www.comparecards.com Open in urlscan Pro
104.19.179.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=41261&b=205687&c=111
Effective URL:
https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&...
Submission: On June 08 via api (June 8th 2022, 7:11:11 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 24 domains to perform 63 HTTP transactions. The main IP is 104.19.179.13, located in and belongs to CLOUDFLARENET, US. The main domain is www.comparecards.com. The Cisco Umbrella rank of the primary domain is 3255.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 23rd 2022. Valid for: a year.

This is the only time www.comparecards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
6	34.193.6.143 34.193.6.143	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	52.0.69.134 52.0.69.134	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:3c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.1.218 99.86.1.218	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:891::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2606:4700:20:... 2606:4700:20::681a:216	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6810:51a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	44.197.217.101 44.197.217.101	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	20.40.202.0 20.40.202.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	18.66.186.148 18.66.186.148	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:9200:11:b97d:c600:21	16509 (AMAZON-02) (AMAZON-02)
2 3	104.19.179.13 104.19.179.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.19.147.29 104.19.147.29	() ()
63	29

1 74.214.203.11 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

click1.shermanstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.193.6.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-6-143.compute-1.amazonaws.com

click.deals.shermanstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.69.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-69-134.compute-1.amazonaws.com

landscape.shermanstravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:3c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.1.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-1-218.fra6.r.cloudfront.net

d2619hvqn7b355.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:891::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:216 (United States)

ASN13335 (CLOUDFLARENET, US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.197.217.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-217-101.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.186.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-186-148.muc50.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9200:11:b97d:c600:21 (United States)

ASN16509 (AMAZON-02, US)

d2r8ootic371nc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.19.179.13 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.comparecards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.147.29 (None, ) 1 redirects

ASN- ()

splitter.lendingtree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	lytics.io c.lytics.io — Cisco Umbrella Rank: 5389	52 KB
8	shermanstravel.com 1 redirects click1.shermanstravel.com — Cisco Umbrella Rank: 694322 click.deals.shermanstravel.com landscape.shermanstravel.com	24 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 43	20 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 92	564 B
4	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 6210	166 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2518	11 KB
3	comparecards.com 2 redirects www.comparecards.com — Cisco Umbrella Rank: 3255	2 KB
3	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 554 match.adsrvr.org — Cisco Umbrella Rank: 306	673 B
3	cloudfront.net d2619hvqn7b355.cloudfront.net d1eoo1tco6rr5e.cloudfront.net d2r8ootic371nc.cloudfront.net	24 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 281 fonts.googleapis.com — Cisco Umbrella Rank: 52	35 KB
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 770	839 B
2	google.de www.google.de — Cisco Umbrella Rank: 6180	565 B
2	google.com www.google.com — Cisco Umbrella Rank: 4	565 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	114 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 741	19 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 942 pixel.quantserve.com — Cisco Umbrella Rank: 430	10 KB
1	lendingtree.com 1 redirects splitter.lendingtree.com	2 KB
1	azurewebsites.net lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 7063	792 B
1	choozle.com cs.choozle.com — Cisco Umbrella Rank: 7106	123 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 122	15 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 906	439 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 75	64 KB
63	24

	Domain	Requested by
9	c.lytics.io	click.deals.shermanstravel.com c.lytics.io
6	click.deals.shermanstravel.com	click.deals.shermanstravel.com ajax.googleapis.com
5	www.google-analytics.com	click.deals.shermanstravel.com www.google-analytics.com
4	www.facebook.com	click.deals.shermanstravel.com
4	www.lightboxcdn.com	click.deals.shermanstravel.com www.lightboxcdn.com
4	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
3	www.comparecards.com	2 redirects click.deals.shermanstravel.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	ct.pinterest.com	s.pinimg.com click.deals.shermanstravel.com
2	www.google.de	click.deals.shermanstravel.com
2	www.google.com	click.deals.shermanstravel.com
2	connect.facebook.net	click.deals.shermanstravel.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	click.deals.shermanstravel.com
1	splitter.lendingtree.com	1 redirects
1	d2r8ootic371nc.cloudfront.net	c.lytics.io
1	match.adsrvr.org	click.deals.shermanstravel.com
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cs.choozle.com	click.deals.shermanstravel.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	d2619hvqn7b355.cloudfront.net	click.deals.shermanstravel.com
1	pixel.quantserve.com	click.deals.shermanstravel.com
1	rules.quantcount.com	secure.quantserve.com
1	www.googletagmanager.com	click.deals.shermanstravel.com
1	secure.quantserve.com	click.deals.shermanstravel.com
1	landscape.shermanstravel.com	click.deals.shermanstravel.com
1	ajax.googleapis.com	click.deals.shermanstravel.com
1	click1.shermanstravel.com	1 redirects
63	32

This site contains no links.

Subject Issuer	Validity	Valid
*.shermanstravel.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-18` - `2022-06-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-16` - `2023-05-16`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
ssl1029400.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-01` - `2022-12-08`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.choozle.com Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.azurewebsites.net Microsoft Azure TLS Issuing CA 01	`2022-03-14` - `2023-03-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
comparecards.com Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610&sessionid=503ef135-8604-42a6-b21c-89553e46ec5b&mta=1
Frame ID: 40CFFCE2609C4D95C27E2EDD7D6DF998
Requests: 59 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1654715465036&lv=1
Frame ID: DB53171ECF996FCB9F596F7218949355
Requests: 2 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
Frame ID: 5AA8EC60567782751530B9F50832BFC0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=4... HTTP 302
https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=Pos... Page URL
http://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=... HTTP 301
https://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=... HTTP 307
https://splitter.lendingtree.com/api/CrossDomainTracking?mtaid=4E221&originalUrl=https%3A%2F%2Fwww.comparecar... HTTP 307
https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cas... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

100 %
HTTPS

55 %
IPv6

24
Domains

32
Subdomains

29
IPs

4
Countries

607 kB
Transfer

2145 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=41261&b=205687&c=111 HTTP 302
https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111 Page URL
http://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610 HTTP 301
https://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610 HTTP 307
https://splitter.lendingtree.com/api/CrossDomainTracking?mtaid=4E221&originalUrl=https%3A%2F%2Fwww.comparecards.com%2F%3Fsplitterid%3Dcoca-guide-amazing-cash-back-credit-cards%26mtaid%3D4E221%26esourceid%3D6419806%26utm_source%3Dshermanstravel%26grp%3Damazing-cash-back%26utm_campaign%3DSTDedicated%26tar%3DSTDedicated%26placement_name%3DSTDedicated%26utm_content%3Dwatch%2Bthe%2Bmoney%2Bpile%2Bup%2Bwith%2Bthese%2Bcashback%2Bcards%26adt%3Dhotpinkdollars%26ad_headline%3Dwatch%2Bthe%2Bmoney%2Bpile%2Bup%2Bwith%2Bthese%2Bcashback%2Bcards%26ad_image_name%3Dhotpinkdollars%26ad_position%3D2%26utm_medium%3Dnative%26pla%3Dshermanstravel.com%26bdst%3Drev%26campaign_date%3D20220610 HTTP 307
https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610&sessionid=503ef135-8604-42a6-b21c-89553e46ec5b&mta=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=41261&b=205687&c=111 HTTP 302
https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111

Request Chain 49

https://insight.adsrvr.org/tags/ilucn8a/z4a47p5/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

watch-the-money-pile-up-with-these-cashback-cards Show response
click.deals.shermanstravel.com/1742696/440/
Redirect Chain

https://click1.shermanstravel.com/tvppvchlllckwfcbkblcmksfmbkzvgjjftdrgwhlhllcwm_jtqrsvmfqwbmvtqbtfss.html?a=41261&b=205687&c=111
https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111

15 KB
5 KB

315ms
103ms

Document
text/html

34.193.6.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.6.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-6-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5246c1351922b3cb2b238400e4b80678680f40577d2995fc5f29b8368aa25750

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 08 Jun 2022 19:11:04 GMT
last-modified: Thu, 13 Aug 2020 18:26:13 GMT
server: nginx

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html;charset=utf-8
Date: Wed, 08 Jun 2022 19:11:03 GMT
Keep-Alive: timeout=60
Location: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Server: Apache-Coyote/1.1

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 91 KB
34 KB 152ms
40ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Requested by

Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 13:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33621
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Jun 2023 13:10:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
961 B 143ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 17:35:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 19:11:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 19:11:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
635 B 143ms
48ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 17:14:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 19:11:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 19:11:04 GMT

GET
H2 200 interstitial-18b4490c67debd584ae96942f161a42c.css
click.deals.shermanstravel.com/assets/ 1 KB
745 B 101ms
101ms Stylesheet
text/css 34.193.6.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/assets/interstitial-18b4490c67debd584ae96942f161a42c.css
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.6.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-6-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d4f4be14ec90c84952052c340e8a18f447de2f305eab176bf70dc04e4b32e818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:04 GMT
content-encoding: gzip
expires: Thu, 08 Jun 2023 19:11:04 GMT
server: nginx
cache-control: max-age=31536000, public
content-type: text/css

GET
H2 200 interstitial_external-280e77248e226b071b4a84b58d622434.css
click.deals.shermanstravel.com/assets/ 1 KB
682 B 103ms
103ms Stylesheet
text/css 34.193.6.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://click.deals.shermanstravel.com/assets/interstitial_external-280e77248e226b071b4a84b58d622434.css
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.6.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-6-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ef60e5fe54f75b0825bc3a51830b26709a96843762ae26a45f4439a749df039f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:04 GMT
content-encoding: gzip
expires: Thu, 08 Jun 2023 19:11:04 GMT
server: nginx
cache-control: max-age=31536000, public
content-type: text/css

GET
H2 200 st_landscape.js Show response
landscape.shermanstravel.com/ 1 KB
947 B 308ms
98ms Script
application/javascript 52.0.69.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://landscape.shermanstravel.com/st_landscape.js?v=20190528
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.69.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-69-134.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ec71478763d59753bb1931f8cc7f3ce6584d5a60fa15dfe00eaf52c4458fe695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: public
date: Wed, 08 Jun 2022 19:11:04 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 16:58:55 GMT
server: nginx
etag: W/"5db86fcf-524"
content-type: application/javascript
cache-control: max-age=315360000, public
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sht_logo_desktop-cbea7eafa6612ce39709903a4388d300.png
click.deals.shermanstravel.com/assets/logos/ 12 KB
12 KB 103ms
102ms Image
image/png 34.193.6.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/logos/sht_logo_desktop-cbea7eafa6612ce39709903a4388d300.png
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.6.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-6-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a82d5d6368f34a1384c667f859540aebb8eb4f071d80de35c861f4919b5a209d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:04 GMT
cache-control: max-age=31536000, public
server: nginx
accept-ranges: bytes
content-type: image/png
content-length: 12484
expires: Thu, 08 Jun 2023 19:11:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5778
date: Wed, 08 Jun 2022 17:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Jun 2022 19:34:46 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 40ms
8ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:04 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 15 Jun 2022 19:11:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
64 KB 137ms
50ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d3dd3128042a9ee9584961f85fa5d5199d8d9046d5ab9617e5e30dc4dac3142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65099
x-xss-protection: 0
expires: Wed, 08 Jun 2022 19:11:04 GMT

POST
H2 200 watch-the-money-pile-up-with-these-cashback-cards Show response
click.deals.shermanstravel.com/1742696/440/ 1 KB
980 B 155ms
153ms XHR
application/json 34.193.6.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.193.6.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-6-143.compute-1.amazonaws.com

Software

nginx /

Resource Hash

0b210becbb202a73c8c40e469e2500fb92f7a0ae867b64909f49bded5cfb2103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-runtime: 0.048992
date: Wed, 08 Jun 2022 19:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: 50ff2129-4c50-425d-be88-9b1fb08da7f4

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 124ms
41ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://click.deals.shermanstravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 93830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:07:14 GMT

GET
H2 200 rules-p-y7jhK3PrFbS21.js Show response
rules.quantcount.com/ 3 B
439 B 87ms
34ms Script
application/javascript 2600:9000:2315:3c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-y7jhK3PrFbS21.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:04:13 GMT
via: 1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
age: 54941
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 21:24:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: ZzmNE91lBUvNjIAVDSwXglbn9meh6Ai_brbZ7WvjbMoiN2ViBG2ioQ==

GET
H2 200 pixel;r=1106661516;labels=ShermansTravel%20Deals%20Network;rf=0;a=p-y7jhK3PrFbS21;url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-card...
pixel.quantserve.com/ 35 B
371 B 22ms
19ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1106661516;labels=ShermansTravel%20Deals%20Network;rf=0;a=p-y7jhK3PrFbS21;url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111;uht=2;fpan=1;fpa=P0-1857182685-1654715464929;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=shermanstravel.com;je=0;sr=1600x1200x24;dst=0;et=1654715464928;tzo=0;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 58ms
56ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1714758534&t=pageview&_s=1&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=579167246&gjid=471884977&cid=1826539151.1654715465&tid=UA-13162027-3&_gid=1234424202.1654715465&_r=1&_slc=1&cd6=pmin-none%20pmax-none&cd7=vacation&cd10=deal%20click&z=1321227861

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://click.deals.shermanstravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://click.deals.shermanstravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cc.jpg
d2619hvqn7b355.cloudfront.net/uploads/partner/large_logo/982/ 2 KB
3 KB 35ms
7ms Image
image/jpeg 99.86.1.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2619hvqn7b355.cloudfront.net/uploads/partner/large_logo/982/cc.jpg
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.1.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-1-218.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ea475a2aed045ed1748b8c64853ad2423164b3e23b2269f64f72b93f7e5bc2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 19:04:15 GMT
Via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 21 Feb 2020 13:52:01 GMT
Server: AmazonS3
Age: 411
ETag: "21e2e29cbf72ebafe0546129323fb4d5"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=315576000
X-Amz-Cf-Pop: FRA6-C1
Accept-Ranges: bytes
Content-Length: 2373
X-Amz-Cf-Id: W0cHHVqKWjUgnsg_aBfdnaJ1q3dFwN7bmTrSbPCqeGYWST8PlQ2hOQ==

GET
H2 200 arrows-8d8e8b955e27d8c6747cc06635e44272.gif
click.deals.shermanstravel.com/assets/ 3 KB
3 KB 103ms
102ms Image
image/gif 34.193.6.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://click.deals.shermanstravel.com/assets/arrows-8d8e8b955e27d8c6747cc06635e44272.gif
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/assets/interstitial-18b4490c67debd584ae96942f161a42c.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.6.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-6-143.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3287d19fb549ad1443377c8490fe1cf95b9ef35cb8473747b54662c1f1add459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/assets/interstitial-18b4490c67debd584ae96942f161a42c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
cache-control: max-age=31536000, public
server: nginx
accept-ranges: bytes
content-type: image/gif
content-length: 2899
expires: Thu, 08 Jun 2023 19:11:05 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://click.deals.shermanstravel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 93830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 17:07:14 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 175ms
63ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 19:11:05 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 172ms
131ms Script
application/javascript 2a02:26f0:3500:891::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:891::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 35ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: jdmKOFEX9csToh+gN1IlSHfgwn34jSvSHdn2O3KZGR6PYxxO7Dz6UpETThxCHhTNThmJEo2mPxOeKdeLVjbPFw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Jun 2022 19:11:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 latest.min.js Show response
c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/ 64 KB
22 KB 67ms
31ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29deb14477cf999bbb35097903fc55f2847121bf38ae3c0a14736ac5cf462a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5070
content-encoding: br
last-modified: Wed, 08 Jun 2022 17:46:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdL0Y2LlyLVEYsQXi64In%2FTbPaxo427uRsVet8r1lmixsLWauYpZYyzyfzBYLfJiUyWIfj0KJbE3Uo7rzPbIO78acD1nN1cVZtTRMaLbcV4BI1o45P6vgKDc%2F9tVxP6BY7IIyFnHCKBN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 7183ee68bc439165-FRA

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/16346/ 28 KB
9 KB 42ms
14ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KN9BH7X
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: acc99a0b70afad5ab53c8c1fb2be18189342e873e7b1e07327f044773c5edba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 19:45:29 GMT
server: nginx
etag: W/"623b78d9-702b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame DB53 326 B
479 B 67ms
33ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1654715465036&lv=1
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4e90ad41ae655ac2d685e0fb8ed83fe474e9c7ec4ca04451639f9301760344d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jun 2022 19:04:13 GMT
server: cloudflare
age: 412
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7183ee68dd216963-FRA
cf-bgj: minify

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
452 B 57ms
20ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-13162027-3&cid=1826539151.1654715465&jid=579167246&gjid=471884977&_gid=1234424202.1654715465&_u=aEBAAEAAAAAAAC~&z=42947960

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://click.deals.shermanstravel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 08 Jun 2022 19:11:05 GMT
content-type: text/plain
access-control-allow-origin: https://click.deals.shermanstravel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1030893760286070 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1030893760286070?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f48efe3749c6349fd14f1c380b97b699d7a74350f2a6d4050775c054bca259dd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88818
x-xss-protection: 0
pragma: public
x-fb-debug: GYWWP01ehnIdiAB4o654M7p6kCjFA/hzOo1R2g56M4n5yQiPSuqXYyK696s4oFsJ8LVScjHVJHznTZLZIv35FQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 08 Jun 2022 19:11:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/16346/ 401 B
543 B 34ms
34ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/16346/code/&publishedOn=Wed%20Mar%2023%2019:45:24%20GMT%202022&ClientID=923&PageID=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 212954141f78bba409857a6fdb356639fe7846e8ff91bf2fc6b12f7c8dd28cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 401
expires: Wed, 08 Jun 2022 19:11:04 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 163ms
75ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-13162027-3&cid=1826539151.1654715465&jid=579167246&_u=aEBAAEAAAAAAAC~&z=852990041

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 159ms
75ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-13162027-3&cid=1826539151.1654715465&jid=579167246&_u=aEBAAEAAAAAAAC~&z=852990041

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2033ac07a2eae34026d3189da90d18b6 Show response
c.lytics.io/cid/ 24 B
463 B 140ms
140ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/cid/2033ac07a2eae34026d3189da90d18b6?assign=false&callback=u_666508552100947100

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6412ec37d9c58c87e9678bd55dfeaa632d05abb90304c9220a8c1a8ed6b1dad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 24
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3i4%2Br%2F9tYL22vG8%2B8MDuGhPr6QUsAHckoSTtjk67SqBGC9G3fhN0x0oGBcsZ0h7k2MwnjKpSroHBUscCsPFKew5lDNPMwE%2FNRwXYf3BExOQI9t5HkY7K00R%2BydKq6Umy2gdKYAuOHBc"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7183ee690d1c9165-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 47ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=PageView&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&rl=&if=false&ts=1654715465141&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654715465139.142156513&it=1654715465079&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 08 Jun 2022 19:11:05 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/ Frame DB53 961 KB
164 KB 38ms
38ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637881438975342348
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/lightbox.js?mb=1654715465036&lv=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0599c1b92893f04ff8ffd231d5532501c02fd5f346170f7d3cd1120de0b4101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: MOsANhyirc4WfooXPX1K4w==
age: 346382
cf-polished: origSize=1564594
last-modified: Thu, 05 May 2022 13:16:33 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: b554c321-301e-0001-5db8-6719cd000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 7183ee693de66963-FRA
expires: Thu, 08 Jun 2023 19:11:05 GMT

GET
H2 200 b91deb381a983463890df766160d0db7.js Show response
nexus.ensighten.com/choozle/16346/code/ 2 KB
536 B 9ms
9ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/code/b91deb381a983463890df766160d0db7.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 19:00:55 GMT
server: nginx
etag: W/"6230e267-63c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 daf02a36827736997cd92656653dd1c9.js Show response
nexus.ensighten.com/choozle/16346/code/ 1 KB
859 B 9ms
9ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/16346/code/daf02a36827736997cd92656653dd1c9.js?conditionId0=4923361&conditionId1=4923360
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ea626c9d7ce9f6bb3096ce20d10f55ee60ee8b8cfd17c2907e7829a2291b08df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 19:03:23 GMT
server: nginx
etag: W/"6230e2fb-5cc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK 26781
cs.choozle.com/dp/chz/ 35 B
123 B 411ms
100ms Image
image/gif 44.197.217.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/26781?d=click.deals.shermanstravel.com&cb=5545355010
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.217.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-217-101.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 110ms
110ms Script
application/javascript 2a02:26f0:3500:891::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:891::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d998b01e8bab6d5570c17f428e9547d4a6753a696b8bdac3e186332b3a575bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011597705/ 3 KB
2 KB 139ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011597705/?random=1654715465215&cv=9&fst=1654715465215&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&tiba=Redirecting%20you%20to%20your%20deal...&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dbe5951f1b2fc415b5c49994e6a877396618d47cb4e9c26ebe05908b718f799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1138
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 28ms
28ms Stylesheet
text/css 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637873533927851304
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637881438975342348
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 534273
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 312e9f6f-a01e-0069-2d83-60479c000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 7183ee69bf126963-FRA
expires: Thu, 08 Jun 2023 19:11:05 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42332/click.deals.shermanstravel.com/jsonp/ 543 B
792 B 427ms
126ms Script
application/javascript 20.40.202.0
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42332/click.deals.shermanstravel.com/jsonp/z?cb=1654715465243&callback=jQuery17109794859669313658_1654715465228&_=1654715465244
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/065b2c2b-90bd-4ccd-884c-8e621eb02162/user.js?cb=637881438975342348
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4471b340d0573aed2222f6f7b94749e3ae1d5573b929d1fa9dcf0493ea7f741b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 19:11:05 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
259 B 33ms
33ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1654715465234&h=click.deals.shermanstravel.com&e=p&u=42332
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 08 Jun 2022 19:11:05 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1442942
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
content-length: 35
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: af63abe9-a01e-0081-2a45-a8f796000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7183ee69df4c6963-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 d8733d13-0782-4eb2-a8c5-f022775aae9d Show response
c.lytics.io/api/personalize/2033ac07a2eae34026d3189da90d18b6/user/_uid/ 3 KB
1 KB 158ms
158ms Script
application/json 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/personalize/2033ac07a2eae34026d3189da90d18b6/user/_uid/d8733d13-0782-4eb2-a8c5-f022775aae9d?segments=true&mergestate=true&state=%7B%22_uid%22%3A%22d8733d13-0782-4eb2-a8c5-f022775aae9d%22%2C%22utm_source%22%3A%22PostUp%22%2C%22utm_campaign%22%3A%2241261%22%2C%22utm_medium%22%3A%22email%22%2C%22_sesstart%22%3A%221%22%2C%22_tz%22%3A0%2C%22_ul%22%3A%22en-US%22%2C%22_sz%22%3A%221600x1200%22%2C%22_nmob%22%3A%22t%22%2C%22_device%22%3A%22desktop%22%2C%22url%22%3A%22click.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111%22%2C%22_v%22%3A%223.0.27%22%7D&ts=1654715465266&callback=u_131434037907160580

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

050c3aaec0b43fc06246a676b30b0ca0a1e1c765903a07d403e6e30ddd2503db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7183ee69ff4e9165-FRA
date: Wed, 08 Jun 2022 19:11:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms3k4Z9o%2Bw0%2FVATuvlz9QTFgP6jIEkCBBRde6YUBR4aqpQzA05%2BS4lc9x715GoibFOoGCB4e0jVdvY9Rx3Yzg3fO%2F4ubUT6Aqn7ccEF%2BmPTo8Sk7a8U%2F7T%2B5WRYnf7rEYBd0ZZTE9g%2Fc"}],"group":"cf-nel","max_age":604800}
content-encoding: br
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *

GET
H2 200 2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ 35 B
318 B 142ms
141ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6?gtm.start=1654715464789&event=gtm.js&gtm.uniqueEventId=1&_ts=1654715465127&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&_v=3.0.27&_uid=d8733d13-0782-4eb2-a8c5-f022775aae9d&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lDXAgRsI%2FKmJgZ%2FBlqSCKlAMVj%2Bg3xlwfkAId6%2Fh%2F5HY5lycO5V8tQfgH3QQuaV3Uymv1DY2I3uRyfUMYZKAR7H6mskug9kEZvhZx6ygvHSTPC4yjvmeoexNn0MHfcXxBKAafXlkxXa9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7183ee69ff4f9165-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ 35 B
315 B 145ms
144ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6?event=lytics.data&data.dealId=1742696&data.publisherId=440&data.userId=205687&gtm.uniqueEventId=2&_ts=1654715465127&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&_v=3.0.27&_uid=d8733d13-0782-4eb2-a8c5-f022775aae9d&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDe2GyxAEsM0SpGALRrCUaRlXqFD%2BWKTtKOUB%2B5yW%2B1JoUQAnEPhXeR7vfVyOxSo31Y1ZLZGEdnDkea1svmQ66OVRoM%2Br626t5bk44zv7V9wCgRzwoK0GAlST9pRkN1shevFwwYU5NdH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7183ee69ff519165-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 2033ac07a2eae34026d3189da90d18b6
c.lytics.io/c/ 35 B
404 B 141ms
141ms Image
image/gif 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.lytics.io/c/2033ac07a2eae34026d3189da90d18b6?_e=pv&utm_source=PostUp&utm_campaign=41261&utm_medium=email&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_ts=1654715465255&_nmob=t&_device=desktop&url=click.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&_v=3.0.27&_uid=d8733d13-0782-4eb2-a8c5-f022775aae9d&_getid=t

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
content-length: 35
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdfKS2UYAgS0qHmsuFblR6S6nWBbqykUgqusTh7oSLaWQY0d8da3kJlh%2Bxfw1Wyctv0BBabaOPiBzxZco9uI0f90GNUE%2F8XmSf78GpxNrCLXEYeuqOXxmYmd78IsJllLtrwj%2BdiMtXuA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7183ee69ff539165-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
expires: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
743 B 63ms
39ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612859057726&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A0%7D&cb=1654715465320
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3fde7a56c437a737445b59a2a94749888886990dbe40b410dd4a7abe00c4dfc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://click.deals.shermanstravel.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVlqTTFOVEl6TldFdFlqazVNQzAwWVRsaExXRmtOekl0WWpZeFpqVTNaRGMwTXpVeg
x-pinterest-rid: 1527771190642343
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
content-length: 352
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
96 B 63ms
39ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612859057726&pd=%7B%22np%22%3A%22gtm%22%2C%22gtm_aem_configs%22%3A%5B%5D%2C%22md_frequency%22%3A0%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1654715465321
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 3297609959810129
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011597705/ 42 B
64 B 135ms
53ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011597705/?random=1654715465215&cv=9&fst=1654714800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&tiba=Redirecting%20you%20to%20your%20deal...&async=1&fmt=3&is_vtc=1&random=939893493&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1011597705/ 42 B
64 B 132ms
50ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011597705/?random=1654715465215&cv=9&fst=1654714800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg660&sendb=1&frm=0&url=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&tiba=Redirecting%20you%20to%20your%20deal...&async=1&fmt=3&is_vtc=1&random=939893493&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/ Frame 5AA8
Redirect Chain

https://insight.adsrvr.org/tags/ilucn8a/z4a47p5/iframe
https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe

138 B
668 B

49ms
14ms

Document
text/html

18.66.186.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/16346/code/daf02a36827736997cd92656653dd1c9.js?conditionId0=4923361&conditionId1=4923360
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.186.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-186-148.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cdec4e3c51e8632f4f07fc071477493f519187d39821841e57fad12594a1662

Request headers

Referer: https://click.deals.shermanstravel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 39076
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Wed, 08 Jun 2022 08:19:50 GMT
ETag: "0a8f6304cfb8400aa158460b59ede905"
Last-Modified: Tue, 15 Mar 2022 18:59:25 GMT
Server: AmazonS3
Via: 1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
X-Amz-Cf-Id: UG1v5L7G8aegCTW-SQvufFH8KFEaCyzCRy3kmnzRnXaVZJ8epJoQ6Q==
X-Amz-Cf-Pop: MUC50-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 19:11:05 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 /
match.adsrvr.org/track/cmf/generic/ 70 B
265 B 113ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic/?ttd_pid=f4i7a6a&ttd_puid=d8733d13-0782-4eb2-a8c5-f022775aae9d&ttd_puid=2033ac07a2eae34026d3189da90d18b6&ttd_tpi=1&gpdr=0
Requested by: Host: click.deals.shermanstravel.com
URL: https://click.deals.shermanstravel.com/1742696/440/watch-the-money-pile-up-with-these-cashback-cards?utm_source=PostUp&utm_campaign=41261&utm_medium=email&recip_id=205687&list_id=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 20ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=Lytics%20Audiences&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&rl=&if=false&ts=1654715465429&cd[aud_network_only_users]=true&cd[aud_anonymous_users]=true&cd[smt_new]=true&cd[all]=true&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654715465139.142156513&it=1654715465079&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 08 Jun 2022 19:11:05 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1714758534&t=event&ni=1&_s=2&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=lytics&ea=lytics_google_integration&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=1826539151.1654715465&uid=d8733d13-0782-4eb2-a8c5-f022775aae9d&tid=UA-13162027-3&_gid=1234424202.1654715465&cd6=pmin-none%20pmax-none&cd7=vacation&cd10=deal%20click&cd18=d8733d13-0782-4eb2-a8c5-f022775aae9d&cd19=aud_network_only_users%2Caud_anonymous_users%2Csmt_new%2Call&z=2101719555

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 20:43:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 5AA8 70 B
260 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=ilucn8a&ct=0:z4a47p5&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/ilucn8a/z4a47p5/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 19:11:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1714758534&t=event&ni=1&_s=3&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PostUp&ea=Linked%20Recipient&el=205687&ev=1&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=1826539151.1654715465&uid=d8733d13-0782-4eb2-a8c5-f022775aae9d&tid=UA-13162027-3&_gid=1234424202.1654715465&cd6=pmin-none%20pmax-none&cd7=vacation&cd10=deal%20click&cd18=d8733d13-0782-4eb2-a8c5-f022775aae9d&cd19=aud_network_only_users%2Caud_anonymous_users%2Csmt_new%2Call&cd12=205687&z=1072406528

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 20:43:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=PageView&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687&rl=&if=false&ts=1654715465699&sw=1600&sh=1200&v=2.9.61&r=stable&ec=2&o=30&fbp=fb.1.1654715465139.142156513&it=1654715465079&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 08 Jun 2022 19:11:05 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1714758534&t=event&ni=1&_s=4&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687%26list_id%3D111&ul=en-us&de=windows-1252&dt=Redirecting%20you%20to%20your%20deal...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PostUp&ea=PostUp%20Loaded&el=%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards&ev=1&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=1826539151.1654715465&uid=d8733d13-0782-4eb2-a8c5-f022775aae9d&tid=UA-13162027-3&_gid=1234424202.1654715465&cd6=pmin-none%20pmax-none&cd7=vacation&cd10=deal%20click&cd18=d8733d13-0782-4eb2-a8c5-f022775aae9d&cd19=aud_network_only_users%2Caud_anonymous_users%2Csmt_new%2Call&cd12=205687&z=597113340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 20:43:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 80841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 101 KB
22 KB 30ms
30ms Script
text/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7183ee6e19b29165-FRA
date: Wed, 08 Jun 2022 19:11:05 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 08 Jun 2022 17:34:56 GMT
server: cloudflare
age: 5769
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7ZADMKlHGxy0cWZIdMSF7AU239YTm8CbEn4VpH6%2BXQr8FaI5jp0l3Gsv4aAnstaOLh%2F9%2F4Tjnluzj1HVmSd2eBQnnCeAbInzEgzaINjf0pamkPNYYyPvq5s8vse11ghYDdAO%2FuZZuX2"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
4 KB 43ms
42ms Stylesheet
text/css 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/static/pathfora.min.css

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/static/pathfora.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7183ee6e6a6e9165-FRA
date: Wed, 08 Jun 2022 19:11:06 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 08 Jun 2022 17:20:13 GMT
server: cloudflare
age: 6652
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6k0tcMmyv%2F5wR%2FhCr%2FPJq0%2Bs%2FukSX%2FD8nCh2QOThge4BEfGN0CyBhHySRUBgPkqotbTsMBgEzaXjPnNfjOxS4gFTEalZ4AKNuzM98tDw%2Bw2u6Ju63NoKniEh3lF4vw5j9h%2FDhTi8sO7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000;
content-encoding: br

GET
H2 200 shermans-overrides.css
d2r8ootic371nc.cloudfront.net/lytics-shermanstravel/ 20 KB
20 KB 28ms
8ms Stylesheet
text/css 2600:9000:2057:9200:11:b97d:c600:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2r8ootic371nc.cloudfront.net/lytics-shermanstravel/shermans-overrides.css
Requested by: Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9200:11:b97d:c600:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146a03175b402672121859534d41746101351d328deefd13753eb40bad5c2448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: W5BQjQDOklI8jwkHa_NzIAQeLJeG1dk6
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
last-modified: Thu, 02 Jul 2020 12:01:22 GMT
server: AmazonS3
age: 47640
etag: "60a398c2a147529d7d1cfe6a25af4d33"
x-cache: Hit from cloudfront
content-type: text/css
date: Wed, 08 Jun 2022 05:57:06 GMT
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 20458
x-amz-cf-id: Zb8K1cFiEYUSgpG0Fwe-oYiooMftxm7BLeQGX4opMT9dCc2Bi73SJQ==

GET
H2 200 config.js Show response
c.lytics.io/api/experience/candidate/2033ac07a2eae34026d3189da90d18b6/ 5 KB
2 KB 24ms
24ms Script
application/javascript 2606:4700:20::681a:216
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.lytics.io/api/experience/candidate/2033ac07a2eae34026d3189da90d18b6/config.js

Requested by

Host: c.lytics.io
URL: https://c.lytics.io/api/tag/2033ac07a2eae34026d3189da90d18b6/latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:216 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2bcd5a8e2e8f4157a9899ff2923a58e23dc09f588f8f316157de7f22a438def

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:06 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5065
content-encoding: br
last-modified: Wed, 08 Jun 2022 17:46:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOBSQt9YCQV91PvY47SuQUFNyBOLY3JM5qMCVdrJrcS8hFJOPfMXJzx8XVnv45NITakziGzQdGfGosTWCptb1zDKax%2BRZZ7j7v1V0L%2BdQtEMqtKexC6cFr5uKJjAPJV0hz9FHLi06AEB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 7183ee6e8ae19165-FRA

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
10ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1030893760286070&ev=Microdata&dl=https%3A%2F%2Fclick.deals.shermanstravel.com%2F1742696%2F440%2Fwatch-the-money-pile-up-with-these-cashback-cards%3Futm_source%3DPostUp%26utm_campaign%3D41261%26utm_medium%3Demail%26recip_id%3D205687&rl=&if=false&ts=1654715466643&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redirecting%20you%20to%20your%20deal...%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=3&o=30&fbp=fb.1.1654715465139.142156513&it=1654715465079&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://click.deals.shermanstravel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 19:11:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 08 Jun 2022 19:11:06 GMT

GET
H2

200

Primary Request amazing-cash-back-credit-cards
www.comparecards.com/guide/
Redirect Chain

http://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedica...
https://www.comparecards.com/?splitterid=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedic...
https://splitter.lendingtree.com/api/CrossDomainTracking?mtaid=4E221&originalUrl=https%3A%2F%2Fwww.comparecards.com%2F%3Fsplitterid%3Dcoca-guide-amazing-cash-back-credit-cards%26mtaid%3D4E221%26eso...
https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash...

9 KB
0

1516ms
1515ms

Document
text/html

104.19.179.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610&sessionid=503ef135-8604-42a6-b21c-89553e46ec5b&mta=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.179.13 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' * 'unsafe-eval' 'unsafe-inline' data: filesystem: blob:; object-src *.cloudfront.net;
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7183ee86beb69a1d-FRA
content-encoding: br
content-security-policy: default-src 'self' * 'unsafe-eval' 'unsafe-inline' data: filesystem: blob:; object-src *.cloudfront.net;
content-type: text/html; charset=utf-8
date: Wed, 08 Jun 2022 19:11:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7183ee842a5e9030-FRA
content-length: 0
date: Wed, 08 Jun 2022 19:11:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.comparecards.com/guide/amazing-cash-back-credit-cards?icode=37380&SpId=coca-guide-amazing-cash-back-credit-cards&mtaid=4E221&esourceid=6419806&utm_source=shermanstravel&grp=amazing-cash-back&utm_campaign=STDedicated&tar=STDedicated&placement_name=STDedicated&utm_content=watch+the+money+pile+up+with+these+cashback+cards&adt=hotpinkdollars&ad_headline=watch+the+money+pile+up+with+these+cashback+cards&ad_image_name=hotpinkdollars&ad_position=2&utm_medium=native&pla=shermanstravel.com&bdst=rev&campaign_date=20220610&sessionid=503ef135-8604-42a6-b21c-89553e46ec5b&mta=1
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click1.shermanstravel.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: B897350571F23B18E3729E65203F4C4E
.shermanstravel.com/	1970-01-20 21:09:47	Name: _ga Value: GA1.2.1826539151.1654715465
.shermanstravel.com/	1970-01-20 03:40:01	Name: _gid Value: GA1.2.1234424202.1654715465
.shermanstravel.com/	1970-01-20 03:38:37	Name: usrsess Value: %7B%22e%22%3A1654717264%2C%22v%22%3A%7B%22cord%22%3A1%7D%7D
.quantserve.com/	1970-01-20 13:08:49	Name: mc Value: 62a0f448-e9b51-67eb3-e18ae
.shermanstravel.com/	1970-01-20 03:38:35	Name: _gat Value: 1
.shermanstravel.com/	1970-01-20 13:03:04	Name: __qca Value: P0-1857182685-1654715464929
.shermanstravel.com/	1970-01-20 05:48:11	Name: _gcl_au Value: 1.1.302400181.1654715465
.click.deals.shermanstravel.com/	1970-01-20 03:38:37	Name: seerses Value: e
.shermanstravel.com/	1970-01-20 05:48:11	Name: _fbp Value: fb.1.1654715465139.142156513
.click.deals.shermanstravel.com/	1970-01-23 19:14:35	Name: seerid Value: d8733d13-0782-4eb2-a8c5-f022775aae9d
.doubleclick.net/	1970-01-20 03:38:36	Name: test_cookie Value: CheckForPermission
.click.deals.shermanstravel.com/	1970-01-20 12:24:11	Name: _pin_unauth Value: dWlkPVlqTTFOVEl6TldFdFlqazVNQzAwWVRsaExXRmtOekl0WWpZeFpqVTNaRGMwTXpVeg
.lytics.io/	1970-01-21 01:14:35	Name: seerid Value: d8733d13-0782-4eb2-a8c5-f022775aae9d
.comparecards.com/	1970-01-20 03:38:37	Name: __cf_bm Value: t9sU4hJNzGjXxFCSnneGAwlT849DUkrnFGCkYQx9uuo-1654715469-0-Aa7+D5B/pa5FW8tTlc8ckCBcH50exmuOvbR5aAmBM3g4w6prz9ExkF3ApcssBgKDkyIrt+paM4EYZENZq9mrV8s=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.lytics.io
click.deals.shermanstravel.com
click1.shermanstravel.com
connect.facebook.net
cs.choozle.com
ct.pinterest.com
d1eoo1tco6rr5e.cloudfront.net
d2619hvqn7b355.cloudfront.net
d2r8ootic371nc.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
landscape.shermanstravel.com
lightboxapi.azurewebsites.net
match.adsrvr.org
nexus.ensighten.com
pixel.quantserve.com
rules.quantcount.com
s.pinimg.com
secure.quantserve.com
splitter.lendingtree.com
stats.g.doubleclick.net
www.comparecards.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
104.19.147.29
104.19.179.13
15.197.193.217
151.101.128.84
18.195.42.228
18.66.186.148
20.40.202.0
216.58.212.162
2600:9000:2057:9200:11:b97d:c600:21
2600:9000:2315:3c00:6:44e3:f8c0:93a1
2606:4700:20::681a:216
2606:4700::6810:51a5
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:400c:c07::9b
2a02:26f0:3500:891::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.220.150
34.193.6.143
44.197.217.101
52.0.69.134
74.214.203.11
99.86.1.218
050c3aaec0b43fc06246a676b30b0ca0a1e1c765903a07d403e6e30ddd2503db
09c2785ae9cea8dfc6146d0c226eee07480335f63de40f6eeb4c906bc342603d
0b210becbb202a73c8c40e469e2500fb92f7a0ae867b64909f49bded5cfb2103
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0dbe5951f1b2fc415b5c49994e6a877396618d47cb4e9c26ebe05908b718f799
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146a03175b402672121859534d41746101351d328deefd13753eb40bad5c2448
1d3dd3128042a9ee9584961f85fa5d5199d8d9046d5ab9617e5e30dc4dac3142
212954141f78bba409857a6fdb356639fe7846e8ff91bf2fc6b12f7c8dd28cca
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
29deb14477cf999bbb35097903fc55f2847121bf38ae3c0a14736ac5cf462a89
2ea475a2aed045ed1748b8c64853ad2423164b3e23b2269f64f72b93f7e5bc2c
3287d19fb549ad1443377c8490fe1cf95b9ef35cb8473747b54662c1f1add459
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3fde7a56c437a737445b59a2a94749888886990dbe40b410dd4a7abe00c4dfc4
4471b340d0573aed2222f6f7b94749e3ae1d5573b929d1fa9dcf0493ea7f741b
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4e90ad41ae655ac2d685e0fb8ed83fe474e9c7ec4ca04451639f9301760344d4
5246c1351922b3cb2b238400e4b80678680f40577d2995fc5f29b8368aa25750
6412ec37d9c58c87e9678bd55dfeaa632d05abb90304c9220a8c1a8ed6b1dad0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cdec4e3c51e8632f4f07fc071477493f519187d39821841e57fad12594a1662
80efbfcfad67fc0fa5a9d8cc84eb35951eea2d2e179a6fc51c82463c9e70a5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a82d5d6368f34a1384c667f859540aebb8eb4f071d80de35c861f4919b5a209d
acc99a0b70afad5ab53c8c1fb2be18189342e873e7b1e07327f044773c5edba0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d4f4be14ec90c84952052c340e8a18f447de2f305eab176bf70dc04e4b32e818
d998b01e8bab6d5570c17f428e9547d4a6753a696b8bdac3e186332b3a575bd9
d9b18edccc6d6cdd3eb64d1835d42046cc84cdd8681ec26da7b6b3e7e3ab8875
e0599c1b92893f04ff8ffd231d5532501c02fd5f346170f7d3cd1120de0b4101
e2bcd5a8e2e8f4157a9899ff2923a58e23dc09f588f8f316157de7f22a438def
ea626c9d7ce9f6bb3096ce20d10f55ee60ee8b8cfd17c2907e7829a2291b08df
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ec71478763d59753bb1931f8cc7f3ce6584d5a60fa15dfe00eaf52c4458fe695
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef60e5fe54f75b0825bc3a51830b26709a96843762ae26a45f4439a749df039f
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f48efe3749c6349fd14f1c380b97b699d7a74350f2a6d4050775c054bca259dd
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

www.comparecards.com Open in urlscan Pro 104.19.179.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

55 %IPv6

24 Domains

32 Subdomains

29 IPs

4 Countries

607 kBTransfer

2145 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.comparecards.com Open in urlscan Pro
104.19.179.13 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

55 %
IPv6

24
Domains

32
Subdomains

29
IPs

4
Countries

607 kB
Transfer

2145 kB
Size

15
Cookies

63 HTTP transactions
0 data transactions