sendmesamples.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Page URL
2. https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=wnoot43thhhs7q0k24ijt28s&aff_sub4=&aff_sub5=&clickid=022b721ead2a432a1019243c20c3fb62&pub=202950&cid=29415&sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Page URL
3. http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2042&aff_sub2=--202950-012&aff_sub3=9473b5d0-6622-4dd5-8148-28bd393b34b3&aff_sub4=2042 HTTP 302
   https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=--202950-012&aff_sub3=9473b5d0-6622-4dd5-8148-28bd393b34b3&aff_sub4=2042&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3-generic-0 HTTP 302
   https://sendmesamples.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response writesun.com/a44bdaabfdb516207ac6484ce43786051/	1 KB 1 KB	518ms 446ms	Document text/html	2606:4700:3033::6815:5204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash e1afae3da0911d9a30a0cfcc1f976b968564d48170ab2b385feaa752345b9185 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 75ffe9f69e0490b8-FRA content-encoding gzip content-type text/html date Wed, 26 Oct 2022 02:55:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXonk5nSZ3HZcPhEApRneIYu5x6tRN3ai7qvo3E%2BgOwtmhrIbhpvNIOvPcU5hU94w%2Bx2%2B%2BRQHKmPZ%2BkUdjYosGvwpdfqI4nPteW0MeT9DTTjNBxsKLwHOMbZ25UTFniyIksFeaiLUt34xsI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16
GET H2	200	main.js Show response writesun.com/js/	91 KB 31 KB	677ms 676ms	Script application/javascript	2606:4700:3033::6815:5204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://writesun.com/js/main.js?v=2 Requested by Host: writesun.com URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5204 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae8d753a2079883b7e33c959f6fda145de5414800d3851433f0b2eafe91af30f Request headers accept-language de-DE,de;q=0.9 Referer https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:36 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 08 Sep 2022 17:20:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"631a244e-16a65" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5UH6bfim7YR0JMM%2BI9STfoqY3l0ufehgomi8R%2Fsi4w3U3cBvWQ5pXLs9TposVYh1jIzH6PVuFCKrsr6W5mJsUl7PSz5b4uKgDGzVtk%2FhAKsNwBJwbUU7seyhZOOMj184PKXwCx%2Bolmks7c%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 75ffe9f96fb390b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 25 Nov 2022 02:55:36 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	102 KB 40 KB	74ms 35ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MS5HQQ7 Requested by Host: writesun.com URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d9c4c3235d3a75827d954fd6eb102f317b08d240fb22f3b325785558a8592485 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://writesun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40420 x-xss-protection 0 last-modified Wed, 26 Oct 2022 00:11:56 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 26 Oct 2022 02:55:35 GMT
GET H/1.1	200 OK	clickpc.php Show response eng.trkcnv.com/	512 B 1 KB	863ms 295ms	XHR text/html	54.190.214.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eng.trkcnv.com/clickpc.php?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4=&cidpubh=a44bdaabfdb516207ac6484ce43786051&referrer_url=&domain=writesun.com Requested by Host: writesun.com URL: https://writesun.com/js/main.js?v=2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.190.214.118 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-190-214-118.us-west-2.compute.amazonaws.com Software Apache/2.4.54 (Amazon) PHP/7.3.30 / PHP/7.3.30 Resource Hash db1aa1636f561b4278f65c9f00181617a1b47c32e51319cac76984e002028b8f Request headers accept-language de-DE,de;q=0.9 Referer https://writesun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 02:55:37 GMT Server Apache/2.4.54 (Amazon) PHP/7.3.30 X-Powered-By PHP/7.3.30 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://writesun.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Content-Type Content-Length 512
GET H/1.1	200 OK	retargeting.js Show response static.traversedlp.com/v1/	11 KB 4 KB	74ms 17ms	Script application/javascript	143.204.215.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.traversedlp.com/v1/retargeting.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MS5HQQ7 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.215.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-105.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58 Request headers accept-language de-DE,de;q=0.9 Referer https://writesun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id KLbodh6xIMdiUWAxenjc1ByBclqfTj74 Content-Encoding gzip Via 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront) Date Wed, 26 Oct 2022 02:48:24 GMT Last-Modified Wed, 01 Jun 2022 20:20:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 Age 806 ETag W/"c31ba40743566f87f00f822e3cefb390" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Cache Hit from cloudfront Connection keep-alive X-Amz-Cf-Id xGdkInPkGlmEXpXVI-2qyiTnaSarwXXurorjIdSGH757SYuxUT50pw==
GET H2	200	request.js script.anura.io/	54 KB 20 KB	153ms 84ms	Script application/javascript	35.177.111.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/request.js?instance=56309078&source=202950&campaign=27323&exid=undefined&111318532394 Requested by Host: writesun.com URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.111.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-111-21.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://writesun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 26 Oct 2022 02:55:37 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	matches signals.aimtell.com/	43 B 260 B	92ms 28ms	Image image/gif	2606:4700::6812:1e97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://signals.aimtell.com/matches?token=f5d7c95ea0af0ed4512d414529c2dffa&gtmcb=558171001 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://writesun.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:37 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type image/gif access-control-allow-origin * access-control-allow-credentials true cf-ray 75ffea03ba499295-FRA access-control-allow-headers Content-Type, * content-length 43
GET		cookie api.traversedlp.com/retargeting/v1/	0 0
GET H2	200	/ Show response iwin.rewardsadvisor.com/	392 KB 66 KB	99ms 15ms	Document text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=wnoot43thhhs7q0k24ijt28s&aff_sub4=&aff_sub5=&clickid=022b721ead2a432a1019243c20c3fb62&pub=202950&cid=29415&sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Requested by Host: writesun.com URL: https://writesun.com/js/main.js?v=2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 86df12ce4100742c78b90a834bd5c7c4664f9abbb4d1c426f0b3e537736ca28b Request headers Referer https://writesun.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 content-encoding br content-length 67036 content-type text/html date Wed, 26 Oct 2022 02:55:37 GMT etag "8583e8a2e758ed434f8d3572a7c1c799" last-modified Tue, 25 Oct 2022 18:37:50 GMT server keycdn-engine x-amz-version-id CRkN8CvK7XDb9EuILOCbEafQ_OnNPyce x-cache HIT x-cache-status HIT x-edge-location defr
GET H2	200	presenter.ae7ecc5.css impressure-c630.kxcdn.com/	18 KB 5 KB	73ms 16ms	Stylesheet text/css	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css Requested by Host: iwin.rewardsadvisor.com URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=wnoot43thhhs7q0k24ijt28s&aff_sub4=&aff_sub5=&clickid=022b721ead2a432a1019243c20c3fb62&pub=202950&cid=29415&sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:37 GMT content-encoding br x-amz-request-id XWP7BA0VNZP8XD2C x-edge-location defr x-cache HIT content-length 4919 x-amz-id-2 AS4TzwqZnv2DTRxGeHciDFvlbGyDNvbSnPvP/luqYzqG4XhS5Z88Ugib6YVZgwalRSc8NgjkG3Y= last-modified Tue, 23 Aug 2022 19:45:30 GMT server keycdn-engine etag "c8ba4cfb85a21500b78f527fec541e40" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:37 GMT
GET H2	200	presenter.b5337b9.js Show response impressure-c630.kxcdn.com/	408 KB 105 KB	74ms 16ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.b5337b9.js Requested by Host: iwin.rewardsadvisor.com URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=wnoot43thhhs7q0k24ijt28s&aff_sub4=&aff_sub5=&clickid=022b721ead2a432a1019243c20c3fb62&pub=202950&cid=29415&sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash a6a54d80b5c033492bf1d432789671f1faa06e46916add5a469cfacd370c3eba Request headers Referer https://iwin.rewardsadvisor.com/ Origin https://iwin.rewardsadvisor.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:37 GMT content-encoding br x-amz-request-id REHEZVHF363T1G9C x-edge-location defr x-cache HIT content-length 106527 x-amz-id-2 xIgKP2dDiJObDtoaEHNL3IW3+Ltvrgksr4oYYzvwCNRxAue62a7ng8gbKI3Mpj7EszLuTy7XGds= last-modified Mon, 19 Sep 2022 23:22:53 GMT server keycdn-engine etag "5fa7b94726c1a44b9120065cb124128a" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:37 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	55ms 15ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: iwin.rewardsadvisor.com URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=wnoot43thhhs7q0k24ijt28s&aff_sub4=&aff_sub5=&clickid=022b721ead2a432a1019243c20c3fb62&pub=202950&cid=29415&sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 26 Oct 2022 01:15:54 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 5983 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Wed, 26 Oct 2022 03:15:54 GMT
GET H/1.1	200 OK	info Show response events.impressure.io/	882 B 1 KB	785ms 179ms	XHR application/json	35.160.67.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/info?v=2&nonce=15005755221544648&userId= Requested by Host: iwin.rewardsadvisor.com URL: https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&email=&firstname=&lastname=&dob-m=&dob-d=&dobyear=&gender=&address=&city=&state=&zip=&phone=&aff_sub=202950&aff_sub2=&aff_sub3=wnoot43thhhs7q0k24ijt28s&aff_sub4=&aff_sub5=&clickid=022b721ead2a432a1019243c20c3fb62&pub=202950&cid=29415&sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.160.67.40 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-67-40.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash bc418f52fe90d7e811f7b3bab6649d2db28eb43eb2cd146568cec99417d18879 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 02:55:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx ETag W/"372-fBhXgE/Js/qn8xyekMquS0LySbw" X-Powered-By Express Vary Accept-Encoding, Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://iwin.rewardsadvisor.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 611
GET DATA	200 OK	truncated /	21 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1740eb3582765eae284529c56ce021b52cbb0889add2ca43be4c731bc561ff20 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	loading.d78985d5a90c42d31aaaf9203cddb569.gif impressure-c630.kxcdn.com/	2 KB 2 KB	16ms 15ms	Image image/gif	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09 Request headers accept-language de-DE,de;q=0.9 Referer https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:37 GMT content-encoding gzip x-amz-request-id XQS2W5RWX8ZAHJNF x-edge-location defr x-cache HIT content-length 1315 x-amz-id-2 dIBmdMR5ZovUE7i91gxM+8YSRVOJwKkeD37cvIlcVs7IoI02M9FtJVk7JANR96yRLGHyoHsWFRs= last-modified Tue, 21 Aug 2018 14:21:48 GMT server keycdn-engine etag W/"d78985d5a90c42d31aaaf9203cddb569" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/plain access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:37 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/	84 KB 27 KB	116ms 21ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82f420005cd31fab6b4ab016a07d623e8f5773de90c526777de5ba91e9be3b4d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=15780000 age 1751330 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 26983 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-14e7e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 75ffea0b0c126913-FRA expires Mon, 16 Oct 2023 02:55:38 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 973 B	67ms 27ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@500;800&display=swap Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8c4dd6ecdbe8ca863a0b4f2466b23a41e9157ebf8323286ece740d5d2eb78f42 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 26 Oct 2022 02:55:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 26 Oct 2022 02:55:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 26 Oct 2022 02:55:38 GMT
GET H/1.1	200 OK	trackpush.min.js Show response s3.amazonaws.com/trackpush/	47 KB 13 KB	336ms 125ms	Script text/javascript	52.216.76.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/trackpush/trackpush.min.js Requested by Host: writesun.com URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.76.206 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 53e7247e0683d7fc377a2d3bd91e1f8d2c2144e77ab331762ca1f8ed85af4866 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 02:55:40 GMT Content-Encoding gzip Last-Modified Thu, 23 Jun 2022 15:49:51 GMT Server AmazonS3 x-amz-request-id DSMPYT1T62JCRD74 ETag "2852a7e73e6ac9f0ec2ec335bb611c3f" Content-Type text/javascript Cache-Control max-age=86400 Accept-Ranges bytes Content-Length 13336 x-amz-id-2 wg3AJvSTQjAqdA87TFNU4uFjXVs5UKfYp2BBWzMc481Af9f5FUCf1dLMy5JGGUoh8mOFlPBiM5I=
GET H2	200	request.js Show response script.anura.io/	54 KB 20 KB	60ms 60ms	Script application/javascript	35.177.111.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/request.js?instance=2383107219&source=202950-&campaign=2017&variable=optionalResponseObjectVariable&856831940071 Requested by Host: writesun.com URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.111.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-111-21.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash ae5dc032eb5105bc6a6d90dd9eb88cb7d8704bf1fa8b6e9269752232a85e894c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers pragma no-cache date Wed, 26 Oct 2022 02:55:38 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	track.js Show response signals.aimtell.com/	3 KB 2 KB	22ms 22ms	Script text/javascript	2606:4700::6812:1e97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://signals.aimtell.com/track.js Requested by Host: writesun.com URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8af52cdb7068ec0dad8355ec4a5bad77b17a3cc1e8bc19b0f66f41d4a53ac3c0 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding gzip cf-cache-status HIT age 1845 x-guploader-uploadid ADPycduPtLbqGSOz7QhpybF5t7Nu52-VuqTtSkXWWs4AuNl2TiZfzp2yZcqVDFJuYAbMNnCOcsEKNruCjag9E69rRFtfhw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity last-modified Fri, 10 Sep 2021 18:50:33 GMT server cloudflare etag W/"e9cc12470321b3946d361c51f89f737a" vary Accept-Encoding x-goog-hash crc32c=VcSEVw==, md5=6cwSRwMhs5RtNhxR+J9zeg== x-goog-generation 1631299833653847 content-type text/javascript cache-control public, max-age=14400 x-goog-stored-content-length 3188 cf-ray 75ffea0b6f969295-FRA expires Wed, 26 Oct 2022 06:55:38 GMT
GET H2	200	d9043e5a-8dec-45e2-8de0-3afdff9211cf.js Show response iwin.rewardsadvisor.com/chunk/182459/	37 KB 8 KB	16ms 16ms	Script text/html	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://iwin.rewardsadvisor.com/chunk/182459/d9043e5a-8dec-45e2-8de0-3afdff9211cf.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 63efcc4d456999c3f776489806a4134d29057042d0a6ed9fe1ca36ea8cc532c9 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/?utm_content=walmart1000&aff_id=2042&offer_id=29415&aff_sub=202950&aff_sub2=&aff_sub3=wnoot43thhhs7q0k24ijt28s&aff_sub4=&aff_sub5=&clickid=022b721ead2a432a1019243c20c3fb62 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding br x-amz-version-id 9QNxUZHr40OGbZ2rJHefNbeATHdbqo88 last-modified Tue, 25 Oct 2022 18:37:45 GMT server keycdn-engine x-edge-location defr etag "3603bdf1a796be11794eb41c5cfc5b21" x-cache-status REVALIDATED x-cache HIT content-type text/html access-control-allow-origin * cache-control no-cache, must-revalidate, max-age=0 accept-ranges bytes content-length 7502
GET H2	200	chunk.7.b6c5ab6.css impressure-c630.kxcdn.com/	1 KB 961 B	16ms 15ms	Stylesheet text/css	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.b6c5ab6.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 1238e9e850bf28665fe81529e39af4a4751988b6954cfc341bb027fb8ad1a94d Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding br x-amz-request-id 83EK97DW7SW7TRY5 x-edge-location defr x-cache HIT content-length 537 x-amz-id-2 MdIGF42MzW3UZOiXM1IoXiDxohh89GmVhGEGD+Bk09J3jU5/UIERqxAFRiK/QDotA92xSdow4BQ= last-modified Tue, 23 Aug 2022 19:45:30 GMT server keycdn-engine etag "1f2e32f2ccbe4956bd43b676c6acbdc8" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:38 GMT
GET H2	200	chunk.7.9b4f67e.js Show response impressure-c630.kxcdn.com/	11 KB 4 KB	16ms 16ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.9b4f67e.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash faef7e5b106e32b318fa40bf26d7da80874ef9bde24adecb65e8742b34f16d39 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding br x-amz-request-id PETFQCX0P1Y1J99K x-edge-location defr x-cache HIT content-length 3350 x-amz-id-2 8LZnP3TrOXXpsZojrobm5JhZHYaG3E/zoz3jai9BdYsaMI6H9gC7yex+9YH4BaBh6dzpFMD/25c= last-modified Tue, 23 Aug 2022 19:45:33 GMT server keycdn-engine etag "aab16c3901aa85bf6cbd3d12fb635424" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:38 GMT
GET H2	200	chunk.4.e1ba812.css impressure-c630.kxcdn.com/	2 KB 1 KB	16ms 15ms	Stylesheet text/css	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.e1ba812.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding br x-amz-request-id 4DX7TQM2KR8GCXEM x-edge-location defr x-cache HIT content-length 784 x-amz-id-2 OjS6tp5U9DUspqJ9keZ1UmZ9Oogd90iJNVxPJrD1p4W49qHN5AYPm+reGbLnq94vTfkzQzQ/PUA= last-modified Tue, 23 Aug 2022 19:45:27 GMT server keycdn-engine etag "1d4504cd8eb1a924fa3877af155e3acb" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:38 GMT
GET H2	200	chunk.4.632257f.js Show response impressure-c630.kxcdn.com/	58 KB 14 KB	16ms 16ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.632257f.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash 6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding br x-amz-request-id BQ3S610ZA1B0V1NN x-edge-location defr x-cache HIT content-length 13564 x-amz-id-2 32phdEnB6ZmM9r2fwEob7UOBMk3++LV8X1YsCNE22t/v1Fip/uiPW6Qav+C8RxxCKTbaol2sZQw= last-modified Tue, 23 Aug 2022 19:45:33 GMT server keycdn-engine etag "b1ded3ed49dd625cfd1196fd4bf192df" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:38 GMT
GET H2	200	chunk.13.7a5258a.js Show response impressure-c630.kxcdn.com/	17 KB 5 KB	20ms 20ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.13.7a5258a.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:38 GMT content-encoding br x-amz-request-id PET8C3BRGCN19HHM x-edge-location defr x-cache HIT content-length 5065 x-amz-id-2 PuCHeyyMhZLQlkNGB8SYeCs3eOJqkWQW1pSlI+e/irNY3K8a0YCzuYBGPwTCCYE8Tj2I+IclI0g= last-modified Tue, 23 Aug 2022 19:45:26 GMT server keycdn-engine etag "04b6f9c350e90de6b9711301bf2c2b72" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:38 GMT
GET H2	200	42ae01b4-4469-4747-aad9-edd7ba9aea44.png djk97zng6lbya.cloudfront.net/2022/10/12/14/12/07/	57 KB 57 KB	79ms 21ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/10/12/14/12/07/42ae01b4-4469-4747-aad9-edd7ba9aea44.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 37a0695d3ae9b3487d7d1c9322541c806915e7550d42667b2702088faae09699 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Mon, 17 Oct 2022 17:44:12 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 14:12:08 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 724287 etag "74c67f4061c6a17f52e1c90d5a4111e9" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 57923 x-amz-cf-id 3PHNSB5cpk0dV4gBemxrESBQLuKReepugNTF4eBduYd_rtWs85ID1w==
GET H/1.1	200 OK	lists Show response events.impressure.io/	31 B 424 B	182ms 182ms	Fetch application/json	35.160.67.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/lists?id=0&q=193.27.14.10%C2%ABaf259db141b1893e3b54918d59313501&v=4 Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.160.67.40 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-67-40.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817 Request headers accept application/json Referer https://iwin.rewardsadvisor.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 content-type text/plain Response headers Date Wed, 26 Oct 2022 02:55:38 GMT Server nginx ETag W/"1f-w2zQu5TAHledxtxl6Y4gzn1Q0XY" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://iwin.rewardsadvisor.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 31
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	56ms 23ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1965904113&t=pageview&_s=1&dl=https%3A%2F%2Fiwin.rewardsadvisor.com%2F%3Futm_content%3Dwalmart1000%26aff_id%3D2042%26offer_id%3D29415%26aff_sub%3D202950%26aff_sub2%3D%26aff_sub3%3Dwnoot43thhhs7q0k24ijt28s%26aff_sub4%3D%26aff_sub5%3D%26clickid%3D022b721ead2a432a1019243c20c3fb62&dr=https%3A%2F%2Fwritesun.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Amazon250-black-fri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACACI~&jid=1986072273&gjid=1934357712&cid=25143789.1666752938&tid=UA-204685638-1&_gid=222813802.1666752938&_r=1&_slc=1&cd1=202950&z=2110308130 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://iwin.rewardsadvisor.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 26 Oct 2022 02:55:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://iwin.rewardsadvisor.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	events Show response events.impressure.io/	72 B 498 B	384ms 211ms	Fetch application/json	35.160.67.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.160.67.40 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-67-40.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash d24ff45301f89d7109d3ad418dfca083ff0e2367e400a464fa44390b1be409f4 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://iwin.rewardsadvisor.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 content-type text/plain Response headers Date Wed, 26 Oct 2022 02:55:39 GMT X-Content-Type-Options nosniff Server nginx ETag W/"48-3R9mOIFx/VcKL55GtMU8utceiWU" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://iwin.rewardsadvisor.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 72
GET H2	200	564fac38-4ebc-4569-8d84-0cadfad0d7f9.png djk97zng6lbya.cloudfront.net/2021/08/11/16/37/53/	8 KB 9 KB	19ms 18ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2021/08/11/16/37/53/564fac38-4ebc-4569-8d84-0cadfad0d7f9.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 755158b8ec87a849abf410abd4f21887243ce6975e6aeff7cdd5d1fd3a2780cd Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Sun, 04 Sep 2022 04:54:45 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) last-modified Wed, 11 Aug 2021 16:37:54 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 4485655 etag "59fe4cfd2c2f6d7878dd42219052f91b" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 8523 x-amz-cf-id W0BDN-nq3tIQQImxAj_0Q1pkHo9S_yUbvq4V5hnIH__nuz1E1zwnmw==
GET H2	200	c500d8e4-4ef1-4b24-9fc2-e910d396b713.png djk97zng6lbya.cloudfront.net/2022/07/27/00/56/35/	24 KB 24 KB	19ms 19ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/07/27/00/56/35/c500d8e4-4ef1-4b24-9fc2-e910d396b713.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4605f450d8d4efa82bfe330a6a9ade402ab5680705e99d256d2ad82d59207abb Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Tue, 16 Aug 2022 12:48:43 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) last-modified Wed, 27 Jul 2022 00:56:36 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 6098817 etag "078a3623df71af387727d064cbae48d8" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 24237 x-amz-cf-id _ll-lxOIn8pV0f0Y1bizv2VfLc10SB7io5_ee9Uv1ATLUGJmssP9Lg==
GET H2	200	fetch Show response signals.aimtell.com/	70 B 309 B	22ms 22ms	XHR application/json	2606:4700::6812:1e97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://signals.aimtell.com/fetch?t=c2lnbmFsc2Rtcw&show=1 Requested by Host: signals.aimtell.com URL: https://signals.aimtell.com/track.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e632d79e806750d82a7a15644cde05cc3b5ebb204c54cc286c1ec0c8fd14eb6d Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:39 GMT content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/json;charset=UTF-8 access-control-allow-origin https://iwin.rewardsadvisor.com access-control-allow-credentials true cf-ray 75ffea0d28b69295-FRA access-control-allow-headers Content-Type, *
GET H2	200	2a1f56b6-34f0-4e98-acaa-9056f3d6b2a5.png djk97zng6lbya.cloudfront.net/2022/10/12/19/05/10/	18 KB 18 KB	18ms 18ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/10/12/19/05/10/2a1f56b6-34f0-4e98-acaa-9056f3d6b2a5.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 503d8005d56b23f07da3eebec26509abdbaa644af0c101b2974297ef5e4407e5 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Mon, 17 Oct 2022 17:44:25 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 19:05:11 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 724275 etag "60f9952f2203983d61cc16d8bbac6119" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 18513 x-amz-cf-id vvz39EFBvdk6H2WM1velIvqSMGGdgnGWs4IXAMhg9_8jcOU3jOcVdA==
GET H2	200	68b265b8-4f64-4980-aa9e-c3e05c639353.png djk97zng6lbya.cloudfront.net/2022/10/12/17/51/44/	14 KB 14 KB	20ms 20ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/10/12/17/51/44/68b265b8-4f64-4980-aa9e-c3e05c639353.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 0b1340f01354322423dd2fe7260bcadaa003400d9c473092e60c99e59a373ce6 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Mon, 17 Oct 2022 17:44:25 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 17:51:45 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 724275 etag "0e7e031a2250b2fc8676c10bbe195fe4" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 14226 x-amz-cf-id hhzm9iFmBCTFol1sbLek8WLaq39gGTuBMdEo6lCGhcoVr2hwD89iCg==
GET H2	200	8700fd55-2840-4743-ad5e-a7afce0b404e.png djk97zng6lbya.cloudfront.net/2022/10/12/17/51/52/	17 KB 17 KB	19ms 19ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/10/12/17/51/52/8700fd55-2840-4743-ad5e-a7afce0b404e.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 312fc9a4a13ff230aad870b7992e31b57469bc04b46798269ee09fb5e218f979 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Mon, 17 Oct 2022 17:44:25 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) last-modified Wed, 12 Oct 2022 17:51:53 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 724274 etag "38db81322313508cf2fe75a6c09ea350" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 17229 x-amz-cf-id FFqC0BRtLX4n8ScwZwxMCMyxduIZHUmkl3zR5WupNIVo5oGvhRceog==
GET H2	200	4b21c917-535e-4b59-a41f-1357218b887d.png djk97zng6lbya.cloudfront.net/2022/10/13/14/59/20/	163 KB 164 KB	18ms 17ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2022/10/13/14/59/20/4b21c917-535e-4b59-a41f-1357218b887d.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 14ac70dd7c8452882cae2caff9787eb885b43e3044430987c2915cc9577de5a0 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Mon, 17 Oct 2022 17:47:00 GMT via 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront) last-modified Thu, 13 Oct 2022 14:59:22 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 age 724120 etag "912e5a969a05ee33ba628bd3d5cd94ef" x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 167328 x-amz-cf-id xgZZZTysxesmHGC2pw7r9Th7F0_GtVzENy5d1_Z-va9E1smVzVdXxQ==
GET H2	200	chunk.1.24bd7cb.js Show response impressure-c630.kxcdn.com/	119 KB 29 KB	16ms 16ms	Script application/javascript	2a0b:4d07:101::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.1.24bd7cb.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn-engine / Resource Hash ee3dc6dae29a50c2a6a7b77a5d8f5be706488215ddeda2dfef10ddc31da5956a Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:39 GMT content-encoding br x-amz-request-id BSGNCD7MTZN7CZ3V x-edge-location defr x-cache HIT content-length 29129 x-amz-id-2 Yp3oI3/Xd6FwgSj8uqKJLbOXvus28LLFIw7F6SWBrP/PaT+rZXBRglxapnNdJbXwxHXcPKAgLeo= last-modified Tue, 23 Aug 2022 19:45:26 GMT server keycdn-engine etag "2bc0ccd647e1f04eec548e8319d94de8" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Wed, 02 Nov 2022 02:55:39 GMT
POST H/1.1	200 OK	events Show response events.impressure.io/	75 B 501 B	363ms 218ms	Fetch application/json	35.160.67.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.160.67.40 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-160-67-40.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash c861c6b4f80704e071c555b1fca3e152a3480692098c733708c29175095bdf78 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://iwin.rewardsadvisor.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 content-type text/plain Response headers Date Wed, 26 Oct 2022 02:55:39 GMT X-Content-Type-Options nosniff Server nginx ETag W/"4b-XXaIW9LTGf9lBcO/D/64gF8KsyU" X-Powered-By Express Vary Origin P3P CP="Impressure does not have a P3P policy." Access-Control-Allow-Origin https://iwin.rewardsadvisor.com Content-Type application/json; charset=utf-8 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 75
POST H2	200	pageview Show response signals.aimtell.com/	43 B 180 B	35ms 35ms	XHR image/gif	2606:4700::6812:1e97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://signals.aimtell.com/pageview?id_site=24312&v=3.972&support=1&state=default&wl=1 Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/trackpush/trackpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:39 GMT aimtell-hash-exists 0 server cloudflare vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type image/gif access-control-allow-origin https://iwin.rewardsadvisor.com aimtell-traverse 1 access-control-expose-headers Aimtell-Hash-Exists, Aimtell-Traverse access-control-allow-credentials true cf-ray 75ffea0d892f9295-FRA access-control-allow-headers Content-Type, * content-length 43
GET H2	200	24312-041e2bdba891.json Show response cdn.aimtell.io/config/optin/	626 B 901 B	455ms 410ms	XHR application/json	2606:4700:10::6816:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aimtell.io/config/optin/24312-041e2bdba891.json Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/trackpush/trackpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a1bd1ad33d4d45a78f3c69783b61ee489bfdba30136d010686a65cd1c1b9e74 Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:39 GMT content-encoding gzip via 1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront) cf-cache-status DYNAMIC x-amz-cf-pop DUS51-P2 x-cache RefreshHit from cloudfront content-length 424 last-modified Mon, 02 May 2022 17:56:33 GMT server cloudflare etag "ad9357b4d852b54d407519c4f7bfd01e" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=86400 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes cf-ray 75ffea0dba396983-FRA x-amz-cf-id Fvjis0n6wVPJADOzAwzIt_PWLysD7LkuYmyjIg270pCx9h0oYd8t0A==
GET H2	200	traverse Show response signals.aimtell.com/ Frame B25E	30 B 106 B	28ms 28ms	Document text/html	2606:4700::6812:1e97 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://signals.aimtell.com/traverse Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/trackpush/trackpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e97 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19 Request headers Referer https://iwin.rewardsadvisor.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, * access-control-allow-methods GET,HEAD,OPTIONS access-control-allow-origin * cf-ray 75ffea0dd9799295-FRA content-length 30 content-type text/html;charset=UTF-8 date Wed, 26 Oct 2022 02:55:39 GMT server cloudflare vary Accept-Encoding
POST H2	200	response.json Show response script.anura.io/	132 B 473 B	136ms 80ms	XHR application/json	35.177.111.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/response.json Requested by Host: script.anura.io URL: https://script.anura.io/request.js?instance=2383107219&source=202950-&campaign=2017&variable=optionalResponseObjectVariable&856831940071 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.111.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-111-21.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash ad9002f7daeb9ff73db7f1e35f7ebe57b0a06c2a5e6a4ea00118b4d0dfa50a50 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://iwin.rewardsadvisor.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 26 Oct 2022 02:55:39 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	1 stats.pusher.com/timeline/v2/jsonp/	0 75 B	360ms 101ms	Script application/javascript	23.22.143.159 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://stats.pusher.com/timeline/v2/jsonp/1?session=MzkyNDE4NDEw&bundle=MQ%3D%3D&key=NTAyODM0YTg1MjU1MGVlNDZkZjk%3D&lib=anM%3D&version=NC40LjA%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2NjY3NTI5MzkxNTl9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjY2NzUyOTM5MTYwfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjY2NzUyOTM5MTYwfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTY2Njc1MjkzOTE2MH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTY2Njc1MjkzOTE2MX0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTY2Njc1MjkzOTU0MH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI0MzU5MzIuMTI1ODEzMiJ9LCJ0aW1lc3RhbXAiOjE2NjY3NTI5Mzk1NDF9XQ%3D%3D Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/chunk.1.24bd7cb.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.22.143.159 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-22-143-159.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:39 GMT server awselb/2.0 content-length 0 content-type application/javascript; charset=utf-8
POST H2	200	result.json script.anura.io/	81 B 436 B	50ms 50ms	XHR application/json	35.177.111.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.anura.io/result.json Requested by Host: writesun.com URL: https://writesun.com/a44bdaabfdb516207ac6484ce43786051/?sid1=&sid2=wnoot43thhhs7q0k24ijt28s&sid3=&sid4= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.177.111.21 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-177-111-21.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://iwin.rewardsadvisor.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Wed, 26 Oct 2022 02:55:39 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding access-control-allow-methods GET, POST content-type application/json; charset=utf-8 access-control-allow-origin * cache-control private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 expires Sun, 28 Dec 1980 18:57:00 EST
GET H2	200	Primary Request / sendmesamples.com/ Redirect Chain http://go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2042&aff_sub2=--202950-012&aff_sub3=9473b5d0-6622-4dd5-8148-28bd393b34b3&aff_sub4=2042 https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2042&aff_sub1=012-2042&aff_sub2=--202950-012&aff_sub3=9473b5d0-6622-4dd5-8148-28bd393b34b3&aff_sub4=2042&aff_sub5=&creative_id=1025&offer_id=2... https://sendmesamples.com/	8 KB 0	1152ms 1062ms	Document text/html	2a06:98c1:3120::3
General Check archive.org Show headers Download Go to Full URL https://sendmesamples.com/ Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.b5337b9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 -, , ASN (), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 75ffea1359acbbcd-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 26 Oct 2022 02:55:41 GMT link <https://sendmesamples.com/wp-json/>; rel="https://api.w.org/" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4dGA7FGQAmv5vtp3Ir4FFCgxPCv4sslGyCzp%2BU7OFU4Wl41Gzrlv%2Bjv7DxN2%2BYdRblg950f3Zo5%2BFgCLKeJYzhOcGomurlZcG16uINabIX6JWWItQgefQR32QcvOa%2F5f3KfjLrPOX%2BjZJkKXFAjag%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 Redirect headers access-control-allow-headers Tune-SDK-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 75ffea124f849bc8-FRA content-type text/html; charset=iso-8859-1 date Wed, 26 Oct 2022 02:55:39 GMT expires Sat, 26 Jul 1997 05:00:00 GMT location https://sendmesamples.com/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} p3p CP="NOI CUR OUR NOR INT" pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg5qyTisXtOGFcMedpvWbjr93LTCWoeB%2B5RMRci8s2Smhs2XS%2Futnsl21jvNHmIrm8o%2FQPGbwlX0WDYjp5s7U7hUiNaMf6O%2FDSGoaa%2FVJLOUIgDgMOgzwvEUgY2ZN%2Bea9ac9T%2B%2B%2F54M1%2BYtF86hz"}],"group":"cf-nel","max_age":604800} server cloudflare tracking_id 102209464046222624885421450240 x-request-id 155ca04ccc088c0127e77798fff553ef x-robots-tag noindex, nofollow
GET H2	200	24312-041e2bdba891.json cdn.aimtell.io/config/	95 B 291 B	129ms 129ms	XHR application/json	2606:4700:10::6816:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aimtell.io/config/24312-041e2bdba891.json Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/trackpush/trackpush.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://iwin.rewardsadvisor.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Wed, 26 Oct 2022 02:55:40 GMT content-encoding gzip via 1.1 c9ca35e5541827c5873bfdb59f015b20.cloudfront.net (CloudFront) cf-cache-status DYNAMIC x-amz-cf-pop DUS51-P2 x-cache RefreshHit from cloudfront content-length 104 last-modified Fri, 13 Aug 2021 18:56:17 GMT server cloudflare etag "2e9a47727caf9c4def7ceb9e72845ea1" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=86400 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes cf-ray 75ffea12af046983-FRA x-amz-cf-id R3o2Syp5t5pj9zkgRZxbm3G_DyOxcDQVGH-XSwQOFla1Drudk0HY0w==
GET		style.css sendmesamples.com/wp-content/themes/wp-prosper204/	0 0
GET		style.css sendmesamples.com/wp-content/plugins/share-this/css/	0 0
GET		video-container.min.css sendmesamples.com/wp-content/plugins/simple-embed-code/css/	0 0
GET		sfsi-style.css sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/css/	0 0
GET		font-awesome.min.css sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/	0 0
GET		core.css sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/	0 0
GET		style.min.css sendmesamples.com/wp-content/plugins/layered-popups/css/	0 0
GET		link-buttons.min.css sendmesamples.com/wp-content/plugins/layered-popups/css/	0 0
GET		animate.min.css sendmesamples.com/wp-content/plugins/layered-popups/css/	0 0
GET		smc_front.css sendmesamples.com/wp-content/plugins/social-media-icons/styles/	0 0
GET		jquery.js sendmesamples.com/wp-includes/js/jquery/	0 0
GET		jquery-migrate.min.js sendmesamples.com/wp-includes/js/jquery/	0 0
GET		flexslider.js sendmesamples.com/wp-content/themes/wp-prosper204/js/	0 0
GET		external.js sendmesamples.com/wp-content/themes/wp-prosper204/js/	0 0
GET		suckerfish.js sendmesamples.com/wp-content/themes/wp-prosper204/js/	0 0
GET		buttons.js w.sharethis.com/button/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.traversedlp.com

URL

https://api.traversedlp.com/retargeting/v1/cookie

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/themes/wp-prosper204/style.css

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/share-this/css/style.css?ver=c7dede5046272710d637a0d7ee3bd538

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/simple-embed-code/css/video-container.min.css?ver=c7dede5046272710d637a0d7ee3bd538

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/ultimate-social-media-icons/css/sfsi-style.css?ver=c7dede5046272710d637a0d7ee3bd538

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/font-awesome.min.css?ver=4.7.0

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/wp-affiliate-disclosure/assets/css/core.css?ver=1.2.2

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/layered-popups/css/style.min.css?ver=6.39

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/layered-popups/css/link-buttons.min.css?ver=6.39

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/layered-popups/css/animate.min.css?ver=6.39

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/plugins/social-media-icons/styles/smc_front.css?ver=1.2.5

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/themes/wp-prosper204/js/flexslider.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/themes/wp-prosper204/js/external.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain

sendmesamples.com

URL

https://sendmesamples.com/wp-content/themes/wp-prosper204/js/suckerfish.js?ver=c7dede5046272710d637a0d7ee3bd538

Domain

w.sharethis.com

URL

https://w.sharethis.com/button/buttons.js