urlscan.io logo urlscan.io
SecurityTrails logo

portal.shedrx.com Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://motus.employeeperks.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337...
Effective URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b...
Submission: On October 29 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 21 domains to perform 41 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is portal.shedrx.com. The Cisco Umbrella rank of the primary domain is 324733.
TLS certificate: Issued by WR3 on October 18th 2024. Valid for: 3 months.
This is the only time portal.shedrx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    13.248.245.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad681d651183c721d.awsglobalaccelerator.com
motus.employeeperks.com
discounts.abenity.com
api.abenity.com
3    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
1    52.216.204.179 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
abenity.s3.amazonaws.com
1    3.165.84.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-84-52.sin2.r.cloudfront.net
d300tb5wusuhi2.cloudfront.net
1    74.125.130.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f113.1e100.net
analytics.google.com
1    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
stats.g.doubleclick.net
1    142.251.175.156 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f156.1e100.net
td.doubleclick.net
1    162.247.243.39 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    34.117.119.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.119.117.34.bc.googleusercontent.com
www.shm2idjl.com
3    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
portal.shedrx.com
1    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
2    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    57.144.144.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin11.fbcdn.net
connect.facebook.net
1    13.35.210.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-210-108.sin2.r.cloudfront.net
mfmcdn.com
2    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    74.125.130.139 (None, )

ASN- ()
analytics.google.com
1    142.251.12.156 (None, )

ASN- ()
stats.g.doubleclick.net
1    142.251.175.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f157.1e100.net
td.doubleclick.net
1    172.217.194.94 (None, )

ASN- ()
www.google.com.sg
Apex Domain
Subdomains		 Transfer
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net Failed
1 KB
3 shedrx.com
portal.shedrx.com — Cisco Umbrella Rank: 324733
103 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 147
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
324 KB
3 abenity.com
discounts.abenity.com — Cisco Umbrella Rank: 351332
api.abenity.com — Cisco Umbrella Rank: 920405
26 KB
2 reddit.com
pixel-config.reddit.com Failed
alb.reddit.com — Cisco Umbrella Rank: 1330
712 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1063
13 KB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 245
966 B
1 mfmcdn.com
mfmcdn.com
2 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
58 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
1 shm2idjl.com
www.shm2idjl.com — Cisco Umbrella Rank: 775271
574 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 592
33 KB
1 google.com.sg
www.google.com.sg Failed
408 B
1 cloudfront.net
d300tb5wusuhi2.cloudfront.net
4 KB
1 amazonaws.com
abenity.s3.amazonaws.com — Cisco Umbrella Rank: 329296
6 KB
1 employeeperks.com
motus.employeeperks.com
16 KB
0 rmbl.ws Failed
a.ads.rmbl.ws Failed
0 upfluence.co Failed
tracking.upfluence.co Failed
0 tiktok.com Failed
analytics.tiktok.com Failed
0 ads-twitter.com Failed
static.ads-twitter.com Failed
41 21
Domain Requested by
3 portal.shedrx.com discounts.abenity.com
portal.shedrx.com
3 analytics.google.com discounts.abenity.com
www.googletagmanager.com
3 www.googletagmanager.com discounts.abenity.com
portal.shedrx.com
www.googletagmanager.com
2 alb.reddit.com portal.shedrx.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 bam.nr-data.net discounts.abenity.com
2 td.doubleclick.net discounts.abenity.com
www.googletagmanager.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 discounts.abenity.com
1 mfmcdn.com discounts.abenity.com
1 connect.facebook.net discounts.abenity.com
connect.facebook.net
1 fonts.googleapis.com portal.shedrx.com
1 www.shm2idjl.com 1 redirects mfmcdn.com
1 js-agent.newrelic.com discounts.abenity.com
1 www.google.com.sg discounts.abenity.com
portal.shedrx.com
1 api.abenity.com discounts.abenity.com
1 d300tb5wusuhi2.cloudfront.net discounts.abenity.com
1 abenity.s3.amazonaws.com discounts.abenity.com
1 motus.employeeperks.com 1 redirects
0 googleads.g.doubleclick.net Failed www.googletagmanager.com
0 pixel-config.reddit.com Failed www.redditstatic.com
0 a.ads.rmbl.ws Failed www.googletagmanager.com
0 tracking.upfluence.co Failed www.googletagmanager.com
0 analytics.tiktok.com Failed discounts.abenity.com
0 static.ads-twitter.com Failed www.googletagmanager.com
41 25

This site contains no links.

Subject Issuer Validity Valid
abenity.com
Amazon RSA 2048 M03		 2024-07-21 -
2025-08-20		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-03-21 -
2025-04-22		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-12 -
2025-08-12		 a year crt.sh
affiliate.shedrx.com
WR3		 2024-10-18 -
2025-01-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-07 -
2024-11-05		 3 months crt.sh
mfmcdn.com
Amazon RSA 2048 M03		 2024-01-06 -
2025-02-03		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
*.google.com.sg
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Frame ID: FDD52018DCF5FF4FC1E8757238374938
Requests: 37 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-1WVM14E1KX&gacid=77312692.1730166894&gtm=45je4ao0v898659171za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101925629&z=1898068650
Frame ID: B6AD3AD1EBDA9B1311775E370FDCFF26
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-48VEXHF084&gacid=1187377842.1730166899&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101925629&z=2114873880
Frame ID: 3920B10CEDC2E47565D2202655794292
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11094978572?random=1730166899121&cv=11&fst=1730166899121&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Fsignup%3Fpromo%3Dshed20%26medPromo%3Dshed20%26apptPromo%3Dappt50%26partner%3Dabenity%26_ef_transaction_id%3Dff6c620b760c44e4aac66ff1b65fcce2%26oid%3D4%26affid%3D24%26utm_medium%3Daffiliate%26utm_source%3Deverflow%26utm_campaign%3D24%26utm_content%3D4&ref=https%3A%2F%2Fdiscounts.abenity.com%2F&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=9540244.1730166899&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 3B6B61C1D59F420D4093CC16457A2878
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fportal.shedrx.com
Frame ID: CD4348CDD2D0ACA44DDF1E4DD08F55CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ShedRx

Page URL History Show full URLs

  1. https://motus.employeeperks.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-... HTTP 302
    https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-... Page URL
  2. https://www.shm2idjl.com/23H7P9/6JHXF/?uid=20&partner=abenity HTTP 302
    https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_tra... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

71 %
HTTPS

0 %
IPv6

21
Domains

25
Subdomains

20
IPs

2
Countries

575 kB
Transfer

1846 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://motus.employeeperks.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email HTTP 302
    https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email Page URL
  2. https://www.shm2idjl.com/23H7P9/6JHXF/?uid=20&partner=abenity HTTP 302
    https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://motus.employeeperks.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email HTTP 302
  • https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
1214:30
discounts.abenity.com/discounts/offer/
Redirect Chain
  • https://motus.employeeperks.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
  • https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
63 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad681d651183c721d.awsglobalaccelerator.com
Software
/
Resource Hash
0764798da42dff39757ab8c7e4f31bf8ea31f0b4348e6552a8d41900d15acac9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://d1ndk4dae278fu.cloudfront.net https://analytics.google.com https://api.braintreegateway.com https://bam.nr-data.net https://bam-cell.nr-data.net https://client-analytics.braintreegateway.com https://cloud.typography.com https://distillery.wistia.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://fast.wistia.net https://fg8vvsvnieiv3ej16jby.litix.io https://payments.braintree-api.com https://pipedream.wistia.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://stats.g.doubleclick.net https://www.paypal.com https://www.google-analytics.com https://www.googletagmanager.com; font-src 'self' https://d1ndk4dae278fu.cloudfront.net https://fast.wistia.com https://fonts.gstatic.com https://use.fontawesome.com data:; form-action https:; frame-ancestors 'self' https://tnfarmbureau.org https://www.gfb.org; frame-src 'self' https://abenity.pages.ontraport.net https://abenityinc.freshdesk.com https://assets.braintreegateway.com https://benefitsportal.fb.org https://booking.abenity.com https://booking.accessdevelopment.com https://booking.adcrws.com https://checkout.paypal.com https://d4ifbtvdrisrb.cloudfront.net https://www.google.com https://www.googletagmanager.com https://m.movies.abenity.com https://memberweb.com https://movies.abenity.com https://redeem.adcrws.com https://static.accessdevelopment.com https://td.doubleclick.net https://www.paypal.com https://www.youtube.com https://res.adcrws.com https://secure.unitednetworksofamerica.com https://www.mylearningcaregroup.com https://www.disneytravelcenter.com; img-src 'self' https://d1ndk4dae278fu.cloudfront.net https://abenity.s3.amazonaws.com https://discounts.abenity.com https://abenity.s3.amazonaws.com https://abenity.s3.us-east-1.amazonaws.com https://analytics.google.com https://assets.abenity.com https://bam-cell.nr-data.net https://bam.nr-data.net https://booking.accessdevelopment.com https://cdn1.valpak.com https://chart.apis.google.com https://d300tb5wusuhi2.cloudfront.net https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://www.googletagmanager.com https://img.youtube.com https://i.ytimg.com https://mainsite-prod-cdn.azureedge.net https://rdc.rdcimage.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://sealserver.trustkeeper.net https://static.accessdevelopment.com https://stats.g.doubleclick.net https://t.paypal.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.movienewsletters.net https://www.paypal.com https://www.valpak.com https://www.youtube.com https://d1ndk4dae278fu.cloudfront.net data:; manifest-src 'self'; media-src 'self' https://d1ndk4dae278fu.cloudfront.net http://media.westworldmedia.com https://abenity.s3.amazonaws.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://fast.wistia.com https://fast.wistia.net https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net blob:; script-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://apis.google.com https://app.wistia.com https://bam.nr-data.net https://bam-cell.nr-data.net https://d300tb5wusuhi2.cloudfront.net https://fast.wistia.com https://js-agent.newrelic.com https://js.braintreegateway.com https://s3.amazonaws.com/assets.freshdesk.com/ https://sealserver.trustkeeper.net https://ssl.google-analytics.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.paypal.com https://www.paypalobjects.com blob:; style-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://assets.braintreegateway.com https://cloud.typography.com https://d300tb5wusuhi2.cloudfront.net https://fonts.googleapis.com https://s3.amazonaws.com/assets.freshdesk.com/ https://secure.unitednetworksofamerica.com; report-uri https://api.abenity.com/public/csp-logger.json;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-length
22566
content-security-policy
default-src 'self'; connect-src 'self' https://d1ndk4dae278fu.cloudfront.net https://analytics.google.com https://api.braintreegateway.com https://bam.nr-data.net https://bam-cell.nr-data.net https://client-analytics.braintreegateway.com https://cloud.typography.com https://distillery.wistia.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://fast.wistia.net https://fg8vvsvnieiv3ej16jby.litix.io https://payments.braintree-api.com https://pipedream.wistia.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://stats.g.doubleclick.net https://www.paypal.com https://www.google-analytics.com https://www.googletagmanager.com; font-src 'self' https://d1ndk4dae278fu.cloudfront.net https://fast.wistia.com https://fonts.gstatic.com https://use.fontawesome.com data:; form-action https:; frame-ancestors 'self' https://tnfarmbureau.org https://www.gfb.org; frame-src 'self' https://abenity.pages.ontraport.net https://abenityinc.freshdesk.com https://assets.braintreegateway.com https://benefitsportal.fb.org https://booking.abenity.com https://booking.accessdevelopment.com https://booking.adcrws.com https://checkout.paypal.com https://d4ifbtvdrisrb.cloudfront.net https://www.google.com https://www.googletagmanager.com https://m.movies.abenity.com https://memberweb.com https://movies.abenity.com https://redeem.adcrws.com https://static.accessdevelopment.com https://td.doubleclick.net https://www.paypal.com https://www.youtube.com https://res.adcrws.com https://secure.unitednetworksofamerica.com https://www.mylearningcaregroup.com https://www.disneytravelcenter.com; img-src 'self' https://d1ndk4dae278fu.cloudfront.net https://abenity.s3.amazonaws.com https://discounts.abenity.com https://abenity.s3.amazonaws.com https://abenity.s3.us-east-1.amazonaws.com https://analytics.google.com https://assets.abenity.com https://bam-cell.nr-data.net https://bam.nr-data.net https://booking.accessdevelopment.com https://cdn1.valpak.com https://chart.apis.google.com https://d300tb5wusuhi2.cloudfront.net https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://www.googletagmanager.com https://img.youtube.com https://i.ytimg.com https://mainsite-prod-cdn.azureedge.net https://rdc.rdcimage.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://sealserver.trustkeeper.net https://static.accessdevelopment.com https://stats.g.doubleclick.net https://t.paypal.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.movienewsletters.net https://www.paypal.com https://www.valpak.com https://www.youtube.com https://d1ndk4dae278fu.cloudfront.net data:; manifest-src 'self'; media-src 'self' https://d1ndk4dae278fu.cloudfront.net http://media.westworldmedia.com https://abenity.s3.amazonaws.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://fast.wistia.com https://fast.wistia.net https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net blob:; script-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://apis.google.com https://app.wistia.com https://bam.nr-data.net https://bam-cell.nr-data.net https://d300tb5wusuhi2.cloudfront.net https://fast.wistia.com https://js-agent.newrelic.com https://js.braintreegateway.com https://s3.amazonaws.com/assets.freshdesk.com/ https://sealserver.trustkeeper.net https://ssl.google-analytics.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.paypal.com https://www.paypalobjects.com blob:; style-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://assets.braintreegateway.com https://cloud.typography.com https://d300tb5wusuhi2.cloudfront.net https://fonts.googleapis.com https://s3.amazonaws.com/assets.freshdesk.com/ https://secure.unitednetworksofamerica.com; report-uri https://api.abenity.com/public/csp-logger.json;
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 01:54:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-security-policy
default-src 'self'; connect-src 'self' https://d1ndk4dae278fu.cloudfront.net https://analytics.google.com https://api.braintreegateway.com https://bam.nr-data.net https://bam-cell.nr-data.net https://client-analytics.braintreegateway.com https://cloud.typography.com https://distillery.wistia.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://fast.wistia.net https://fg8vvsvnieiv3ej16jby.litix.io https://payments.braintree-api.com https://pipedream.wistia.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://stats.g.doubleclick.net https://www.paypal.com https://www.google-analytics.com https://www.googletagmanager.com; font-src 'self' https://d1ndk4dae278fu.cloudfront.net https://fast.wistia.com https://fonts.gstatic.com https://use.fontawesome.com data:; form-action https:; frame-ancestors 'self' https://tnfarmbureau.org https://www.gfb.org; frame-src 'self' https://abenity.pages.ontraport.net https://abenityinc.freshdesk.com https://assets.braintreegateway.com https://benefitsportal.fb.org https://booking.abenity.com https://booking.accessdevelopment.com https://booking.adcrws.com https://checkout.paypal.com https://d4ifbtvdrisrb.cloudfront.net https://www.google.com https://www.googletagmanager.com https://m.movies.abenity.com https://memberweb.com https://movies.abenity.com https://redeem.adcrws.com https://static.accessdevelopment.com https://td.doubleclick.net https://www.paypal.com https://www.youtube.com https://res.adcrws.com https://secure.unitednetworksofamerica.com https://www.mylearningcaregroup.com https://www.disneytravelcenter.com; img-src 'self' https://d1ndk4dae278fu.cloudfront.net https://abenity.s3.amazonaws.com https://discounts.abenity.com https://abenity.s3.amazonaws.com https://abenity.s3.us-east-1.amazonaws.com https://analytics.google.com https://assets.abenity.com https://bam-cell.nr-data.net https://bam.nr-data.net https://booking.accessdevelopment.com https://cdn1.valpak.com https://chart.apis.google.com https://d300tb5wusuhi2.cloudfront.net https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://www.googletagmanager.com https://img.youtube.com https://i.ytimg.com https://mainsite-prod-cdn.azureedge.net https://rdc.rdcimage.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://sealserver.trustkeeper.net https://static.accessdevelopment.com https://stats.g.doubleclick.net https://t.paypal.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.movienewsletters.net https://www.paypal.com https://www.valpak.com https://www.youtube.com https://d1ndk4dae278fu.cloudfront.net data:; manifest-src 'self'; media-src 'self' https://d1ndk4dae278fu.cloudfront.net http://media.westworldmedia.com https://abenity.s3.amazonaws.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://fast.wistia.com https://fast.wistia.net https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net blob:; script-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://apis.google.com https://app.wistia.com https://bam.nr-data.net https://bam-cell.nr-data.net https://d300tb5wusuhi2.cloudfront.net https://fast.wistia.com https://js-agent.newrelic.com https://js.braintreegateway.com https://s3.amazonaws.com/assets.freshdesk.com/ https://sealserver.trustkeeper.net https://ssl.google-analytics.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.paypal.com https://www.paypalobjects.com blob:; style-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://assets.braintreegateway.com https://cloud.typography.com https://d300tb5wusuhi2.cloudfront.net https://fonts.googleapis.com https://s3.amazonaws.com/assets.freshdesk.com/ https://secure.unitednetworksofamerica.com; report-uri https://api.abenity.com/public/csp-logger.json;
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 01:54:53 GMT
location
https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
referrer-policy
strict-origin-when-cross-origin
server
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		358 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1WVM14E1KX
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
ecb5fe031888d5b4008506205f7720e270321639cfbf52035f665dd752048291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://discounts.abenity.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 01:54:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
115184
x-xss-protection
0
server
Google Tag Manager
1110_Motus.fed97b9d81a09a4d2538.png
abenity.s3.amazonaws.com/program/1110/dp/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abenity.s3.amazonaws.com/program/1110/dp/images/1110_Motus.fed97b9d81a09a4d2538.png
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.204.179 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
4bf7d2afab429627d8bf8f66e59def365c5dd6c37f10dab15ccf2619aed920ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://discounts.abenity.com/

Response headers

x-amz-id-2
fQTS31i8a8xXS3saF3bPe6tCkfHTMvdPJD0PTPi7FurTCBcsD/YFwqQrK30tSV8zrqHKS4198e4=
ETag
"54f935dc58e59468c26a62c687e3fd79"
x-amz-version-id
gv5wmsFgVxepL47nSXeIO0Q.4CiajXZc
x-amz-request-id
T2EZM3JW4ADT1CK1
Accept-Ranges
bytes
Content-Length
5764
Date
Tue, 29 Oct 2024 01:54:55 GMT
Last-Modified
Tue, 03 Sep 2024 15:38:19 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
75177290_shedrx.png
d300tb5wusuhi2.cloudfront.net/vendor/assets/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d300tb5wusuhi2.cloudfront.net/vendor/assets/logos/75177290_shedrx.png
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.165.84.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-84-52.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
636dbb4aa9e4382edbbff27fcc93377958e9fdd3f5be9c9e77616141f1d104c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://discounts.abenity.com/

Response headers

x-amz-version-id
OOrsYzmPLFG9pv8c5cXlo4a5pljm8Fag
ETag
"2a876848f40522fa7b0a15104bd5c7f0"
Connection
keep-alive
Via
1.1 2b02de48585f486d7a41b12f1f5d9150.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Miss from cloudfront
Content-Length
3987
X-Amz-Cf-Id
sIDNj_q9_OrIKOq2HNBaa_7vtOcp-21EoxT3PrevUGwJLvntk0--4w==
Date
Tue, 29 Oct 2024 01:54:55 GMT
Content-Type
image/png
Last-Modified
Fri, 19 Jul 2024 00:55:12 GMT
Server
AmazonS3
X-Amz-Cf-Pop
SIN2-P5
x-amz-server-side-encryption
AES256
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-1WVM14E1KX&gtm=45je4ao0v898659171za200&_p=1730166894192&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=77312692.1730166894&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730166894&sct=1&seg=0&dl=https%3A%2F%2Fdiscounts.abenity.com%2Fdiscounts%2Foffer%2F1214%3A30%3Fdisplay%3Dredirect%26utm_campaign%3Dsptlt-202410-semi-xcl-campaign-2_1246_3337_195666%26utm_source%3Dsptlt-202410-semi-xcl-campaign-2%26utm_medium%3Demail&dt=Enjoy%20your%20savings%20at%20ShedRX%2C%20provided%20by%20Motus&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1675
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f113.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://discounts.abenity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://discounts.abenity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:54 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
549 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1WVM14E1KX&cid=77312692.1730166894&gtm=45je4ao0v898659171za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1WVM14E1KX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://discounts.abenity.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://discounts.abenity.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:54 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame B6AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-1WVM14E1KX&gacid=77312692.1730166894&gtm=45je4ao0v898659171za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101925629&z=1898068650
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.156 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://discounts.abenity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 01:54:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csp-logger.json
api.abenity.com/public/ 		0
316 B 		Other
General
Check archive.org
Download Go to
Full URL
https://api.abenity.com/public/csp-logger.json
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad681d651183c721d.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://discounts.abenity.com/

Response headers

cache-control
no-cache, private
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://discounts.abenity.com
date
Tue, 29 Oct 2024 01:54:55 GMT
x-xss-protection
1; mode=block
server
x-frame-options
DENY
ga-audiences
www.google.com.sg/ads/ 		0
0
nr-spa-1.269.0.min.js
js-agent.newrelic.com/ 		113 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1.269.0.min.js
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
612d5a6b58f15d1f9fba7fcc227b432fe9e5575998208fa13010c4b94c410c35
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://discounts.abenity.com
Referer
https://discounts.abenity.com/

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"a5da0d8701df2c5c42900dd4d2ea33c9"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
33446
date
Tue, 29 Oct 2024 01:54:55 GMT
last-modified
Wed, 16 Oct 2024 16:42:42 GMT
content-type
application/javascript
x-served-by
cache-qpg1258-QPG
x-cache-hits
5940
vary
Accept-Encoding
favicon.ico
discounts.abenity.com/ 		0
138 B 		Other
General
Check archive.org
Download Go to
Full URL
https://discounts.abenity.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad681d651183c721d.awsglobalaccelerator.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email

Response headers

accept-ranges
bytes
content-length
0
date
Tue, 29 Oct 2024 01:54:55 GMT
etag
"0-625510fa03440"
content-type
image/vnd.microsoft.icon
last-modified
Fri, 25 Oct 2024 18:12:25 GMT
server
Apache
NRJS-6ccf32d55f4c069f83b
bam.nr-data.net/1/ 		180 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-6ccf32d55f4c069f83b?a=941894785&v=1.269.0&to=ZVIBZkRWWERWABBQClwYIlFCXllZGCIUSTl6QxdCanRZWUMRC1UJV0UQbnlRUFJFIAtXEUBYD15TRXZEXwwTdgNUUhFiV1BT&rst=2523&ck=0&s=4b1f974043c41663&ref=https://discounts.abenity.com/discounts/offer/1214:30&ptid=ff089672667f3cf8&af=err,spa,xhr,stn,ins&ap=103&be=1510&fe=971&dc=57&at=SRUCEAxMS0o%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1730166892628,%22n%22:0,%22f%22:761,%22dn%22:762,%22dne%22:770,%22c%22:770,%22s%22:772,%22ce%22:1190,%22rq%22:1190,%22rp%22:1510,%22rpe%22:1516,%22di%22:1567,%22ds%22:1567,%22de%22:1567,%22dc%22:2479,%22l%22:2479,%22le%22:2481%7D,%22navigation%22:%7B%7D%7D&fp=1597&fcp=1597
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
182b1cf0500c80c33515d18e6f0a60e942f11a36a82747c9f77e62d1d42600eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://discounts.abenity.com/

Response headers

access-control-expose-headers
Date
timing-allow-origin
https://discounts.abenity.com
cross-origin-resource-policy
cross-origin
Connection
close
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://discounts.abenity.com
Content-Length
180
date
Tue, 29 Oct 2024 01:54:56 GMT
content-type
text/plain
x-served-by
cache-qpg1226-QPG
NRJS-6ccf32d55f4c069f83b
bam.nr-data.net/events/1/ 		24 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-6ccf32d55f4c069f83b?a=941894785&v=1.269.0&to=ZVIBZkRWWERWABBQClwYIlFCXllZGCIUSTl6QxdCanRZWUMRC1UJV0UQbnlRUFJFIAtXEUBYD15TRXZEXwwTdgNUUhFiV1BT&rst=3664&ck=0&s=4b1f974043c41663&ref=https://discounts.abenity.com/discounts/offer/1214:30&ptid=ff089672667f3cf8
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://discounts.abenity.com/

Response headers

Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-origin
https://discounts.abenity.com
Content-Length
24
date
Tue, 29 Oct 2024 01:54:56 GMT
content-type
image/gif
x-served-by
cache-qpg1220-QPG
Primary Request signup
portal.shedrx.com/
Redirect Chain
  • https://www.shm2idjl.com/23H7P9/6JHXF/?uid=20&partner=abenity
  • https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=eve...
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2616d170e1cd0afa35867fb03a5d615337f399dfc3f9994a4fb45fa65c0419e2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://discounts.abenity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
993
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 01:54:58 GMT
etag
"eb3623404a425abbf69a9ff79ee42408697b0e151edf0b8011c8bb7f65c06c6b-br"
last-modified
Mon, 28 Oct 2024 16:00:56 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qpg1270-QPG
x-timer
S1730166899.550113,VS0,VE256

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 01:54:58 GMT
location
https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
ee63eca2-f02b-4c44-a29f-ecbac549a8c6
css2
fonts.googleapis.com/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
38f7774596cd15ebd026074cde2dd12d98a81af30a70aecec689e9899efef0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 01:54:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:58 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 29 Oct 2024 00:57:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-montserrat.js
portal.shedrx.com/ 		257 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/font-montserrat.js
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6dcc229220c6fd335437bf541992d780989252e5d712bb07aa4fdd7949e3b13
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://portal.shedrx.com
Referer
https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4

Response headers

content-encoding
br
etag
"238d2e40f09d3103ef1deb20ce7ca6b80645482fdc808155a6bdac114c2578e2-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 29 Oct 2024 01:54:59 GMT
content-type
text/javascript; charset=utf-8
last-modified
Mon, 28 Oct 2024 16:00:56 GMT
x-served-by
cache-qpg1270-QPG
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
strict-transport-security
max-age=31556926
content-security-policy
frame-ancestors 'self';
cache-control
max-age=3600
x-timer
S1730166899.852910,VS0,VE175
accept-ranges
bytes
content-length
91946
index-ad63801c.js
portal.shedrx.com/assets/ 		0
0
index-6240a469.css
portal.shedrx.com/assets/ 		80 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/assets/index-6240a469.css
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6240a4697f20b17f73177adf1bddf8383ea33831f96dac5fefe5e21bcff5f22a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4

Response headers

content-encoding
br
etag
"30eace38e261cc83825d35c3084ac98b0c97e06a8eda149f58a8caca81f2c7dc-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Tue, 29 Oct 2024 01:54:58 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 28 Oct 2024 16:00:56 GMT
x-served-by
cache-qpg1270-QPG
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
strict-transport-security
max-age=31556926
content-security-policy
frame-ancestors 'self';
cache-control
max-age=3600
x-timer
S1730166899.852687,VS0,VE123
accept-ranges
bytes
content-length
11551
gtm.js
www.googletagmanager.com/ 		270 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c4c1385a3fa8fec5bdab673cfc3c57908777f54dce69ee5b2bf265ffde344e15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 29 Oct 2024 01:54:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 29 Oct 2024 00:43:33 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
88890
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		377 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
afbe5e95ba7b672f24accb4aa97b50687d2140f0b50b5931f1caa8faab9bed2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 01:54:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
126284
x-xss-protection
0
server
Google Tag Manager
uwt.js
static.ads-twitter.com/ 		0
0
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12126
date
Tue, 29 Oct 2024 01:54:58 GMT
last-modified
Tue, 15 Oct 2024 19:34:59 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		229 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.144.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sin11.fbcdn.net
Software
/
Resource Hash
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-KZCoxTQb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 01:54:58 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-KZCoxTQb' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4449, tp=9, tpl=0, uplat=2, ullat=-1
pragma
public
x-fb-debug
lbk0ttN89VhYnik/tgxwy/e5EICouq1G7ZmTsvgSGu0HLxQJsbbJvlxGqqKeIwo4apgSlgjs1lh0zifZLESV3A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
content-length
59722
x-xss-protection
0
origin-agent-cluster
?1
events.js
analytics.tiktok.com/i18n/pixel/ 		0
0
intels.js
mfmcdn.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mfmcdn.com/intels.js
Requested by
Host: discounts.abenity.com
URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.210.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-210-108.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cd4299871851c28d7786adddb7ae073e98362f62e2e892bb84c709b1528ea4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
etag
W/"22ebe31a9327cf72d4b6e836fb238e91"
age
84869
via
1.1 2a2608b09cfd44dc2e2694246d1d9cee.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Ill774iZeI7mT5x8gXZ9zWVy1RxGuUVkrLsbrlp8nGMYmGCjTer9bQ==
date
Mon, 28 Oct 2024 02:20:31 GMT
content-type
text/javascript
last-modified
Wed, 14 Aug 2024 00:12:35 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P7
vary
Accept-Encoding
init-0f733be6-2cd1-4894-b6c8-81f53d65f379.js
tracking.upfluence.co/js/v1/ 		0
0
ratag
a.ads.rmbl.ws/ 		0
0
config
pixel-config.reddit.com/pixels/a2_e8osqm9zpc0m/ 		0
0
a2_e8osqm9zpc0m_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_e8osqm9zpc0m_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Tue, 29 Oct 2024 01:54:59 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1730166899007&id=a2_e8osqm9zpc0m&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=39a953f0-e6f7-4023-8fec-d9db2e6e00da&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Tue, 29 Oct 2024 01:54:59 GMT
content-type
image/gif
server
Varnish
rp.gif
alb.reddit.com/ 		42 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1730166899009&id=a2_e8osqm9zpc0m&event=ViewContent&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=39a953f0-e6f7-4023-8fec-d9db2e6e00da&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Tue, 29 Oct 2024 01:54:59 GMT
content-type
image/gif
server
Varnish
1356287765275427
connect.facebook.net/signals/config/ 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-48VEXHF084&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&_p=1730166898886&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=1187377842.1730166899&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1730166899&sct=1&seg=0&dl=https%3A%2F%2Fportal.shedrx.com%2Fsignup%3Fpromo%3Dshed20%26medPromo%3Dshed20%26apptPromo%3Dappt50%26partner%3Dabenity%26_ef_transaction_id%3Dff6c620b760c44e4aac66ff1b65fcce2%26oid%3D4%26affid%3D24%26utm_medium%3Daffiliate%26utm_source%3Deverflow%26utm_campaign%3D24%26utm_content%3D4&dr=https%3A%2F%2Fdiscounts.abenity.com%2F&dt=ShedRx&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true&tfd=888
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.139 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.shedrx.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:59 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-48VEXHF084&cid=1187377842.1730166899&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.156 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.shedrx.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:59 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 3920 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-48VEXHF084&gacid=1187377842.1730166899&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101823848~101925629&z=2114873880
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.175.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sh-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.shedrx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Oct 2024 01:54:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11094978572/ 		0
0
11094978572
td.doubleclick.net/td/rul/ Frame 3B6B 		0
0
ga-audiences
www.google.com.sg/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-48VEXHF084&cid=1187377842.1730166899&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101925629&tag_exp=101533421~101823848~101925629&z=885566581
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/signup?promo=shed20&medPromo=shed20&apptPromo=appt50&partner=abenity&_ef_transaction_id=ff6c620b760c44e4aac66ff1b65fcce2&oid=4&affid=24&utm_medium=affiliate&utm_source=everflow&utm_campaign=24&utm_content=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 29 Oct 2024 01:54:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
everflow.js
www.shm2idjl.com/scripts/sdk/ 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-48VEXHF084&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&_p=1730166898886&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=1187377842.1730166899&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&sid=1730166899&sct=1&seg=0&dl=https%3A%2F%2Fportal.shedrx.com%2Fsignup%3Fpromo%3Dshed20%26medPromo%3Dshed20%26apptPromo%3Dappt50%26partner%3Dabenity%26_ef_transaction_id%3Dff6c620b760c44e4aac66ff1b65fcce2%26oid%3D4%26affid%3D24%26utm_medium%3Daffiliate%26utm_source%3Deverflow%26utm_campaign%3D24%26utm_content%3D4&dr=https%3A%2F%2Fdiscounts.abenity.com%2F&dt=ShedRx&en=Form%20Start&ep.debug_mode=true&_et=54&tfd=959
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.139 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.shedrx.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 01:54:59 GMT
content-type
text/plain
server
Golfe2
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame CD43 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com.sg
URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1WVM14E1KX&cid=77312692.1730166894&gtm=45je4ao0v898659171za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101925629&tag_exp=101533421~101823848~101925629&z=548677494
Domain
portal.shedrx.com
URL
https://portal.shedrx.com/assets/index-ad63801c.js
Domain
static.ads-twitter.com
URL
https://static.ads-twitter.com/uwt.js
Domain
analytics.tiktok.com
URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLANBRBC77U9VFIVOEA0&lib=ttq
Domain
tracking.upfluence.co
URL
https://tracking.upfluence.co/js/v1/init-0f733be6-2cd1-4894-b6c8-81f53d65f379.js
Domain
a.ads.rmbl.ws
URL
https://a.ads.rmbl.ws/ratag?id=AV-30009
Domain
pixel-config.reddit.com
URL
https://pixel-config.reddit.com/pixels/a2_e8osqm9zpc0m/config
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/1356287765275427?v=2.9.174&r=stable&domain=portal.shedrx.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094978572/?random=1730166899121&cv=11&fst=1730166899121&bg=ffffff&guid=ON&async=1&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Fsignup%3Fpromo%3Dshed20%26medPromo%3Dshed20%26apptPromo%3Dappt50%26partner%3Dabenity%26_ef_transaction_id%3Dff6c620b760c44e4aac66ff1b65fcce2%26oid%3D4%26affid%3D24%26utm_medium%3Daffiliate%26utm_source%3Deverflow%26utm_campaign%3D24%26utm_content%3D4&ref=https%3A%2F%2Fdiscounts.abenity.com%2F&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=9540244.1730166899&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Domain
td.doubleclick.net
URL
https://td.doubleclick.net/td/rul/11094978572?random=1730166899121&cv=11&fst=1730166899121&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4ao0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101925629&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Fsignup%3Fpromo%3Dshed20%26medPromo%3Dshed20%26apptPromo%3Dappt50%26partner%3Dabenity%26_ef_transaction_id%3Dff6c620b760c44e4aac66ff1b65fcce2%26oid%3D4%26affid%3D24%26utm_medium%3Daffiliate%26utm_source%3Deverflow%26utm_campaign%3D24%26utm_content%3D4&ref=https%3A%2F%2Fdiscounts.abenity.com%2F&_dbg=true&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=9540244.1730166899&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Domain
www.shm2idjl.com
URL
https://www.shm2idjl.com/scripts/sdk/everflow.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fportal.shedrx.com

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer object| google_tag_manager object| google_tag_data function| twq function| rdt function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| getQueryParam string| efTransactionId function| redditNormalizeEmail function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO object| intels string| domain_str string| FONT_MONTSERRAT

13 Cookies

Domain/Path Name / Value
motus.employeeperks.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlNKdTJYSGc5RktjSFlzdFkrL01OZ2c9PSIsInZhbHVlIjoiZFNiVTdqazhrTERPbzE5T0xSQ0U4S0tFTHhBbGhpZDk1NTRMWUJUbHFFSGNNTXNucTJnUXZjT0R3emk1NDBuTEJGamdKUFp6dmlvcElCbW15TUwyZjRVTWxxMjBwWXE0TzBGNXo1L3Radnpta3hBL0hUQmgzeWJ5T0xoYkw2d1QiLCJtYWMiOiJjNDljYzNhMmRlZGViYzgwMjQ1YTk3MDU3YmYxYmRjYjFmNjFkMjAzMmM3MDgyZjJlZmQ3Zjg5Y2EwY2E3NGUwIiwidGFnIjoiIn0%3D
motus.employeeperks.com/ Name: perks_discounts_session
Value: eyJpdiI6IkZiUk53eEJ0K2hibTV3clJ1Z25EVHc9PSIsInZhbHVlIjoidUNCckh6bit5RlVkcWNON004U0dVTU5VVFJsQWhDWWVJN3NteDN1S3ZxdCtVazV3eU9uUGxLTW8yNi9vY1JXMERjczVkWjZaeFcxYlZvVXJCdTA2b1MzT1hSOHZ4NzRqbDhQTnppS1RhZGt6S0tRc2ZsK2V4Y0lCLysyV1lsYWYiLCJtYWMiOiIzYjljZTViZDQ3OTYxYzViY2NkNTM2YjFkMDNjZmUyMTk4NGNmNmJkYjc4OTdkZDNlMTc1NTNmNDliNWFhYjlhIiwidGFnIjoiIn0%3D
discounts.abenity.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImQrYTRNTjkyTDd5Q3FyZERJc0Z1ZXc9PSIsInZhbHVlIjoiOWg0UWRKU0pyQlB6RzVVN2V5cW82ZTN6Tk5DcDlQcmFpeS9tKzZWWGZaOHVqaklZb0hWMjBTZHcrR3FHQ3JaSnJrU0I5RFBnbDliclM3TDVSbjRDTExoUHByaThZcHcyU3N2N3ZHZjA0SkdrRFg1WnhpWWdlZ2dkcVF3L2J6SGkiLCJtYWMiOiIzOTRmYTcxYzcxODhlZjgxOGU2MzQzNDIyYTBmMjg1NGQyNjdiMGJmMDcwZWVjY2EyYzQxNmQ1NmJjOWE5ODE2IiwidGFnIjoiIn0%3D
discounts.abenity.com/ Name: perks_discounts_session
Value: eyJpdiI6InJ3UXBrK0ZDK1JBbVpmSWlkZUZ0REE9PSIsInZhbHVlIjoiM0RPMURmcUx6b3NRRm1XYjUvSys5MGtrd25aQ1dkV0tET0ZiSnNBUWF3ejFEaTNtd2NheXdOYm4yQnFQdE5Vd2NjcS8vcTd6eDNjTmJMSDh1azRkZnFmeXFOK05LNEszKzNkZFloTy9tdkx4QmJpd0JOYVlrVm1PUk1DTlVKYVkiLCJtYWMiOiI4YTgzYTBmNjYzYzNmNjE0NmM4N2I1M2ExMDViN2E1ZDE0MWIzMmY5ZDk5YjM4NjU5YzMwOTFhMTQxMTg5NTViIiwidGFnIjoiIn0%3D
.abenity.com/ Name: _ga
Value: GA1.1.77312692.1730166894
www.shm2idjl.com/ Name: uniqueClick_6JHXF
Value: 5c621982-257b-4005-8ab9-d25d8bf5ba39:1730166898
www.shm2idjl.com/ Name: transaction_id
Value: ff6c620b760c44e4aac66ff1b65fcce2
.abenity.com/ Name: _ga_1WVM14E1KX
Value: GS1.1.1730166894.1.0.1730166898.56.0.0
.shedrx.com/ Name: _rdt_uuid
Value: 1730166899003.39a953f0-e6f7-4023-8fec-d9db2e6e00da
.shedrx.com/ Name: _ga
Value: GA1.1.1187377842.1730166899
.shedrx.com/ Name: _gcl_au
Value: 1.1.9540244.1730166899
.doubleclick.net/ Name: IDE
Value: AHWqTUkmdpv05kc6ccc4uixE6zbXzgwF8iz_xywfls3SrquIkR2FRFPWdpA_3HMj
.shedrx.com/ Name: _ga_48VEXHF084
Value: deleted

1 Console Messages

Source Level URL
Text
security error URL: https://discounts.abenity.com/discounts/offer/1214:30?display=redirect&utm_campaign=sptlt-202410-semi-xcl-campaign-2_1246_3337_195666&utm_source=sptlt-202410-semi-xcl-campaign-2&utm_medium=email
Message:
Refused to load the image 'https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1WVM14E1KX&cid=77312692.1730166894&gtm=45je4ao0v898659171za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101533421~101823848~101925629&tag_exp=101533421~101823848~101925629&z=548677494' because it violates the following Content Security Policy directive: "img-src 'self' https://d1ndk4dae278fu.cloudfront.net https://abenity.s3.amazonaws.com https://discounts.abenity.com https://abenity.s3.amazonaws.com https://abenity.s3.us-east-1.amazonaws.com https://analytics.google.com https://assets.abenity.com https://bam-cell.nr-data.net https://bam.nr-data.net https://booking.accessdevelopment.com https://cdn1.valpak.com https://chart.apis.google.com https://d300tb5wusuhi2.cloudfront.net https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://www.googletagmanager.com https://img.youtube.com https://i.ytimg.com https://mainsite-prod-cdn.azureedge.net https://rdc.rdcimage.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://sealserver.trustkeeper.net https://static.accessdevelopment.com https://stats.g.doubleclick.net https://t.paypal.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.movienewsletters.net https://www.paypal.com https://www.valpak.com https://www.youtube.com https://d1ndk4dae278fu.cloudfront.net data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://d1ndk4dae278fu.cloudfront.net https://analytics.google.com https://api.braintreegateway.com https://bam.nr-data.net https://bam-cell.nr-data.net https://client-analytics.braintreegateway.com https://cloud.typography.com https://distillery.wistia.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://fast.wistia.net https://fg8vvsvnieiv3ej16jby.litix.io https://payments.braintree-api.com https://pipedream.wistia.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://stats.g.doubleclick.net https://www.paypal.com https://www.google-analytics.com https://www.googletagmanager.com; font-src 'self' https://d1ndk4dae278fu.cloudfront.net https://fast.wistia.com https://fonts.gstatic.com https://use.fontawesome.com data:; form-action https:; frame-ancestors 'self' https://tnfarmbureau.org https://www.gfb.org; frame-src 'self' https://abenity.pages.ontraport.net https://abenityinc.freshdesk.com https://assets.braintreegateway.com https://benefitsportal.fb.org https://booking.abenity.com https://booking.accessdevelopment.com https://booking.adcrws.com https://checkout.paypal.com https://d4ifbtvdrisrb.cloudfront.net https://www.google.com https://www.googletagmanager.com https://m.movies.abenity.com https://memberweb.com https://movies.abenity.com https://redeem.adcrws.com https://static.accessdevelopment.com https://td.doubleclick.net https://www.paypal.com https://www.youtube.com https://res.adcrws.com https://secure.unitednetworksofamerica.com https://www.mylearningcaregroup.com https://www.disneytravelcenter.com; img-src 'self' https://d1ndk4dae278fu.cloudfront.net https://abenity.s3.amazonaws.com https://discounts.abenity.com https://abenity.s3.amazonaws.com https://abenity.s3.us-east-1.amazonaws.com https://analytics.google.com https://assets.abenity.com https://bam-cell.nr-data.net https://bam.nr-data.net https://booking.accessdevelopment.com https://cdn1.valpak.com https://chart.apis.google.com https://d300tb5wusuhi2.cloudfront.net https://embed-fastly.wistia.com https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net https://fast.wistia.com https://www.googletagmanager.com https://img.youtube.com https://i.ytimg.com https://mainsite-prod-cdn.azureedge.net https://rdc.rdcimage.com https://region1.analytics.google.com https://region1.google-analytics.com https://s3.amazonaws.com/abenity/ https://sealserver.trustkeeper.net https://static.accessdevelopment.com https://stats.g.doubleclick.net https://t.paypal.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.movienewsletters.net https://www.paypal.com https://www.valpak.com https://www.youtube.com https://d1ndk4dae278fu.cloudfront.net data:; manifest-src 'self'; media-src 'self' https://d1ndk4dae278fu.cloudfront.net http://media.westworldmedia.com https://abenity.s3.amazonaws.com https://embed-cloudfront.wistia.com https://embed-fastly.wistia.com https://fast.wistia.com https://fast.wistia.net https://embed-ssl.wistia.com https://embedwistia-a.akamaihd.net blob:; script-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://apis.google.com https://app.wistia.com https://bam.nr-data.net https://bam-cell.nr-data.net https://d300tb5wusuhi2.cloudfront.net https://fast.wistia.com https://js-agent.newrelic.com https://js.braintreegateway.com https://s3.amazonaws.com/assets.freshdesk.com/ https://sealserver.trustkeeper.net https://ssl.google-analytics.com https://www.google-analytics.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.paypal.com https://www.paypalobjects.com blob:; style-src 'self' 'unsafe-inline' https://d1ndk4dae278fu.cloudfront.net https://assets.braintreegateway.com https://cloud.typography.com https://d300tb5wusuhi2.cloudfront.net https://fonts.googleapis.com https://s3.amazonaws.com/assets.freshdesk.com/ https://secure.unitednetworksofamerica.com; report-uri https://api.abenity.com/public/csp-logger.json;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ads.rmbl.ws
abenity.s3.amazonaws.com
alb.reddit.com
analytics.google.com
analytics.tiktok.com
api.abenity.com
bam.nr-data.net
connect.facebook.net
d300tb5wusuhi2.cloudfront.net
discounts.abenity.com
fonts.googleapis.com
googleads.g.doubleclick.net
js-agent.newrelic.com
mfmcdn.com
motus.employeeperks.com
pixel-config.reddit.com
portal.shedrx.com
static.ads-twitter.com
stats.g.doubleclick.net
td.doubleclick.net
tracking.upfluence.co
www.google.com.sg
www.googletagmanager.com
www.redditstatic.com
www.shm2idjl.com
a.ads.rmbl.ws
analytics.tiktok.com
connect.facebook.net
googleads.g.doubleclick.net
pixel-config.reddit.com
portal.shedrx.com
static.ads-twitter.com
td.doubleclick.net
tracking.upfluence.co
www.google.com.sg
www.googletagmanager.com
www.shm2idjl.com
13.248.245.32
13.35.210.108
142.251.12.156
142.251.175.156
142.251.175.157
151.101.1.140
151.101.65.140
162.247.243.29
162.247.243.39
172.217.194.94
172.253.118.95
199.36.158.100
3.165.84.52
34.117.119.152
52.216.204.179
57.144.144.128
74.125.130.113
74.125.130.139
74.125.24.97
74.125.68.155
0764798da42dff39757ab8c7e4f31bf8ea31f0b4348e6552a8d41900d15acac9
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
182b1cf0500c80c33515d18e6f0a60e942f11a36a82747c9f77e62d1d42600eb
1cd4299871851c28d7786adddb7ae073e98362f62e2e892bb84c709b1528ea4a
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
2616d170e1cd0afa35867fb03a5d615337f399dfc3f9994a4fb45fa65c0419e2
38f7774596cd15ebd026074cde2dd12d98a81af30a70aecec689e9899efef0a6
4bf7d2afab429627d8bf8f66e59def365c5dd6c37f10dab15ccf2619aed920ae
612d5a6b58f15d1f9fba7fcc227b432fe9e5575998208fa13010c4b94c410c35
6240a4697f20b17f73177adf1bddf8383ea33831f96dac5fefe5e21bcff5f22a
636dbb4aa9e4382edbbff27fcc93377958e9fdd3f5be9c9e77616141f1d104c3
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
afbe5e95ba7b672f24accb4aa97b50687d2140f0b50b5931f1caa8faab9bed2c
c4c1385a3fa8fec5bdab673cfc3c57908777f54dce69ee5b2bf265ffde344e15
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb5fe031888d5b4008506205f7720e270321639cfbf52035f665dd752048291
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6dcc229220c6fd335437bf541992d780989252e5d712bb07aa4fdd7949e3b13