dc0f09
725f0b6a4ed7ab3601cc3d5ac58102e1f9fce4e8e8cb024a5cb048e5dc7a5749
74212072ffb91867fba2fc9ae2ca2a3be40067cbafa83382a3b321180382dd44
7a96403faf6d671c471b43d8cf51f8897e36c0163bfa12b64027ad3873483817
7ffe7c7eed20900652605eab522ac9cf7fbd5040686e2ed6f1bc6b22008f1b98
8340212bd0bedd0447854f4813f2378234047ea17916e4f4d46cc6505f5c3ecf
84ced1b1af14ade5293a09b96c0fc3789f6358981af838480f44aacf54401c81
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
928ee47afcd34e0ff286494748eb0a506d8e9341056cd26ef700565c39ca9a21
930a8d58f49401d4b77537a9b2e465f5f79fd50ea48f5b96d07b3636615f4a7d
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
b27e171e743ba047b5388c7eb2c361a2c2fee31a108efa30019800cebe0868b2
b4adff3c1c64b9816a0b089544ce135490356f3c87a34b43c59660cf94bc3eba
bfd89a26b624bdccfd5ebcdf7e719e1fc8268ee3fb9f6b264b52c1d084606f7a
cca2636fe48184a194ee816c6f6faa1bad4d2925cf03919d5de5b19e10d372f8
d088b23c3427c48834bfd6445e722bac21d98436a7f1b39ebf37a192629c3184
d654c7e1dedf20ed2c7301a9257e153d428bbbf5bb6d85624b8006cef48f6a94
d6b0d063dfaebbc19c739741e85c8a273b960240b710774c74fd1947a343f6b2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e256671d72995a638c9489ecea787352eec201a940658a77f32789d9b2d9ee67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4567cb911c40f7e7001a6166af28fdf31f0638424ee8e3917b7578c102972d1
e6b41b284085a3c216333188969107fe831975ae01f767928eeafb0fd095f1de
ecb3c89791f5fc6da55691e7e24e1d27b7c0269fe1d4233891a40247e66b2f61
ee98680134c06a24a295e1a97c2e92e168f8220c38e017c06900d08b8ecf64b5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae1d56290cad6ef306d84070e29cd246c13846711a86f55b855b3d676644cf
f0ac62ea7669ae66afef50832666e57dcd353876adaa210e314e4279c08a504d
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f97354a4659e6fc1cf05e27b59d333c697c1b0fd6fcaaceaa9af1f6886abe0af
ffb684306d66b0a0103e7c8fc13411974399d4d21dc4298a3e99f3080c1073f4

www.quidco.com Open in urlscan Pro 2606:4700:4400::ac40:9b08 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

98 %HTTPS

71 %IPv6

15 Domains

17 Subdomains

17 IPs

3 Countries

1436 kBTransfer

4877 kBSize

21 Cookies

7 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.quidco.com Open in urlscan Pro
2606:4700:4400::ac40:9b08 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

98 %
HTTPS

71 %
IPv6

15
Domains

17
Subdomains

17
IPs

3
Countries

1436 kB
Transfer

4877 kB
Size

21
Cookies

51 HTTP transactions
0 data transactions