URL: https://thepointsguy.com/news/zoom-backgrounds/
Submission: On December 12 via manual from US — Scanned from DE

Summary

This website contacted 29 IPs in 4 countries across 18 domains to perform 195 HTTP transactions. The main IP is 151.101.130.132, located in United States and belongs to FASTLY, US. The main domain is thepointsguy.com. The Cisco Umbrella rank of the primary domain is 48737.
TLS certificate: Issued by R3 on November 21st 2023. Valid for: 3 months.
This is the only time thepointsguy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
30 151.101.130.132 54113 (FASTLY)
7 151.101.65.194 54113 (FASTLY)
8 100.24.172.59 14618 (AMAZON-AES)
4 2600:1f18:41d... 14618 (AMAZON-AES)
3 151.101.66.154 54113 (FASTLY)
7 18.64.79.98 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
20 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
16 3.223.9.153 14618 (AMAZON-AES)
2 18.232.10.106 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 23.213.165.236 16625 (AKAMAI-AS)
1 52.119.199.56 16509 (AMAZON-02)
5 132.226.214.62 31898 (ORACLE-BM...)
1 2001:4860:480... 15169 (GOOGLE)
1 3.33.220.150 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
18 2.18.161.148 16625 (AKAMAI-AS)
195 29
Apex Domain
Subdomains
Transfer
58 thepointsguy.com
thepointsguy.com — Cisco Umbrella Rank: 48737
empennage.api.thepointsguy.com — Cisco Umbrella Rank: 101564
beam.thepointsguy.com — Cisco Umbrella Rank: 82512
595 KB
25 cohesionapps.com
cdn.cohesionapps.com — Cisco Umbrella Rank: 21838
monarch.cohesionapps.com — Cisco Umbrella Rank: 36288
taggy.cohesionapps.com — Cisco Umbrella Rank: 28989
77 KB
22 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com — Cisco Umbrella Rank: 766
px.moatads.com — Cisco Umbrella Rank: 594
119 KB
18 moatpixel.com
redventuresgamdisplay60805146916.s.moatpixel.com — Cisco Umbrella Rank: 46746
5 KB
17 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
b227c1157b0e6655e951e5406790b04d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
447 KB
13 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
188 KB
7 fastly.net
thepointsguy.global.ssl.fastly.net — Cisco Umbrella Rank: 70327
511 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 324
192 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
193 KB
5 amazonaws.com
cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 2596
sts.us-east-1.amazonaws.com — Cisco Umbrella Rank: 7490
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
257 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2693
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
249 KB
3 redventures.io
at.adtech.redventures.io — Cisco Umbrella Rank: 39492
59 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6765
515 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1567
109 KB
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 557
60 B
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 548
303 B
195 18
Domain Requested by
30 thepointsguy.com thepointsguy.com
20 beam.thepointsguy.com thepointsguy.com
18 redventuresgamdisplay60805146916.s.moatpixel.com
16 monarch.cohesionapps.com thepointsguy.com
11 px.moatads.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
thepointsguy.com
tpc.googlesyndication.com
11 securepubads.g.doubleclick.net at.adtech.redventures.io
securepubads.g.doubleclick.net
thepointsguy.com
www.googletagservices.com
8 empennage.api.thepointsguy.com thepointsguy.com
7 cdn.cohesionapps.com thepointsguy.com
cdn.cohesionapps.com
7 thepointsguy.global.ssl.fastly.net thepointsguy.com
6 z.moatads.com at.adtech.redventures.io
z.moatads.com
thepointsguy.com
6 cdn.cookielaw.org thepointsguy.com
cdn.cookielaw.org
5 pagead2.googlesyndication.com thepointsguy.com
tpc.googlesyndication.com
www.googletagservices.com
5 mb.moatads.com z.moatads.com
5 www.google-analytics.com www.googletagmanager.com
thepointsguy.com
www.google-analytics.com
4 www.googletagservices.com thepointsguy.com
4 cognito-identity.us-east-1.amazonaws.com thepointsguy.com
3 www.googletagmanager.com thepointsguy.com
www.googletagmanager.com
3 at.adtech.redventures.io thepointsguy.com
2 www.google.de thepointsguy.com
2 www.google.com thepointsguy.com
tpc.googlesyndication.com
2 stats.g.doubleclick.net thepointsguy.com
www.googletagmanager.com
2 taggy.cohesionapps.com thepointsguy.com
2 cdn.confiant-integrations.net at.adtech.redventures.io
cdn.confiant-integrations.net
1 b227c1157b0e6655e951e5406790b04d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 insight.adsrvr.org thepointsguy.com
1 region1.analytics.google.com www.googletagmanager.com
1 sts.us-east-1.amazonaws.com thepointsguy.com
1 geolocation.onetrust.com thepointsguy.com
195 29
Subject Issuer Validity Valid
thepointsguy.com
R3
2023-11-21 -
2024-02-19
3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-11-09 -
2024-12-10
a year crt.sh
*.api.thepointsguy.com
Amazon RSA 2048 M01
2023-07-07 -
2024-08-04
a year crt.sh
cognito-identity.us-east-1.amazonaws.com
Amazon RSA 2048 M02
2023-05-08 -
2024-06-05
a year crt.sh
at.adtech.redventures.io
R3
2023-11-24 -
2024-02-22
3 months crt.sh
cdn.cohesionapps.com
Amazon RSA 2048 M02
2023-10-16 -
2024-11-11
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
confiant-integrations.net
GTS CA 1P5
2023-11-19 -
2024-02-17
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.thepointsguy.com
Amazon RSA 2048 M03
2023-09-25 -
2024-10-23
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.monarch.cohesionapps.com
Amazon RSA 2048 M03
2023-08-10 -
2024-09-06
a year crt.sh
*.taggy.cohesionapps.com
Amazon RSA 2048 M03
2023-11-29 -
2024-12-27
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
sts.us-east-1.amazonaws.com
Amazon RSA 2048 M01
2023-03-08 -
2024-03-07
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-06-20 -
2024-07-20
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 11 frames:

Primary Page: https://thepointsguy.com/news/zoom-backgrounds/
Frame ID: 3D4884B57D7FDA117EC50C3B74707A8E
Requests: 138 HTTP requests in this frame

Frame: https://cdn.cohesionapps.com/cohesion/xs2.html
Frame ID: AD053791CFD8B0C43D8D52441005043C
Requests: 2 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 778B53CC0163FBEF8261A691207785C5
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=7owldyh&ref=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&upid=n9g786q&upv=1.1.0&td1=fe2525ee-c58e-436f-a447-c4938481d642
Frame ID: 9571B0FBB50E7FDB10CAADDC18D1DD2B
Requests: 1 HTTP requests in this frame

Frame: https://b227c1157b0e6655e951e5406790b04d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FAEA90AD4EA6FC567FD51C1318EBE99
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2_ark5BtsGtYh8RNXrF1_8QpKFpBjPWcsbjBZrqn1nD5QTWRiyu08MWcKkOHyxQe9RFurApNE-xrbQodVBzbKuNOO31CyoFUWTL0g_edZ9m5TjQBFuj2So9_hCcwZKHWl58Nl1PmeuyoxIPM1WaDPEfyeR8kBtsWkyBuZtEnX2KZXCJMtbqEJ_BCU6kC4gD1PEUkuaRlISNoFNrqXMtXa_22Z-XAGWv0Dbhe9zo6UoXlQ1AsdtRnOoVqBMLecmvCzSnnnkPtdnB-XSz8OuYrADMxqBCT1XlIlX68LKzYvkQczdW0rhTRrlDMmHVpiKsKIwrFmdPks7ndzEqEEKpbilRfISQs71Zvs2YhFobPHrldd&sai=AMfl-YSYaYCNgq6hAveEVRxDlrf36AFZMGIJJllVXls7UMUdTyNwrRdkb_ysk82FxGEZWvpwJwTIYbhxd_fqACoF9F588xI_JDWEcXut8EZNXh9D3-fhei31S7a4Wc78desPXzpRllDOjEGUWDO6NiI8aqm-&sig=Cg0ArKJSzCPHYbXK22i7EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: B7B05D3B48E24143A581079DB3DD94C6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWmOmEhUJ1wVzfAnB8DWwCQmlH1lZHz266DegAFgV4SFV7Wu-hAo5SFZunEpa_1s4emTDHibkM3hBgYWDMyW9quJVKFaEyRjn8pfjfT45s2ONn90yiNr6T-9eGgWfZJsRNuZwj5SuW14tLC6YA_nN7Zwg5oYxlY1YTZncfLG9uNciR5ISs0GyaIcfufikXyTraCVvzD1Ptl1aM36NP4S4V4ULHWcqBENDOLUQWk_VNXGhAGsS9eRuNZXe8eK41D-7RMqQOzI1j-f5ygmvkdOsc5dQndrGVtBhD1HIjowTUxS_jqgzpWgtMvSXFJ5-Y-Cro7UWjHifzfLes70mLY2hnSqMRmiQ966eBPM01bnyTQcTA&sai=AMfl-YQtKBuEYNNFNZSw5TIlbxTRuSkvvvmAFZ3d2syApT-M2m_-541vH_QJeGFxRnKV7ztGMwb7UoCDE169S9pL_u4geaxWq6EI8hZLvbcKmnhe5v1y0lVyxCpR1N0n5p7oYUrEjX5PFX3x1i9oXAYKX3M5&sig=Cg0ArKJSzEDhbPQJqUEyEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 55F30E5A34306631F1734D630D15F860
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyZwdpKcZCfiCvYU6B2S-zojhow2EHIzuKfZRF2WWV-mx1PcEEUwcvCeavWgezbDxUW-aP0noGGWpzK1LZqMlBVlrchQsyjXlVgeg5ZS4tMAAYiRvucYdl0H_SZj5BEcVazu1fV-hOsMywc4-FfPpCRQqGVZN4wSXTfp4RSAePvkooSk7LpwVO_C-S8pL19GqvOTEVtGaCxviiMUrs66msWq4KeNdGbNWlkvPE5hNylg1PLDqEW4Qu4c2g8ttjkZrNnXqcxAcXb_2cB9APwKo4e2BA994UOkJzpPuhYm2xATmL1U8q0_rfxaAwDU7CuqdTnApE59hxIuz5IsAUdjIMpo8vamq3rkigpfFZj8H7SoDb&sai=AMfl-YTOCltr_ENSzj-yeEcfN3puxVC-HbSp2ASZC7ewiIbNZwGEhF-BR8_oRWc79ijLOlFpxm70etxcB_O_gIgessd4cI_52jxSAsGV_TdbAsT8On2yuOdvpjEOOYfVVIQzfzaha9Audqps5M1ewsAs8OQR&sig=Cg0ArKJSzI7jSTJy31jaEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 2C99EA5DCBA76210A6411CC87BE31D49
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnXD26YNmtAxapPjFK7yFpj177xzOz8yjjAshPJGmwmPov1FCklgVy8NuAfEwdxwXF4S_jQeHzhhHSu0YOHgFdFSDxZMa-UrpqL6EM1nYQ8G_njb08njNRTlObRIqMDgj6_oBcy04VJMqBclFKzOHxxKnMrwXIukB0QweyJlP54HZ304bE_4O3xVR1bE7O2fIXokM86odWSDW5rNOLtpq10A4Lim-PLuquGu3n4RAeaw8xuUbTn3yM5QzKm0MwwN15_iQRbbHdrhjlYqtGvW1tW8Oo5gMqhz0h0ON56s4Oi4o-_DNlH1q_s51yJJ0D7yawUZJ2YVg1d5amoUshGlA9-B9ySw7MsInav0z9VC6QWu9l&sai=AMfl-YS3Yc9QeyqR_I8G1linRQgOLMmj3sq9qCR3XQEpaPzVVlEJGFs_wAf3xGf3fFQgd8vNacoMv8Z_UOdF6U4WDgi1M9Knj5tuyHZlT5JRAV6zx3NtprEfLrGIupyKBj9BVxIgXnyXCKaDkP_irWx19syU&sig=Cg0ArKJSzI5E_ApY2m7HEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 53AA6410CBDA84F8DDAF9778A9E56F18
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7058FA29E413D5C6AE50847F41029629
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F725F198B02E436C64E587BEA66CEF00
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Download Zoom backgrounds from TPG for free - The Points Guy

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

195
Requests

100 %
HTTPS

57 %
IPv6

18
Domains

29
Subdomains

29
IPs

4
Countries

3005 kB
Transfer

8423 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

195 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
thepointsguy.com/news/zoom-backgrounds/
159 KB
33 KB
Document
General
Full URL
https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Next.js
Resource Hash
b34f946baa10360555709e392c99024a11f4e66cfa1c061865a12706aabdd9c6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
no-store, max-age=0
content-encoding
gzip
content-length
33683
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 17:49:59 GMT
etag
"13ilw6k21lq3hk2"
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-powered-by
Next.js
x-served-by
cache-fra-eddf8230066-FRA
x-shield-generation
947
x-timer
S1702403399.800831,VS0,VE655
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto/
11 KB
11 KB
Font
General
Full URL
https://thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Request headers

Referer
https://thepointsguy.com/
Origin
https://thepointsguy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:49:59 GMT
Via
1.1 varnish, 1.1 varnish
X-Shield-Generation
946
Age
276
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
11016
X-Served-By
cache-chi-kigq8000133-CHI, cache-fra-eddf8230020-FRA
X-Edge-Generation
946
Last-Modified
Fri, 08 Dec 2023 21:14:09 GMT
Server
AmazonS3
X-Timer
S1702403400.544529,VS0,VE2
ETag
"15fa3062f8929bd3b05fdca5259db412"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
53, 1
ZLqKeelYbATG60EpZBSDy4X0hVgzZQUfRDuZrPvH3D8.woff2
thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto-medium/
64 KB
64 KB
Font
General
Full URL
https://thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto-medium/ZLqKeelYbATG60EpZBSDy4X0hVgzZQUfRDuZrPvH3D8.woff2
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf

Request headers

Referer
https://thepointsguy.com/
Origin
https://thepointsguy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:49:59 GMT
Via
1.1 varnish, 1.1 varnish
X-Shield-Generation
946
Age
276
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
65484
X-Served-By
cache-chi-kigq8000062-CHI, cache-fra-eddf8230022-FRA
X-Edge-Generation
946
Last-Modified
Fri, 08 Dec 2023 21:14:09 GMT
Server
AmazonS3
X-Timer
S1702403400.515237,VS0,VE33
ETag
"90d1676003d9c28c04994c18bfd8b558"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
42, 1
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto-bold/
11 KB
11 KB
Font
General
Full URL
https://thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto-bold/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Request headers

Referer
https://thepointsguy.com/
Origin
https://thepointsguy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:49:59 GMT
Via
1.1 varnish, 1.1 varnish
X-Shield-Generation
946
Age
276
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
11020
X-Served-By
cache-chi-kigq8000152-CHI, cache-fra-eddf8230027-FRA
X-Edge-Generation
946
Last-Modified
Fri, 08 Dec 2023 21:14:09 GMT
Server
AmazonS3
X-Timer
S1702403400.537455,VS0,VE2
ETag
"a59072f933169d3f2db497f44ca4cbbe"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
49, 1
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2RlV9Su1cai.woff
thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto-slab/
15 KB
15 KB
Font
General
Full URL
https://thepointsguy.global.ssl.fastly.net/cdn/fonts/roboto-slab/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2RlV9Su1cai.woff
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32b6dc462015932bf0229c578425c7246a79003230193902ef38a128ea4b3635

Request headers

Referer
https://thepointsguy.com/
Origin
https://thepointsguy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:49:59 GMT
Via
1.1 varnish, 1.1 varnish
X-Shield-Generation
946
Age
276
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
15248
X-Served-By
cache-chi-klot8100041-CHI, cache-fra-eddf8230022-FRA
X-Edge-Generation
947
Last-Modified
Fri, 08 Dec 2023 21:14:09 GMT
Server
AmazonS3
X-Timer
S1702403400.562388,VS0,VE1
ETag
"1e8a079f5afd111f6a24c34ba309f47b"
Content-Type
font/woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
46, 1
BarlowGX.woff2
thepointsguy.global.ssl.fastly.net/cdn/fonts/barlow/
74 KB
75 KB
Font
General
Full URL
https://thepointsguy.global.ssl.fastly.net/cdn/fonts/barlow/BarlowGX.woff2
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7467ce1cce8a5291083fb7573b1b06e94f12291e09d8c5033fb9ad725be4a46e

Request headers

Referer
https://thepointsguy.com/
Origin
https://thepointsguy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:49:59 GMT
Via
1.1 varnish, 1.1 varnish
X-Shield-Generation
946
Age
276
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
75960
X-Served-By
cache-chi-kigq8000135-CHI, cache-fra-eddf8230027-FRA
X-Edge-Generation
947
Last-Modified
Fri, 08 Dec 2023 21:14:09 GMT
Server
AmazonS3
X-Timer
S1702403400.548900,VS0,VE2
ETag
"4ed9929f27a5205b0f3dfdf29a93d452"
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
42, 1
BarlowGX.woff
thepointsguy.global.ssl.fastly.net/cdn/fonts/barlow/
74 KB
75 KB
Font
General
Full URL
https://thepointsguy.global.ssl.fastly.net/cdn/fonts/barlow/BarlowGX.woff
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7467ce1cce8a5291083fb7573b1b06e94f12291e09d8c5033fb9ad725be4a46e

Request headers

Referer
https://thepointsguy.com/
Origin
https://thepointsguy.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:49:59 GMT
Via
1.1 varnish, 1.1 varnish
X-Shield-Generation
946
Age
276
x-amz-server-side-encryption
AES256
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
75960
X-Served-By
cache-chi-klot8100026-CHI, cache-fra-eddf8230020-FRA
X-Edge-Generation
946
Last-Modified
Fri, 08 Dec 2023 21:14:09 GMT
Server
AmazonS3
X-Timer
S1702403400.567363,VS0,VE52
ETag
"4ed9929f27a5205b0f3dfdf29a93d452"
Content-Type
font/woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Cache-Hits
36, 1
Zoom-Background-13.jpg
thepointsguy.global.ssl.fastly.net/us/originals/2020/03/
259 KB
259 KB
Image
General
Full URL
https://thepointsguy.global.ssl.fastly.net/us/originals/2020/03/Zoom-Background-13.jpg?width=1920
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68657bfe62de1839dfbb52472b4ae0b919eb8f6c9c4a4f3950ba58c843bdf9a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:50:00 GMT
Via
1.1 varnish, 1.1 varnish
X-Shield-Generation
947
Fastly-Io-Served-By
vpop-kiad7010228
Age
0
X-Amz-Server-Side-Encryption
AES256
X-Cache
MISS, MISS
Fastly-Io-Info
ifsz=1896477 idim=1920x1080 ifmt=jpeg ofsz=264758 odim=1920x1080 ofmt=webp
Connection
keep-alive
Fastly-Stats
io=1
Content-Length
264758
X-Edge-Generation
947
X-Served-By
cache-chi-klot8100122-CHI, cache-fra-eddf8230051-FRA
Server
AmazonS3
X-Timer
S1702403400.669162,VS0,VE860
Etag
"We+h9FyCuXsG0wn6wjjdwgOjAgmf+Z4UvnumZHWllLw"
Vary
Accept
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
0, 0
19b7e2cefc013c5c.css
thepointsguy.com/_next/static/css/
56 KB
9 KB
Stylesheet
General
Full URL
https://thepointsguy.com/_next/static/css/19b7e2cefc013c5c.css
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
88bebb821ebc59858c79922a9fa771a0443b8ea06f62ca5944bf0094a77e7ae6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
8907
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403399.481513,VS0,VE1
etag
W/"e0e0-18c5f0b14f8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
f43885c1f46cd985.css
thepointsguy.com/_next/static/css/
13 KB
5 KB
Stylesheet
General
Full URL
https://thepointsguy.com/_next/static/css/f43885c1f46cd985.css
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5fb6040f14bd78da9611b4fb9ee3ad64623e8ad8c59d3caddadc6e009be3f241

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
4474
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403399.481553,VS0,VE1
etag
W/"3210-18c5f0b14f8"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
webpack-68f7dc78dc239a04.js
thepointsguy.com/_next/static/chunks/
5 KB
2 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/webpack-68f7dc78dc239a04.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
86a3a572984449a8bfdee97f076e9ee2ebe0ae739f278bb704c09840675e7419

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
2132
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536915,VS0,VE1
etag
W/"1454-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
framework-ca706bf673a13738.js
thepointsguy.com/_next/static/chunks/
138 KB
44 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/framework-ca706bf673a13738.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
45458
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536900,VS0,VE1
etag
W/"2270e-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
main-a2ef3adbf3d1ffa5.js
thepointsguy.com/_next/static/chunks/
116 KB
33 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/main-a2ef3adbf3d1ffa5.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fcfca61abe50ab7c72008dd818391c37f6a053921eac488a7832d105df0e08f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
33831
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536805,VS0,VE8
etag
W/"1ceab-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
_app-e4377d35d2dfb6ec.js
thepointsguy.com/_next/static/chunks/pages/
684 KB
193 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e8c79537ad608051945cf6f0c9982eb74fd0298a124536763b25a7a93a58131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
196883
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536590,VS0,VE2
etag
W/"aaf32-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
9755-292b3508079227df.js
thepointsguy.com/_next/static/chunks/
10 KB
4 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/9755-292b3508079227df.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07341445c1bb2f07414fef3a4597f7a8a15a00151571a9d80481abc74d5bc14c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
4081
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536641,VS0,VE1
etag
W/"26f1-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
545-1780b3462ec563ac.js
thepointsguy.com/_next/static/chunks/
57 KB
15 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/545-1780b3462ec563ac.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
831efbe8f40da8a2721778725f0b68f468096f123a6cb72661cd8c3ae11c17d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
15584
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536771,VS0,VE1
etag
W/"e25f-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
5675-814521322ed603d8.js
thepointsguy.com/_next/static/chunks/
9 KB
4 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/5675-814521322ed603d8.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f19fc9a6d9d6580ba1fa59b8f7549fe4753376268862cf8833a9cf636ceaeb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
3983
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536744,VS0,VE1
etag
W/"25ef-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
952-b35dc2e2adf078a6.js
thepointsguy.com/_next/static/chunks/
76 KB
22 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/952-b35dc2e2adf078a6.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26fe0ebac8ccab418c979ad61477a37d36bd257d3fbc8376083c6b1e26b9d35e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
22598
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536496,VS0,VE2
etag
W/"1301b-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
6004-c2b0e6082f69cfcf.js
thepointsguy.com/_next/static/chunks/
48 KB
14 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/6004-c2b0e6082f69cfcf.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e234c8dd48112dd44edd655dd95e41026b1c0c7e2e06cc8b2563358ede2d470

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
13963
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536407,VS0,VE6
etag
W/"c148-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
4647-ba18e854faf0db35.js
thepointsguy.com/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/4647-ba18e854faf0db35.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25d2bb3ef7666734c5c8e9f46905a422cb029c7c5e71cd4a90592ee07eb3d012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
4380
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536297,VS0,VE12
etag
W/"2daf-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
3860-ce956ceb5bbb6f7a.js
thepointsguy.com/_next/static/chunks/
25 KB
7 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/3860-ce956ceb5bbb6f7a.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6da3cddeb9e73c811f751688c8672ed30b0bb960f31e7ee09ec62a8562020f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
6600
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536289,VS0,VE1
etag
W/"6376-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
5518-3ba66f8dbc1767ec.js
thepointsguy.com/_next/static/chunks/
19 KB
8 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/5518-3ba66f8dbc1767ec.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d755e28516ffa40507cab9e42dbf5339fa0e8cd6d85d2ea58fb5348e2aa82475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
8295
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536317,VS0,VE1
etag
W/"4d1b-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
1996-89f4cdc305590c64.js
thepointsguy.com/_next/static/chunks/
72 KB
23 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/1996-89f4cdc305590c64.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
152099f733a50d49cb0abbb66012a010503af956ce9eb1e02951bb3e223af7be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
23797
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536123,VS0,VE1
etag
W/"11f6c-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
3239-f2e64c0e521dad6e.js
thepointsguy.com/_next/static/chunks/
22 KB
5 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/3239-f2e64c0e521dad6e.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d1c67907cf4cf7c4bad640064a734d61874907da6aeebd12f8503db1775ba3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
5034
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536300,VS0,VE37
etag
W/"56d4-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
1636-6bd2d358e6b0a6b7.js
thepointsguy.com/_next/static/chunks/
18 KB
3 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/1636-6bd2d358e6b0a6b7.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faf3267f210d03b9b678da3fd1b5d559c8a96da515af139a144aff525301e7a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
3110
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536307,VS0,VE1
etag
W/"4621-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
9266-7f6d2fef14995809.js
thepointsguy.com/_next/static/chunks/
102 KB
6 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/9266-7f6d2fef14995809.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d2729e66acd17956a1c82b42a56e8030ed4dcb40e7065c50be448e4da48f8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
6200
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536588,VS0,VE2
etag
W/"197c5-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
7102-493daa94bfee0904.js
thepointsguy.com/_next/static/chunks/
44 KB
5 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/7102-493daa94bfee0904.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3242e531e65b2acfbe4e60056f1b1ec44891d20f841133d91504d058ddb4726

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
4899
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.536029,VS0,VE3
etag
W/"b0b5-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
8371-0760a0e451ec4b59.js
thepointsguy.com/_next/static/chunks/
18 KB
4 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/8371-0760a0e451ec4b59.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7009c21449e6c358b1355da398bb3fea44306c5c75e6fb769395922c0ddb80eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
3455
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.535956,VS0,VE2
etag
W/"487e-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
%5B...pathname%5D-2335697edb244f45.js
thepointsguy.com/_next/static/chunks/pages/
843 KB
122 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/chunks/pages/%5B...pathname%5D-2335697edb244f45.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ad4ff2ca8c5ac53fe7ff7a4b8df81fe3d3798087552cf69f71b3c3d804c4dcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
125123
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.535945,VS0,VE5
etag
W/"d2d4c-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
_buildManifest.js
thepointsguy.com/_next/static/sTqLfIar0e8MoSF-2n7Mo/
5 KB
2 KB
Script
General
Full URL
https://thepointsguy.com/_next/static/sTqLfIar0e8MoSF-2n7Mo/_buildManifest.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40fc00ab008a7b8e34a69e36e5391eda4f328bf9abbeb89b9f39290e8ed1365e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
270
x-cache
HIT
content-length
1607
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.535920,VS0,VE2
etag
W/"12cc-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
_ssgManifest.js
thepointsguy.com/_next/static/sTqLfIar0e8MoSF-2n7Mo/
77 B
139 B
Script
General
Full URL
https://thepointsguy.com/_next/static/sTqLfIar0e8MoSF-2n7Mo/_ssgManifest.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
946
via
1.1 varnish
age
270
x-cache
HIT
content-length
61
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:20:11 GMT
x-timer
S1702403400.535908,VS0,VE4
etag
W/"4d-18c5f0b14f8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
1
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
daily-dt.svg
thepointsguy.com/images/EmailSignUp/
25 KB
7 KB
Image
General
Full URL
https://thepointsguy.com/images/EmailSignUp/daily-dt.svg
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f416a3dca99ae36a1879941efd31211dcea3a31310ac2ed7e3440e96c0b64d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-shield-generation
947
via
1.1 varnish
age
0
x-cache
MISS
content-length
7208
x-served-by
cache-fra-eddf8230066-FRA
last-modified
Tue, 12 Dec 2023 17:14:02 GMT
x-timer
S1702403400.535888,VS0,VE96
etag
W/"636c-18c5f057390"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
x-cache-hits
0
graphql
empennage.api.thepointsguy.com/ Frame
0
0
Preflight
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
graphql
empennage.api.thepointsguy.com/ Frame
0
0
Preflight
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
graphql
empennage.api.thepointsguy.com/ Frame
0
0
Preflight
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
/
cognito-identity.us-east-1.amazonaws.com/ Frame
0
0
Preflight
General
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:4df3:454a:5580:5a3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
1ca7b2f6-e492-4c03-b1fe-36ebacfd58cf
bidbarrel-tpg.min.js
at.adtech.redventures.io/lib/dist/prod/
204 KB
58 KB
Script
General
Full URL
https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-tpg.min.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/main-a2ef3adbf3d1ffa5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e7af480789a5e160bc4c77c15ffa1091cc926ef1d4d6a13ac4f30e26804448e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
via
1.1 d1347b9ce80521e79364f7a40e7bb268.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
WAW51-P3
age
131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
59136
x-served-by
cache-fra-eddf8230091-FRA
last-modified
Tue, 24 Oct 2023 14:53:04 GMT
server
AmazonS3
x-timer
S1702403400.858872,VS0,VE2
etag
"797df0b6a2307eda96dff69d098edbf6"
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
max-age=900, public, must-revalidate
accept-ranges
bytes
x-amz-cf-id
ZMuuyji0g1UTYph8Td8cYjJzjUa04g9N82oIwpTNGoFZ6kIS3GotsA==
x-cache-hits
1
cohesion-to.min.js
cdn.cohesionapps.com/cohesion/
62 KB
17 KB
Script
General
Full URL
https://cdn.cohesionapps.com/cohesion/cohesion-to.min.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0eecce7045c5efcaff8e91f9feb423c469fbcecf0f4a632d0584ab6884972f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
date
Tue, 12 Dec 2023 01:21:35 GMT
last-modified
Wed, 29 Nov 2023 13:16:25 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P2
age
60023
x-amz-server-side-encryption
AES256
etag
W/"324daa17d980a12b78d92b49cc0cd522"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
eyAIiPLhQZ5zHRz0WR3iRigAKIakWlwSHZAkVi0Y0ZIvbVhbW9Rgxw==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/main-a2ef3adbf3d1ffa5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vZrXoJWU2kJda+KcVQis1w==
age
40728
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Mon, 11 Dec 2023 22:15:43 GMT
server
cloudflare
etag
0x8DBFA96B7B6EB00
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ae5b7e20-301e-008d-18a8-2c0e51000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8347cea10d261903-FRA
js
www.googletagmanager.com/gtag/
249 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GVJPCKENFX
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/main-a2ef3adbf3d1ffa5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eda1d03d295937cdf9e0a27ee7d4d7247911ead406eeb84adbabf3d8c8edd782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85458
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 17:49:59 GMT
graphql
empennage.api.thepointsguy.com/
2 KB
3 KB
XHR
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/545-1780b3462ec563ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash
b1504786698f8e47b941ab4fb14a52c19d9ab8c5293ebcb831b71ca8faf2fbf9

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
age
2576
x-powered-by
Express
etag
W/"9c0-OYZCMpWDV5WxE1ewNCAXJam/+IU"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
2496
cached
2023-12-12T17:07:04.192Z
graphql
empennage.api.thepointsguy.com/
4 KB
4 KB
XHR
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/545-1780b3462ec563ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash
5acf505e1fdd79629b414d17f9e34c51e3e4c0b8fd7efa774cd6fa5636adb878

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
age
1538
x-powered-by
Express
etag
W/"e9d-/4Mni0sYIkziz2zUBDVcSOEsVVk"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
3741
cached
2023-12-12T17:24:22.598Z
graphql
empennage.api.thepointsguy.com/
2 KB
2 KB
XHR
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/545-1780b3462ec563ac.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash
75e2031c90d10a611d298d627e297dd9bf6394f46bfdb0d204072b9e5fe8cb11

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
age
2579
x-powered-by
Express
etag
W/"6c0-UtY0b1733ZozvYVOA/UL+ivC+GY"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
1728
cached
2023-12-12T17:07:01.555Z
/
cognito-identity.us-east-1.amazonaws.com/
63 B
318 B
Fetch
General
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:4df3:454a:5580:5a3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e4867c7cf0cb3f6a82a057915dc05cdebbafaeb94f79a746cd5d18f7c6c2179c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thepointsguy.com/
x-amz-target
AWSCognitoIdentityService.GetId
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
8f5abb6d-f59f-41cb-b82c-967d767ff0fc
content-length
63
content-type
application/x-amz-json-1.1
bbe4817e-3ca0-42f2-a604-69ba1398eb05.json
cdn.cookielaw.org/consent/bbe4817e-3ca0-42f2-a604-69ba1398eb05/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/bbe4817e-3ca0-42f2-a604-69ba1398eb05/bbe4817e-3ca0-42f2-a604-69ba1398eb05.json
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6581ca02bc9391450c75e25d83fdd6a216d5f3e2b1918fc253980b05a8f37da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
38232
content-md5
sVupcF9ndH2O3TLP8J82lA==
content-length
1575
x-ms-lease-status
unlocked
last-modified
Wed, 12 Apr 2023 17:06:57 GMT
server
cloudflare
etag
0x8DB3B7852D1612A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
13d3beaa-501e-014a-3b61-6daed4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8347cea14fc63681-FRA
expires
Wed, 13 Dec 2023 17:49:59 GMT
config.js
cdn.confiant-integrations.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/
108 KB
25 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Requested by
Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-tpg.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2978ed39e4ca76413be4f3223b098616a3021faab5f0ea99b31a7d730a1b350

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Dec 2023 13:46:21 GMT
server
cloudflare
x-amz-request-id
NHK8H4Y56WPFZ4JT
age
304
etag
W/"cedc982f6bddf3dd141c62cba3a5c261"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
8347cea17af81e14-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
VjaqIJyO4J9QoYxY7pZWZNHKruisKP5BCtKAZp/P6tt/K7gujSqgs7AMxiGKxZZxGZn3pD473mQ=
diff
at.adtech.redventures.io/lib/api/v1/tpg/prod/config/
184 B
372 B
Fetch
General
Full URL
https://at.adtech.redventures.io/lib/api/v1/tpg/prod/config/diff?variant=core
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cc75d10e39c98b7c9bbd9ae102b147ec1fa576939eaa5acc5a9824d150abed9a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

cat
H4O817Els
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://thepointsguy.com/
variant
core
version
rv5.0.0

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 varnish
cross-origin-embedder-policy
require-corp
age
369
x-dns-prefetch-control
off
x-cache
HIT
ttl
900s
content-length
177
x-xss-protection
0
x-served-by
cache-fra-eddf8230080-FRA
referrer-policy
no-referrer
server
Google Frontend
cross-origin-opener-policy
same-origin
x-timer
S1702403400.151084,VS0,VE2
etag
W/415c9ea06f4cb15235dea178456fdcabecc865c4
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
f823a77f2bf23c7255d2b80c2db35343
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1
diff
at.adtech.redventures.io/lib/api/v1/tpg/prod/config/ Frame
0
0
Preflight
General
Full URL
https://at.adtech.redventures.io/lib/api/v1/tpg/prod/config/diff?variant=core
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
cat,content-type,variant,version
Access-Control-Request-Method
GET
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
*
access-control-allow-origin
https://thepointsguy.com
allow
GET,HEAD
content-length
8
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
date
Tue, 12 Dec 2023 17:50:00 GMT
etag
W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
origin-agent-cluster
?1
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
13b4d57ebc0bb704e0fdd5a6bdabb993
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-served-by
cache-fra-eddf8230080-FRA
x-timer
S1702403400.981453,VS0,VE132
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
89 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-tpg.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9e4bc0bd8633503e4b8e412caebc24b0ae2f2a9abb0ccf2860bd8634488ec14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29062
x-xss-protection
0
server
cafe
etag
829 / 19703 / m202312060101 / config-hash: 11945328006728168793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:49:59 GMT
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
FN3iMuxeITox9Pqqx9C3u0DhreBr0yH6mFNZXv3YbtTlrIj8IrGtUA==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
qHAWN9NnjBZzdwwiPsg8g2hjOlIDZgi7Rzr0v0x6n77ve6bJDF_icg==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
v3sQuldxhBUSca93KNBod77ZYIFWPlchi9yKZEr4D7_sta0iRnaZiA==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
akzSmyBPmDTQ0TkfeB6f9j5iPA4szlWZ97IIeE4Bp1U5Nwdov1h12A==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
_O87hq0kjvRzOCsCYRQOOVwLzxG1_tr5m8uBu87X1Pq_9u4xdXW6nQ==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
D8eeqWAz3RbEYIqMaHYkM8_kFjLLXf1KkO7ywxoIkoHvOIHqidU9qA==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
SkCEWltqDkt4qn9ZEYv7DPLZjMGNY0JbYLDGo3NZ4s24syKuri7TlQ==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
X6vdkVDJDU4lRDzyEn4eZrhiRCljWdsPRea7nIwQNrcTDKat9KvilA==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
preamp.min.js
cdn.cohesionapps.com/cohesion/ext/
35 KB
11 KB
Script
General
Full URL
https://cdn.cohesionapps.com/cohesion/ext/preamp.min.js
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-to.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ad3ac2e4d399fc9acea975ada0ef3080ec4f9469aaa437a0936e221bd9046e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:48:21 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Wed, 29 Nov 2023 13:16:25 GMT
server
AmazonS3
via
1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
etag
W/"69f6cbc7a7080b107aa90a6285c0396c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
age
50499
x-amz-cf-id
LtLLtCnAuhL40pYgkLq6PFkxspvUusEyVAUgEQnZNpMoDf9tn_ObFQ==
taggy.min.js
cdn.cohesionapps.com/cohesion/ext/
14 KB
5 KB
Script
General
Full URL
https://cdn.cohesionapps.com/cohesion/ext/taggy.min.js
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-to.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eadcb10d0a8b835cbe4e286e3226c458790f3e2457f309553cd6bf2f2853b049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
date
Tue, 12 Dec 2023 04:20:22 GMT
last-modified
Wed, 29 Nov 2023 13:16:25 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P2
age
50330
x-amz-server-side-encryption
AES256
etag
W/"a869d2f74ddfc8a5d80daaddae94318d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
gPZ-hJfnO0-q7kCKE_r6Q-zIEpb_G-uI8BmWmQcO6YXVSkmUdBeMLg==
t
beam.thepointsguy.com/v2/
138 B
427 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ddca35a8349a66dabad41c661a0049117fb52c0917b8921b93b219ccb060da12

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
0d7bwCM-ENkD92AFrcDVB2tCkw1UBCR4VSXed-DWBeJiO0abOM1eRg==
t
beam.thepointsguy.com/v2/
138 B
427 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eeddd2b39e4dd99f0e77e09c9fcf4946e5c8ea05fea0e43a4682229d76fdb649

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
QJ9JBS9LKhdXRs0qWrTe6SK9eZW5l1vyjJpQs-gJ21Y_HLfbdE4zcw==
t
beam.thepointsguy.com/v2/
138 B
428 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c92ae82dce7dca932fe60dac7d7a093fda14ac17f39744ebedb099c778e3763a

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
hwMxxxJDe6VQrIihlCebWICFS_H6mztgKKQlyLN5Ow8R0VkmR02ZoQ==
t
beam.thepointsguy.com/v2/
138 B
427 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d459332e69ce757dacdb554b02effbb0d7f4b5d0e1cef29d72b4efd3c320198d

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
7mq3609ICLH5xRdGa4MkNp-5HjcClq7c1bgphuRdqxKKFEVMIifnvg==
t
beam.thepointsguy.com/v2/
138 B
427 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9d8e4b0bc264540c769f11d933b394ad8a2b8c326b6d1be641c68f56cb59539e

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
-AUH9jF6LiKHwY5HQiDKq7cexNSp21lA1w4cIqBSeZWZNyVs1uMUDA==
t
beam.thepointsguy.com/v2/
138 B
427 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
800ae3e3771dee23d631b5b013b1184da362eccd30fcd49ba7cc6f2313330841

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
6E56eM5_9j87CgVYGAVyhe1JGgd4mqrgEuAUJJWcymHjNb-VXhI7Jg==
t
beam.thepointsguy.com/v2/
138 B
426 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
798b189e808a46eaff3c4aa3ee2fa48f0aff847369aeecd3ab542094c0aa2c81

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
UisZMZmP8Faje-9ibw13B6NjPAYnKZhFlhHNp21gOJsc9Pct2Cr76Q==
t
beam.thepointsguy.com/v2/
137 B
427 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
365c97c017b108ce59f2022f66640e952999d21a72445e00d8b17d98755658e5

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
137
x-amz-cf-id
1lqTJp5XgGg_MkZJRkbaeNGREhKA8NM3785699OIRCMkFwKzVwLu9Q==
xs1.html
cdn.cohesionapps.com/cohesion/ Frame AD05
906 B
1 KB
Document
General
Full URL
https://cdn.cohesionapps.com/cohesion/xs1.html
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/cohesion-to.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdd44dd919056252b70ec530942b6ba656fc4e47dff1e7d87a935ac19ecc2ef5

Request headers

Referer
https://thepointsguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
57774
content-length
906
content-type
text/html
date
Tue, 12 Dec 2023 01:48:47 GMT
etag
"5cbe3d7df3c3ca6d8e47d2bd44687396"
last-modified
Wed, 29 Nov 2023 13:16:25 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
x-amz-cf-id
80zP931WY38YsdoYgK8aEvODGYNu4PgUn6Bx-Qc_VoFJC10TlVN1OA==
x-amz-cf-pop
TXL50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
66 B
303 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:49:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8347cea1dac2bbc2-FRA
access-control-allow-headers
Content-Type
decisions
cdn.cohesionapps.com/preamp/api/v1/
671 B
1 KB
XHR
General
Full URL
https://cdn.cohesionapps.com/preamp/api/v1/decisions
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-98.txl50.r.cloudfront.net
Software
/
Resource Hash
268942c8a2e832ac4f764dd3fdfe4b04e7b80e509f234525ace66ef43137d08d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC"
content-length
671
x-xss-protection
1; mode=block
etag
W/"29f-ELpnMTKAov/qQ6WBDEw66/AWmrE"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
199
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thepointsguy.com
vary
Origin
access-control-allow-credentials
true
x-ratelimit-reset
1702403461
x-ratelimit-limit
200
x-amz-cf-id
RXRx_c_itjy0mB6Xbf7oKtFU0sFycmodkZe4pPjWxpxAWy058TfoFg==
xs2.html
cdn.cohesionapps.com/cohesion/ Frame AD05
346 B
726 B
Document
General
Full URL
https://cdn.cohesionapps.com/cohesion/xs2.html
Requested by
Host: cdn.cohesionapps.com
URL: https://cdn.cohesionapps.com/cohesion/xs1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-98.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0

Request headers

Referer
https://cdn.cohesionapps.com/cohesion/xs1.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
42700
content-length
346
content-type
text/html
date
Tue, 12 Dec 2023 06:02:33 GMT
etag
"4b5f9eae0703e5970dae0efc366d7c1b"
last-modified
Wed, 29 Nov 2023 13:16:25 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
x-amz-cf-id
WzKGbNK3vpXJ3o5xeRmDk6FiJYL_ttTO32hohWJQaTqIbKT09indWw==
x-amz-cf-pop
TXL50-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
efb0a816-a6cf-4894-9ed7-0396b6923e22
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/efb0a816-a6cf-4894-9ed7-0396b6923e22
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
b5a01332-4b2a-4753-bba6-7fb6562e2bbb
monarch.cohesionapps.com/api/v1/evaluate/ruleset/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/ruleset/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/b5a01332-4b2a-4753-bba6-7fb6562e2bbb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
45b50eb3-5b46-44d4-86b1-8e030a251e35
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/45b50eb3-5b46-44d4-86b1-8e030a251e35
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
102861f0-08a2-4981-af3a-4b8aadf3b669
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/102861f0-08a2-4981-af3a-4b8aadf3b669
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
e3b6edc4-5e01-468e-b2fb-dfc73433fe97
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/e3b6edc4-5e01-468e-b2fb-dfc73433fe97
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
243ab9e7-5a80-4b86-9caa-bee95ce45672
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/243ab9e7-5a80-4b86-9caa-bee95ce45672
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
706b3013-7b27-4c91-a39a-5dbb5b34b807
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/706b3013-7b27-4c91-a39a-5dbb5b34b807
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
d0709784-2d74-4332-8075-9ab87c4ca7f8
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/ Frame
0
0
Preflight
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/d0709784-2d74-4332-8075-9ab87c4ca7f8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
anonymous-id,content-type,instance-id,make-identifier,make-source-uid,make-write-key,monarch-request-url,session-id,token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
x-request-id
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
efb0a816-a6cf-4894-9ed7-0396b6923e22
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
10 KB
10 KB
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/efb0a816-a6cf-4894-9ed7-0396b6923e22
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
0172c47e7657ae606b742da14ecfe0964814113b9678436b67bad2dd6cbe0c1e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
9935
x-xss-protection
1; mode=block
x-request-id
66dbf57b-356b-4fca-824c-566b53b5ab39
x-response-time
2.695ms
pragma
no-cache
etag
W/"26cf-X+DBGbYriQSEu0JoxwUBpbJC+dQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
66dbf57b-356b-4fca-824c-566b53b5ab39
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
b5a01332-4b2a-4753-bba6-7fb6562e2bbb
monarch.cohesionapps.com/api/v1/evaluate/ruleset/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
11 KB
11 KB
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/ruleset/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/b5a01332-4b2a-4753-bba6-7fb6562e2bbb
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
56d980ede2d12f83404412d600f4537905be8f26bc9592e1d3a61d51aedf7077
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
11169
x-xss-protection
1; mode=block
x-request-id
466bf97c-fd55-4635-bda4-a64d8e87380e
x-response-time
59.839ms
pragma
no-cache
etag
W/"2ba1-K35x+LK9J9xfXnOibia3uSFFN58"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
466bf97c-fd55-4635-bda4-a64d8e87380e
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
45b50eb3-5b46-44d4-86b1-8e030a251e35
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
11 KB
11 KB
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/45b50eb3-5b46-44d4-86b1-8e030a251e35
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
63f2b5fe91f123608c0ce8830093f33d91d1eb5e8d14e68abcb665beb8e179bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
10975
x-xss-protection
1; mode=block
x-request-id
2148f1e2-23d2-4455-8941-e310a6ced31e
x-response-time
9.767ms
pragma
no-cache
etag
W/"2adf-heCauxFehYLj5tM7dLvcdJ8efjg"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
2148f1e2-23d2-4455-8941-e310a6ced31e
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
102861f0-08a2-4981-af3a-4b8aadf3b669
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
441 B
966 B
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/102861f0-08a2-4981-af3a-4b8aadf3b669
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
90a83822b5af5452c1da6311e4785c6815d4fe48594ba693dcb5c345c13ff52c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
441
x-xss-protection
1; mode=block
x-request-id
ed05038f-abf8-47be-a51c-99c81086104d
x-response-time
12.987ms
pragma
no-cache
etag
W/"1b9-0E4xiNZ11v0PNn3OgSjjIG3IsFs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
ed05038f-abf8-47be-a51c-99c81086104d
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
e3b6edc4-5e01-468e-b2fb-dfc73433fe97
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
2 B
524 B
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/e3b6edc4-5e01-468e-b2fb-dfc73433fe97
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
2
x-xss-protection
1; mode=block
x-request-id
50d3132c-93f2-4b11-b7ef-03ad429e34a1
x-response-time
32.611ms
pragma
no-cache
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
50d3132c-93f2-4b11-b7ef-03ad429e34a1
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
243ab9e7-5a80-4b86-9caa-bee95ce45672
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
1 KB
2 KB
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/243ab9e7-5a80-4b86-9caa-bee95ce45672
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
f6a99db99b73f1e4332dc44c727ba47e2dcdd57024687423e5a49a94a285deba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
1188
x-xss-protection
1; mode=block
x-request-id
9042f61c-3932-4734-9fc9-29126785c852
x-response-time
27.999ms
pragma
no-cache
etag
W/"4a4-enQgHuJfBHTMvqz/Mzzx9XhuWu4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
9042f61c-3932-4734-9fc9-29126785c852
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
706b3013-7b27-4c91-a39a-5dbb5b34b807
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
26 B
550 B
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/706b3013-7b27-4c91-a39a-5dbb5b34b807
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
5c7a54a45855cd80b865919513088288813f0594e3b7ee5a7c63677410cec3a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
26
x-xss-protection
1; mode=block
x-request-id
4a9cc44b-b923-4830-9ca6-1ed242ad0b37
x-response-time
22.545ms
pragma
no-cache
etag
W/"1a-2fCPQfPl0wWQSHQPOV1mIEpL5QI"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
4a9cc44b-b923-4830-9ca6-1ed242ad0b37
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
d0709784-2d74-4332-8075-9ab87c4ca7f8
monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/
20 B
545 B
Fetch
General
Full URL
https://monarch.cohesionapps.com/api/v1/evaluate/rule/9d38c6f1-40c6-45a9-ba23-323e6300f1a1/d0709784-2d74-4332-8075-9ab87c4ca7f8
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.9.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-9-153.compute-1.amazonaws.com
Software
/
Resource Hash
739020a16539d8e2b028a4285a52532d1036ec1381842d63d815fd6159fce1f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Make-Source-Uid
src_1NT28rcFt1kjLbFIr8unyx85B32
Session-Id
fe2525ee-c58e-436f-a447-c4938481d642
accept-language
de-DE,de;q=0.9
Make-Identifier
29fa47cd-fc5b-4bab-b8fc-cc48057daae0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json
Make-Write-Key
wk_1NT28o6EVMolo1DRuTlXaAqszMS
Monarch-Request-Url
https://thepointsguy.com/news/zoom-backgrounds/
Referer
https://thepointsguy.com/
Instance-Id
687cc523-eca4-491d-8685-f2e1186c08a5
Token
b2409aca-83a5-4c83-a0b1-371a73fca44a
Anonymous-Id
29fa47cd-fc5b-4bab-b8fc-cc48057daae0

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
surrogate-control
no-store
x-dns-prefetch-control
off
content-length
20
x-xss-protection
1; mode=block
x-request-id
774616a0-b4c2-465d-8403-684879bf0282
x-response-time
48.211ms
pragma
no-cache
etag
W/"14-TE8FcDPaErYxT+HPDnwkG0KMKSk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
monarch-request-id
774616a0-b4c2-465d-8403-684879bf0282
access-control-expose-headers
x-request-id
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
public
taggy.cohesionapps.com/implementations/ Frame
0
0
Preflight
General
Full URL
https://taggy.cohesionapps.com/implementations/public
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.10.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-10-106.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,page-url,source-key
Access-Control-Request-Method
GET
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
cache-control,content-type,page-url,source-key
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
public
taggy.cohesionapps.com/implementations/
2 KB
2 KB
XHR
General
Full URL
https://taggy.cohesionapps.com/implementations/public
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.10.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-10-106.compute-1.amazonaws.com
Software
/ Express
Resource Hash
fe34de18e1635775c464959aee9e9e9dc6892db0f1b24effdbeadf770f56918f

Request headers

Source-Key
src_1NT28rcFt1kjLbFIr8unyx85B32
Page-URL
https://thepointsguy.com/news/zoom-backgrounds/
Cache-Control
no-cache
Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
x-powered-by
Express
content-length
2135
etag
W/"857-rplrehUIF3M4jeptIHwp2dK/oXA"
content-type
application/json; charset=utf-8
js
www.googletagmanager.com/gtag/
174 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16558039-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVJPCKENFX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02312bd828d6f5da42d1da4419e4b3393a0c7907c4e21d4f115230f2f4a4baa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64914
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 17:50:00 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/
264 KB
84 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/J3UXFee1xclY-bfFlWh1mIZ_phU/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
QEGSQBS1FS3YPSMZ
age
666569
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8347cea21bed1e14-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
2I1GKKrSZ6e8UNHa5YC/LR+myoAAkDSnTcl4+mYytxpywtQMW/rtq98fdIZED2a5Ygshlr/CSvc=
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202303.1.0/
407 KB
98 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
12zQcT/rVMicuxojEvnp3g==
age
58968
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
100389
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:15 GMT
server
cloudflare
etag
0x8DB3FB51FD9A927
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
28d3babc-501e-0022-05ac-12fc9c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8347cea22ec21903-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/
431 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
5257
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:22:23 GMT
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
0L0WuSxZGtsbqJcuhvofeAu3quyZo4yhH92XkZsteuNYk5ikLxB56A==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/
138 B
427 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
969d4a2b22cc23274ab0304765e1a999c53fc25f60488e651a05ba31339721c6

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
lSxD1KvvfxU5IOFUob_8bwlcFCa8_U9jygg21QuSHA-1CYgGWuAYXw==
en.json
cdn.cookielaw.org/consent/bbe4817e-3ca0-42f2-a604-69ba1398eb05/d0ce9e8d-87a4-4e7f-b177-f7673e01c3db/
499 KB
77 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/bbe4817e-3ca0-42f2-a604-69ba1398eb05/d0ce9e8d-87a4-4e7f-b177-f7673e01c3db/en.json
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54cafdf293da5ecf6aa2b64f6f08a6348b2b3ba47a5f29605c43f92676c77179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
40169
content-md5
HwwLFV+dbcJ0c6h0aBRE0A==
content-length
78563
x-ms-lease-status
unlocked
last-modified
Wed, 12 Apr 2023 17:07:09 GMT
server
cloudflare
etag
0x8DB3B7859DC9CCB
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
359d6eea-201e-0028-271a-15582b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8347cea2a9a63681-FRA
expires
Wed, 13 Dec 2023 17:50:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16558039-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 17:48:14 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
106
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 19:48:14 GMT
gtm.js
www.googletagmanager.com/
315 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MHZQXGF
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b73c6928747811fe3963b38bd51bb19f510a21afadbe55be35fa09684bc666b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103807
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 17:50:00 GMT
collect
www.google-analytics.com/j/
2 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1122002212&t=pageview&_s=1&dl=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&ul=en-us&de=UTF-8&dt=Download%20Zoom%20backgrounds%20from%20TPG%20for%20free%20-%20The%20Points%20Guy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABQAAAACAAI~&jid=1294949718&gjid=1721605074&cid=2058534235.1702403400&tid=UA-16558039-1&_gid=704951563.1702403400&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=554054049
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thepointsguy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/
315 KB
102 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MHZQXGF&cid=2058534235.1702403400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9610ce93171f0c59c238b28a1ddb9c8bd571c77688c7fb28149c217dedf1ba1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103802
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 17:50:00 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otFlat.json
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
QSeDXFW8Ey6Sps1UWSFoNg==
age
26876
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:07 GMT
server
cloudflare
etag
0x8DB3FB51B21D3A6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
f7c629b8-e01e-013e-2b18-722892000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8347cea31a583681-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
38233
x-ms-lease-status
unlocked
last-modified
Tue, 18 Apr 2023 02:32:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
7bb936f1-501e-000d-367b-13f157000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8347cea31a5b3681-FRA
collect
stats.g.doubleclick.net/j/
4 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-16558039-1&cid=2058534235.1702403400&jid=1294949718&gjid=1721605074&_gid=704951563.1702403400&_u=YEBAAUAAQAAAACAAI~&z=835477045
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 12 Dec 2023 17:50:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thepointsguy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
beam.thepointsguy.com/v2/ Frame
0
0
Preflight
General
Full URL
https://beam.thepointsguy.com/v2/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
900
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-id
DFLNYIoE8EdTPt144Ry4AF2aBs0iQ1B09sxf2TjYpO5KFSoZpiEYhQ==
x-amz-cf-pop
TXL50-P1
x-cache
Miss from cloudfront
t
beam.thepointsguy.com/v2/
138 B
428 B
XHR
General
Full URL
https://beam.thepointsguy.com/v2/t
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225a:8c00:1e:7632:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1413dbb4c508f9bdbe38aea543ac6d8e84848e76b5878b6e8cb496a5d1085099

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic d2tfMU5UMjhvNkVWTW9sbzFEUnVUbFhhQXFzek1TOg==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
via
1.1 b7fabb5a327e018775ea26a6f65c6e10.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
138
x-amz-cf-id
Ejy0NjmjFP5HJwpOczAk9rpOiibbVo1q8nigHMSZ2SWRjVHLGBpHqw==
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16558039-1&cid=2058534235.1702403400&jid=1294949718&_u=YEBAAUAAQAAAACAAI~&z=1557740566
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-16558039-1&cid=2058534235.1702403400&jid=1294949718&_u=YEBAAUAAQAAAACAAI~&z=1557740566
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cognito-identity.us-east-1.amazonaws.com/
771 B
1 KB
Fetch
General
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:4df3:454a:5580:5a3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
902bed72f7c6e7bbc0e703f7c5ebccf67ed5d5f3ccf015d92cdeb53e895a2fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thepointsguy.com/
x-amz-target
AWSCognitoIdentityService.GetOpenIdToken
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
7b160df7-953c-48e9-8104-2563ccc87ffb
content-length
771
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ Frame
0
0
Preflight
General
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:4df3:454a:5580:5a3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
1373a4ff-caa2-4462-8d2e-94a9b0fac5d7
truncated
/
78 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e8dc2d52b86ee21fef433439319305723dd6d7d81e268c746e4b79b9143125f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d649cc3f4a31824b8eb8225ba84645013fee8a4699283b8b65d0ff30e1435cf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
confirmation
cdn.cohesionapps.com/preamp/api/v1/
3 B
576 B
XHR
General
Full URL
https://cdn.cohesionapps.com/preamp/api/v1/confirmation
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-98.txl50.r.cloudfront.net
Software
/
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 6ffd9144e1bc0d7518dfec3f04843cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC"
content-length
3
x-xss-protection
1; mode=block
etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-ratelimit-remaining
198
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-reset
1702403461
x-ratelimit-limit
200
x-amz-cf-id
euOxWdF9b9Hckmy5kp_kgXtqnamIIOgboA2u8rZFpN_P1xRKt1fjpQ==
/
thepointsguy.com/_next/image/
1 KB
1 KB
Image
General
Full URL
https://thepointsguy.com/_next/image/?url=https%3A%2F%2Fcdn.prodstatic.com%2Fshared%2Fimages%2Fcards%2F278x175%2Ffdacfa40-ff5f-11eb-97b1-37a1bb7c2537.png&w=96&q=75
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5251e948890803b91f8b6cc43cea30a85fb1e2ae96106dc0544bac1a554d4021
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
date
Tue, 12 Dec 2023 17:50:00 GMT
x-shield-generation
947
via
1.1 varnish
age
269
x-cache
HIT
x-nextjs-cache
HIT
content-disposition
inline; filename="fdacfa40-ff5f-11eb-97b1-37a1bb7c2537.webp"
content-length
1168
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1702403400.309911,VS0,VE1
etag
UlHpSIkIA7kfi2zEPOowqF+x4q6WEG3AVEusGlVNQCE=
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
x-cache-hits
1
/
thepointsguy.com/_next/image/
1 KB
1 KB
Image
General
Full URL
https://thepointsguy.com/_next/image/?url=https%3A%2F%2Fcdn.prodstatic.com%2Fshared%2Fimages%2Fcards%2F278x175%2F434eeed0-66f1-11eb-be9c-9790947db9db.png&w=96&q=75
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2bc56bedfbd6d2e324c643015101e562436d011d94197b1f6ccff2045c467c24
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
date
Tue, 12 Dec 2023 17:50:00 GMT
x-shield-generation
947
via
1.1 varnish
age
269
x-cache
HIT
x-nextjs-cache
HIT
content-disposition
inline; filename="434eeed0-66f1-11eb-be9c-9790947db9db.webp"
content-length
1322
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1702403400.309806,VS0,VE3
etag
K8Vr7fvW0uMkxkMBUQHlYkNtAR2UGXsfbM-yBFxGfCQ=
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
x-cache-hits
1
/
thepointsguy.com/_next/image/
518 B
664 B
Image
General
Full URL
https://thepointsguy.com/_next/image/?url=https%3A%2F%2Fcdn.prodstatic.com%2Fshared%2Fimages%2Fcards%2F278x175%2F401d0150-336c-11ec-b6bf-8d6df3a2e669.png&w=96&q=75
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03bd180906455ea764be23a3100794d64cfdc7beadcee9b8b533570a288f255d
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
date
Tue, 12 Dec 2023 17:50:00 GMT
x-shield-generation
947
via
1.1 varnish
age
269
x-cache
HIT
x-nextjs-cache
HIT
content-disposition
inline; filename="401d0150-336c-11ec-b6bf-8d6df3a2e669.webp"
content-length
518
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1702403400.310527,VS0,VE1
etag
A70YCQZFXqdkviOjEAeU1kz9x76tzum4tTNXCiiPJV0=
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
x-cache-hits
1
/
thepointsguy.com/_next/image/
630 B
781 B
Image
General
Full URL
https://thepointsguy.com/_next/image/?url=https%3A%2F%2Fcdn.prodstatic.com%2Fshared%2Fimages%2Fcards%2F278x175%2Ff3348c30-6e8f-11ee-b301-f7e0aaa2628c.png&w=96&q=75
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6aef506e62bb63e39edb82d90db46c757689996420171500eba2f7df0e5f0d37
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
date
Tue, 12 Dec 2023 17:50:00 GMT
x-shield-generation
946
via
1.1 varnish
age
269
x-cache
HIT
x-nextjs-cache
HIT
content-disposition
inline; filename="f3348c30-6e8f-11ee-b301-f7e0aaa2628c.webp"
content-length
630
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1702403400.310497,VS0,VE2
etag
au9QbmK7Y+Oe24LZDbRsdXaJmWQgFxUA66L33w5fDTc=
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
x-cache-hits
1
/
thepointsguy.com/_next/image/
558 B
754 B
Image
General
Full URL
https://thepointsguy.com/_next/image/?url=https%3A%2F%2Fcdn.prodstatic.com%2Fshared%2Fimages%2Fcards%2F278x175%2F714fcb70-45eb-11ee-b7f8-a79fb8b21aff.png&w=96&q=75
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
27b03aa34701a113ba8baecb91f9a0eb7915f87e1c1bc4d8e2db5460464d1b86
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/news/zoom-backgrounds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
date
Tue, 12 Dec 2023 17:50:00 GMT
x-shield-generation
947
via
1.1 varnish
age
269
x-cache
HIT
x-nextjs-cache
HIT
content-disposition
inline; filename="714fcb70-45eb-11ee-b7f8-a79fb8b21aff.webp"
content-length
558
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1702403400.310495,VS0,VE12
etag
J7A6o0cBoRO6i67Lkfmg63kV+H4cG8TY4ttUYEZNG4Y=
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000, must-revalidate
accept-ranges
bytes
x-cache-hits
1
moatheader.js
z.moatads.com/redventuresgamheader644747280705/
283 KB
97 KB
Script
General
Full URL
https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Requested by
Host: at.adtech.redventures.io
URL: https://at.adtech.redventures.io/lib/dist/prod/bidbarrel-tpg.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8e65747cefcfea3b238374518a4c9941d2a22aac6a7f0e6da9a9beee8c27799b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:34:04 GMT
server
AmazonS3
x-amz-request-id
FFQSCAXM0R5B0AKD
etag
"c23de047423296d78d0913428a084074"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=38621
accept-ranges
bytes
content-length
98799
x-amz-id-2
j31qTDv20ZtJ2Y/kHmfr9cDFWQkCfoVO5ud+jgvsvtrDpXgNDOV2iUyQ15bicNHFdgocfrzOqYgMGYrjq2I+6Q==
truncated
/
80 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8d81e866a671e18244a82d87c6377b906239e6466c5d5cf8a54276bb6fdf5e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
sts.us-east-1.amazonaws.com/
2 KB
2 KB
Fetch
General
Full URL
https://sts.us-east-1.amazonaws.com/
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.119.199.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5404255a0f782fde2353c7583e44cd8afba9b88ca0cbc09a8b3270626471fda

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Tue, 12 Dec 2023 17:50:00 GMT
x-amzn-RequestId
3a766746-a67b-49b2-a506-328f0bc7b84c
Content-Length
2020
Content-Type
text/xml
graphql
empennage.api.thepointsguy.com/
2 KB
2 KB
XHR
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c9e5eca8ec485060829e3886c122fca2843a73fecc6254c89d58d1580558fb77

Request headers

Referer
https://thepointsguy.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
application/json

Response headers

date
Tue, 12 Dec 2023 17:50:00 GMT
age
1014919
x-powered-by
Express
etag
W/"8f5-AEm7YI3LodzFkJFtZtc4f92KoeE"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
2293
cached
2023-11-30T23:54:41.899Z
graphql
empennage.api.thepointsguy.com/ Frame
0
0
Preflight
General
Full URL
https://empennage.api.thepointsguy.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.172.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-172-59.compute-1.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://thepointsguy.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:50:00 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
v2
mb.moatads.com/yi/
397 B
474 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&pcode=redventuresgamheader644747280705&rx=355651258074&callback=MoatNadoAllJsonpRequest_57553782
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5bdb4b46913431ddd41cb9550a5cb059b22fb02bba996da892201d21a2e75621

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:01 GMT
server
istio-envoy
etag
"cddf3458d179e5d613fafcfe8d037cdc0a9f956c"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
18
timing-allow-origin
*
content-length
397
n.js
mb.moatads.com/
81 B
157 B
Script
General
Full URL
https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&bo=undefined&bp=undefined&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=Not%20Specified&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1702403401384&de=395655854478&rx=355651258074&m=0&ar=cc84ca2002d-clean&iw=2034c62&q=1&cb=0&cu=1702403401384&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=redventuresgamheader644747280705&fd=1&it=500&ti=0&ih=2&pe=1%3A854%3A854%3A2680%3A780&jk=-1&jm=-1&fs=206701&na=915788527&cs=0&ord=1702403401384&jv=1727012988&callback=DOMlessLLDcallback_57553782
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
5c166901ed21fbf2aa71d05fd2441a89c13a6c75ea6d5f0464c2bf0ea186f38e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:01 GMT
server
istio-envoy
etag
"0770dabebc7522cb9485ee794eccdf9f4c67c2a0"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
14
timing-allow-origin
*
content-length
81
n.js
mb.moatads.com/
86 B
264 B
Script
General
Full URL
https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REDVENTURES_GAM_HEADER1&hp=1&wf=1&sgs=3&bo=undefined&bp=undefined&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=Not%20Specified&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1702403401384&de=395655854478&rx=355651258074&m=0&ar=cc84ca2002d-clean&iw=2034c62&q=2&cb=0&cu=1702403401384&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=redventuresgamheader644747280705&fd=1&it=500&ti=0&ih=2&pe=1%3A854%3A854%3A2680%3A780&jk=-1&jm=-1&fs=206701&na=1619184784&cs=0&callback=MoatDataJsonpRequest_57553782
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
28ae7edc409718223f657064785965dd4be3ab612fe8c61c9ee034da136789b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:01 GMT
server
istio-envoy
etag
"547f01a3c79ad15c9b9890dbdc006c0ffcefc247"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
11
timing-allow-origin
*
content-length
86
iframe.html
z.moatads.com/hd09824092/ Frame 778B
1 KB
2 KB
Document
General
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://thepointsguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1981
content-length
1374
content-type
text/html
date
Tue, 12 Dec 2023 17:50:01 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id
7Y2H1YDSCY2G4ZCG
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Dec 2023 17:48:14 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
107
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 12 Dec 2023 19:48:14 GMT
js
www.google-analytics.com/gtm/
129 KB
50 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-T5Z95LR&cid=2058534235.1702403400
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8845dd84501cd54fe690f1409a3a0e116551632bdccfe5ea791a0ba81667da4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50829
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 17:50:01 GMT
collect
region1.analytics.google.com/g/
0
245 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-GVJPCKENFX&gtm=45je3bt0v875005421z878995179&_p=1702403399805&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2058534235.1702403400&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1702403401&sct=1&seg=0&dl=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&dt=Download%20Zoom%20backgrounds%20from%20TPG%20for%20free%20-%20The%20Points%20Guy&en=page_view&_fv=1&_ss=1&tfd=2725
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVJPCKENFX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thepointsguy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GVJPCKENFX&cid=2058534235.1702403400&gtm=45je3bt0v875005421z878995179&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVJPCKENFX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thepointsguy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GVJPCKENFX&cid=2058534235.1702403400&gtm=45je3bt0v875005421z878995179&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=745241354
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame 9571
0
60 B
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=7owldyh&ref=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&upid=n9g786q&upv=1.1.0&td1=fe2525ee-c58e-436f-a447-c4938481d642
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thepointsguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 12 Dec 2023 17:50:01 GMT
server
Kestrel
ads
securepubads.g.doubleclick.net/gampad/
189 KB
23 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3700527001220058&correlator=3933346983254668&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&npa=1&iu_parts=22309610186%2Caw-tpg%2Cnews%2Czoom-backgrounds&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x250%2C300x250%7C300x600%2C300x250%2C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702403403415&lmt=1702403403&adxs=436%2C1156%2C1156%2C1156&adys=183%2C1335%2C2587%2C3839&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&vis=1&psz=1312x133%7C300x1228%7C300x1228%7C300x1228&msz=728x0%7C300x290%7C300x290%7C300x290&fws=0%2C512%2C512%2C512&ohw=0%2C0%2C0%2C0&ga_vid=2058534235.1702403400&ga_sid=1702403403&ga_hid=1122002212&ga_fc=true&dlt=1702403399478&idt=633&prev_scp=pos%3Dnav%26sl%3Dheader-desktop-nav%253FT-1000%26iid%3Dunit%253Dheader-desktop-nav%257Cvguid%253D09203e8d-0039-46d7-8082-c54ef510c4c6%257Cpv%253D1%7Cpos%3Dtop%26sl%3Drightrail-desktop-top%253FT-1000%26iid%3Dunit%253Drightrail-desktop-top%257Cvguid%253D09203e8d-0039-46d7-8082-c54ef510c4c6%257Cpv%253D1%7Cpos%3Dmiddle%26sl%3Drightrail-desktop-middle%253FT-1000%26iid%3Dunit%253Drightrail-desktop-middle%257Cvguid%253D09203e8d-0039-46d7-8082-c54ef510c4c6%257Cpv%253D1%7Cpos%3Dbottom%26sl%3Drightrail-desktop-bottom%253FT-1000%26iid%3Dunit%253Drightrail-desktop-bottom%257Cvguid%253D09203e8d-0039-46d7-8082-c54ef510c4c6%257Cpv%253D1&cust_params=session%3Dd%26subses%3D2%26pv%3D1%26cid%3Dzoom-backgrounds%252C919309%26env%3Dprod%26ptype%3Darticle%26topic%3Dtravel_logistics%252C%2520travel_logistics%252C%2520travel_regulations%252C%2520travel_planning%26vguid%3D09203e8d-0039-46d7-8082-c54ef510c4c6%26entity%3D%26tax%3Dtechnology%2520and%2520computing%252C%2520web%2520conferencing%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dgs_travel_type%252Cgs_covid19%252Cgs_tech%252Cgs_travel%252Cmoat_safe%252Cgs_tech_compute_apps%252Cgb_measurable%252Cgs_busfin%252Cgs_busfin_indus%252Cgs_busfin_business%252Cgs_tech_compute%252Cgs_travel_type_air%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=1319707556%2C1530912958%2C1074616054%2C3409044671&frm=20
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77955d774601e121af2db4ef7481e256f451faf868fcab2b5f3dda24d9922781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23849
x-xss-protection
0
google-lineitem-id
5846368977,5846368977,5846368977,5846368977
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138404614248,138404614821,138405110272,138405110566
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thepointsguy.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/_next/static/chunks/pages/_app-e4377d35d2dfb6ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
459d89d424eea61a7b2af5232ff69ed500a0d29cbf74bc64f10b7fb5cd35e779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12258
x-xss-protection
0
container.html
b227c1157b0e6655e951e5406790b04d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FAE
6 KB
3 KB
Document
General
Full URL
https://b227c1157b0e6655e951e5406790b04d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thepointsguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:50:03 GMT
expires
Wed, 11 Dec 2024 17:50:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 17:50:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B7B0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2_ark5BtsGtYh8RNXrF1_8QpKFpBjPWcsbjBZrqn1nD5QTWRiyu08MWcKkOHyxQe9RFurApNE-xrbQodVBzbKuNOO31CyoFUWTL0g_edZ9m5TjQBFuj2So9_hCcwZKHWl58Nl1PmeuyoxIPM1WaDPEfyeR8kBtsWkyBuZtEnX2KZXCJMtbqEJ_BCU6kC4gD1PEUkuaRlISNoFNrqXMtXa_22Z-XAGWv0Dbhe9zo6UoXlQ1AsdtRnOoVqBMLecmvCzSnnnkPtdnB-XSz8OuYrADMxqBCT1XlIlX68LKzYvkQczdW0rhTRrlDMmHVpiKsKIwrFmdPks7ndzEqEEKpbilRfISQs71Zvs2YhFobPHrldd&sai=AMfl-YSYaYCNgq6hAveEVRxDlrf36AFZMGIJJllVXls7UMUdTyNwrRdkb_ysk82FxGEZWvpwJwTIYbhxd_fqACoF9F588xI_JDWEcXut8EZNXh9D3-fhei31S7a4Wc78desPXzpRllDOjEGUWDO6NiI8aqm-&sig=Cg0ArKJSzCPHYbXK22i7EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B7B0
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B7B0
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:50:03 GMT
moatad.js
z.moatads.com/redventuresgamdisplay60805146916/ Frame B7B0
11 KB
4 KB
Script
General
Full URL
https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
08f24a28e4554f3dbb23849dc47f98140e586701c6d0b955db04b23df84d17ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:34:04 GMT
server
AmazonS3
x-amz-request-id
FFQY8H86RY66ABVZ
etag
"7acaa6828040b9f448b67b5f1ce3aa77"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=38625
accept-ranges
bytes
content-length
3893
x-amz-id-2
kjyYEjOXj8OML1rEhEZJ2JUDtbzGwd8lT98yj2iV98WURSvEvZNzLGTnnBoxRE6RE/dyWAJ0KbY=
13495702354302384485
tpc.googlesyndication.com/simgad/ Frame B7B0
45 KB
46 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13495702354302384485
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e3d4c4de893a4e60c2953d244246a48eeb68aa32a0a849ba81fd9d79dfeae96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 03:39:50 GMT
x-content-type-options
nosniff
age
310213
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46471
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 17:35:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 03:39:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 55F3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWmOmEhUJ1wVzfAnB8DWwCQmlH1lZHz266DegAFgV4SFV7Wu-hAo5SFZunEpa_1s4emTDHibkM3hBgYWDMyW9quJVKFaEyRjn8pfjfT45s2ONn90yiNr6T-9eGgWfZJsRNuZwj5SuW14tLC6YA_nN7Zwg5oYxlY1YTZncfLG9uNciR5ISs0GyaIcfufikXyTraCVvzD1Ptl1aM36NP4S4V4ULHWcqBENDOLUQWk_VNXGhAGsS9eRuNZXe8eK41D-7RMqQOzI1j-f5ygmvkdOsc5dQndrGVtBhD1HIjowTUxS_jqgzpWgtMvSXFJ5-Y-Cro7UWjHifzfLes70mLY2hnSqMRmiQ966eBPM01bnyTQcTA&sai=AMfl-YQtKBuEYNNFNZSw5TIlbxTRuSkvvvmAFZ3d2syApT-M2m_-541vH_QJeGFxRnKV7ztGMwb7UoCDE169S9pL_u4geaxWq6EI8hZLvbcKmnhe5v1y0lVyxCpR1N0n5p7oYUrEjX5PFX3x1i9oXAYKX3M5&sig=Cg0ArKJSzEDhbPQJqUEyEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 55F3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 55F3
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:50:03 GMT
moatad.js
z.moatads.com/redventuresgamdisplay60805146916/ Frame 55F3
11 KB
4 KB
Script
General
Full URL
https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
08f24a28e4554f3dbb23849dc47f98140e586701c6d0b955db04b23df84d17ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:34:04 GMT
server
AmazonS3
x-amz-request-id
FFQY8H86RY66ABVZ
etag
"7acaa6828040b9f448b67b5f1ce3aa77"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=38625
accept-ranges
bytes
content-length
3893
x-amz-id-2
kjyYEjOXj8OML1rEhEZJ2JUDtbzGwd8lT98yj2iV98WURSvEvZNzLGTnnBoxRE6RE/dyWAJ0KbY=
3605542273632765505
tpc.googlesyndication.com/simgad/ Frame 55F3
132 KB
132 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3605542273632765505
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afee58a8eaa52be06d6bc91e3c2e6664b62672efc5c73bfeb0d1e812f9c821ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:41:23 GMT
x-content-type-options
nosniff
age
61720
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135394
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 17:15:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 00:41:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2C99
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyZwdpKcZCfiCvYU6B2S-zojhow2EHIzuKfZRF2WWV-mx1PcEEUwcvCeavWgezbDxUW-aP0noGGWpzK1LZqMlBVlrchQsyjXlVgeg5ZS4tMAAYiRvucYdl0H_SZj5BEcVazu1fV-hOsMywc4-FfPpCRQqGVZN4wSXTfp4RSAePvkooSk7LpwVO_C-S8pL19GqvOTEVtGaCxviiMUrs66msWq4KeNdGbNWlkvPE5hNylg1PLDqEW4Qu4c2g8ttjkZrNnXqcxAcXb_2cB9APwKo4e2BA994UOkJzpPuhYm2xATmL1U8q0_rfxaAwDU7CuqdTnApE59hxIuz5IsAUdjIMpo8vamq3rkigpfFZj8H7SoDb&sai=AMfl-YTOCltr_ENSzj-yeEcfN3puxVC-HbSp2ASZC7ewiIbNZwGEhF-BR8_oRWc79ijLOlFpxm70etxcB_O_gIgessd4cI_52jxSAsGV_TdbAsT8On2yuOdvpjEOOYfVVIQzfzaha9Audqps5M1ewsAs8OQR&sig=Cg0ArKJSzI7jSTJy31jaEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
3605542273632765505
tpc.googlesyndication.com/simgad/ Frame 2C99
132 KB
132 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3605542273632765505
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afee58a8eaa52be06d6bc91e3c2e6664b62672efc5c73bfeb0d1e812f9c821ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:41:23 GMT
x-content-type-options
nosniff
age
61720
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135394
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 17:15:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 00:41:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2C99
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2C99
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:50:03 GMT
moatad.js
z.moatads.com/redventuresgamdisplay60805146916/ Frame 2C99
11 KB
4 KB
Script
General
Full URL
https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
08f24a28e4554f3dbb23849dc47f98140e586701c6d0b955db04b23df84d17ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:34:04 GMT
server
AmazonS3
x-amz-request-id
FFQY8H86RY66ABVZ
etag
"7acaa6828040b9f448b67b5f1ce3aa77"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=38625
accept-ranges
bytes
content-length
3893
x-amz-id-2
kjyYEjOXj8OML1rEhEZJ2JUDtbzGwd8lT98yj2iV98WURSvEvZNzLGTnnBoxRE6RE/dyWAJ0KbY=
view
securepubads.g.doubleclick.net/pcs/ Frame 53AA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnXD26YNmtAxapPjFK7yFpj177xzOz8yjjAshPJGmwmPov1FCklgVy8NuAfEwdxwXF4S_jQeHzhhHSu0YOHgFdFSDxZMa-UrpqL6EM1nYQ8G_njb08njNRTlObRIqMDgj6_oBcy04VJMqBclFKzOHxxKnMrwXIukB0QweyJlP54HZ304bE_4O3xVR1bE7O2fIXokM86odWSDW5rNOLtpq10A4Lim-PLuquGu3n4RAeaw8xuUbTn3yM5QzKm0MwwN15_iQRbbHdrhjlYqtGvW1tW8Oo5gMqhz0h0ON56s4Oi4o-_DNlH1q_s51yJJ0D7yawUZJ2YVg1d5amoUshGlA9-B9ySw7MsInav0z9VC6QWu9l&sai=AMfl-YS3Yc9QeyqR_I8G1linRQgOLMmj3sq9qCR3XQEpaPzVVlEJGFs_wAf3xGf3fFQgd8vNacoMv8Z_UOdF6U4WDgi1M9Knj5tuyHZlT5JRAV6zx3NtprEfLrGIupyKBj9BVxIgXnyXCKaDkP_irWx19syU&sig=Cg0ArKJSzI5E_ApY2m7HEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 53AA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:10:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
13149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 14:10:54 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 53AA
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:50:03 GMT
moatad.js
z.moatads.com/redventuresgamdisplay60805146916/ Frame 53AA
11 KB
4 KB
Script
General
Full URL
https://z.moatads.com/redventuresgamdisplay60805146916/moatad.js
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
08f24a28e4554f3dbb23849dc47f98140e586701c6d0b955db04b23df84d17ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:34:04 GMT
server
AmazonS3
x-amz-request-id
FFQY8H86RY66ABVZ
etag
"7acaa6828040b9f448b67b5f1ce3aa77"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=38625
accept-ranges
bytes
content-length
3893
x-amz-id-2
kjyYEjOXj8OML1rEhEZJ2JUDtbzGwd8lT98yj2iV98WURSvEvZNzLGTnnBoxRE6RE/dyWAJ0KbY=
13320859533840401466
tpc.googlesyndication.com/simgad/ Frame 53AA
89 KB
90 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13320859533840401466
Requested by
Host: thepointsguy.com
URL: https://thepointsguy.com/news/zoom-backgrounds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ef23518a83f4ebf188e2536de4696c848f89c9294283281a0065eb53929361f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:01:26 GMT
x-content-type-options
nosniff
age
31717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91617
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 17:35:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 11 Dec 2024 09:01:26 GMT
truncated
/ Frame B7B0
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b62ccccc8dd403e4fddbebf79fa3866a8ef30b670cbffc1117e0e14f1305130d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 55F3
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13ffc5b5a2a181b8cc45e9c8230aceab39aeeb2eb5cd4f9f63f8a10aa48f1d38

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2C99
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9553ba5e18d6edf2146978f2481b1e9f955fdbdcb99a9037785023d2ad64dc16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 53AA
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64645cf8e23e62ff0ec3b71999e9cda3343b32db8633dcf6f59648e9e13898a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7058
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://thepointsguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13147
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 14:10:56 GMT
expires
Wed, 11 Dec 2024 14:10:56 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F725
829 B
995 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
62a540be228fedbacb19d34359743eaf18706ef29230b0fa3d0296aea45f646f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5jsMEMvVTnmOsBD-v1EDMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thepointsguy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-5jsMEMvVTnmOsBD-v1EDMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:50:03 GMT
expires
Tue, 12 Dec 2023 17:50:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame B7B0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrLnoByIr-bJWVsmHyiRzt7Bo2FqI-0mxDGB8-HwoWE6KLOihvyAh9vLpFMqlO6B4jIhnv9j8sfbHXo4X7Dm7S57pxWnGETgnKsfwBLsCwlZT-72you7EanElta2wQGSj909dQQ92fUVycPTK9YWcgeA8VsrbUr_0OaHatLtaLmTsstjVWrYSKFa3-smw_FVkN-RVZh538tKIvjqgVkQuVxwKuF1wFo4aQP4C5X6AxT-0URhx7LxOWKjATTv9VAkn0tVSuRZlHnce8YQO6wIAzvyBNQpA8C3b_DdEh3jLGlmwHuV_fk9WWl9aclgcCZeGfvJA49G922PLCAXqSibhRhbt9Yfxdj8F7BIrCPHiQ-sxu2lA&sai=AMfl-YQPYlGyBj7W9vD4Cv0K1oir0rrLzE1KPXQTYwmSN5K-ZDnFnAy4P_b0bAbUIQ6D0poAY2miXUo7NcKxKk5YlpEEEuHLUQYX0c_EwG40U7g3T5SZij1dETnrfUHxVbbSce0nhcszBACJrd__OWgtw4ct&sig=Cg0ArKJSzLemxi5_nYSTEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F725
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3700527001220058&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

ii.js
mb.moatads.com/
43 B
120 B
Script
General
Full URL
https://mb.moatads.com/ii.js?lineItemId=5846368977&callback=lineItemInfo5846368977Callback_57553782
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
68dbfba9727d2cb5453d4ec91296a69af8e31baf31187ea9198151de751fd144

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
server
istio-envoy
etag
"83eb69a397884ce563d20b907180083ec47da318"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
15
timing-allow-origin
*
content-length
43
v2
mb.moatads.com/s/
303 B
400 B
Script
General
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&pcode=redventuresgamheader644747280705&ord=1702403401384&jv=200833389&callback=BrandSafetyNadoscallback_57553782
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/redventuresgamheader644747280705/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
c96614dac63a6b7b7fba4de1f8ce1dc0ac0ead89853f98b97714d0d90814a1bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
server
istio-envoy
etag
"407fd0d810716bd6665966901d837f04620f1c1d"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
11
timing-allow-origin
*
content-length
303
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1702403401384&de=394618716837&rx=355651258074&m=0&ar=cc84ca2002d-clean&iw=2034c62&q=3&cb=0&cu=1702403401384&ll=2&lm=0&ln=0&em=0&en=0&d=5009920773%3A2848205265%3A5846368977%3A138404614248&zMoatW=728&zMoatH=90&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=header-desktop-nav%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&gw=redventuresgamheader644747280705&fd=1&it=500&ti=0&ih=2&pe=1%3A854%3A854%3A2680%3A780&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=206701&na=1878513461&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=54&fi=1&apd=108&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614248&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=394618716837&t=meas&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=728&initH=90&initSRE=0.034125&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=header-desktop-nav%3FT-1000&zMoatPS=nav&zMoatABTest2=%3A&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=54&fi=1&apd=108&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614248&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=394618716837&t=fv&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=728&initH=90&initSRE=0.034125&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=header-desktop-nav%3FT-1000&zMoatPS=nav&zMoatABTest2=%3A&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=54&fi=1&apd=108&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614248&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=394618716837&t=nht&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=728&initH=90&initSRE=0.034125&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=header-desktop-nav%3FT-1000&zMoatPS=nav&zMoatABTest2=%3A&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=54&fi=1&apd=108&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614248&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=394618716837&t=bs&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=728&initH=90&initSRE=0.034125&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=header-desktop-nav%3FT-1000&zMoatPS=nav&zMoatABTest2=%3A&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 7058
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:27:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
12159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 14:27:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2C99
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstB1nBG7q8Zq7kkjVmfWuF2C8TqaAFcypn5fInRYEPZBvLz7VgJRBhPzqb5AWrKUuOnVm_v0UGULLBuobO-cN97q-XsDzPalC5GeKUFmDtBel85SrLGNPGhqPTRjgRPpGcyu9CXa6C9ErcKW8bX7yTX0Jg0hwP7sRZpLUSN_4x3i5DEY8ucE0T2Aem5hUpIOIcbrLjQioE-EgBH_q_WM_ferETXLZCs45nsnT4htkars4umqaCHpartFAuuAseehbgFPSFk-IYrW-GQuvd8iUviLxSwYom6B_X6T-fK-7T57nGJhXzrqpMmckp6A3Ojw6kINFbVx6_EFzmAGI21G8JWxZNBvEF3LdQ8nsyCwkFUeqf3Ilg&sai=AMfl-YQAbWUOVHQjiF15xTws1VyWM6DpPK5HE9sm8kA-SXC4Btk609y3cnSNkgZfI2pD4cmMLksDGXQVM4sz_YZ-A64HvoK512jTTAUcYgl9_iqSzQ2OVZiUH66GI8CQshOteAVYuDvXYVlVVzQy_xsrdtlj&sig=Cg0ArKJSzAwqEe-RDIBZEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 53AA
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNpz3Kz6BsSvmzUmn_FuaE41CcgfKF0OozjJEc-7_dr3y5cPaH0vrtxIKPi0qD_ygB_Q5JgO_2y9pMIBVgePQ3QnQdPYeoH1h0KiNM7EoSdasj5mfrdNo-7CcEYHYc3pcm-YLrUxOTp0fk72CUGXNqo1RxSYrkDMeCTnalgzDdj2DGbIyzFuh8EJUGtzu8rK5h4NYNnKf8UB3mA7Jf_JAzfSVv6IFmDwJnDvmEswq_D_qTmQlBY_NeTLOLL9uAnAsWhEYV8RYMAbfuWClKIPu_qkNj_xe642Cvwfg3l787GPFhxUEuxsHrd3rlFXn22Q2fgFFQKfuN_6RInxj6vGdcArdjUOQfoNEkskYmmXVsIgtjE4U&sai=AMfl-YTm_Q4M8FvlfI5mOI2VJ5iyXrx_XjorCarg7Tcn6UmrM_u1yiq_18fSW4MZDSmjQNsQ60tpt11jqOrC1VMe6aK9PKQONF0rW7rCQdoZbz7mO9ThfEoAw292JZaDmjXKQKAUUanLuToU3wWCut2doinm&sig=Cg0ArKJSzExZlm7QTiZ9EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 55F3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv_gVqTlkqpkTbj_3S-d-HIBlQ-Q9olYzsJDCMswqt3W2fyB14tFlIh_JRV2P3Ufi4bi4llIbxVSiEsISQGURUI34dL9Sbq3nkVAgdh_5tgGyeSSevMVpjF8xyBN5gs8UWNhWsDPONLXGQG7K1_ntHWFzbYw7WB7QRXHmPnAw89hSVGoEqo3eQflQ9GJieVH87znuqV5Y2KEe1SBIz47Q17LNW5KpD5e9SGgzuh1C75DX7Hst2UqYhzxvSFsPvZ5udNACPI5qZeF75Mi6qmHDUaTxJFdeSQTf2wQcLvHT2tRWq_ZoV-eJRcXR9cFtIZBmUF9PgiOL-JBrJeNYetBLzh8EnOQSgiEA0vWwg172OR7l0Vq4&sai=AMfl-YTw2Twoz1sF-k9estG4K8UysF25FHyqsZDytZHdvau6gOJ_lEUBmvHVcStyr3ClKjWAuEXEol-3Ew8QDFSrrf5MrM_kQqEUajhcwpN_AFa-TeTYj4hNmD5leIWrDSkS3bkFZuuV_3Opy-Jw7RuX5GN6&sig=Cg0ArKJSzMDJ7xCwJepbEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=108&fi=1&apd=162&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614248&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=394618716837&t=hdn&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=728&initH=90&initSRE=0.034125&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=header-desktop-nav%3FT-1000&zMoatPS=nav&zMoatABTest2=%3A&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=54&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614821&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=385248543665&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-top%3FT-1000&zMoatPS=top&zMoatABTest2=%3A&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=54&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614821&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=385248543665&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-top%3FT-1000&zMoatPS=top&zMoatABTest2=%3A&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=54&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614821&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=385248543665&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-top%3FT-1000&zMoatPS=top&zMoatABTest2=%3A&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=63&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614821&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=385248543665&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-top%3FT-1000&zMoatPS=top&zMoatABTest2=%3A&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=9&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110272&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=929432698137&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-middle%3FT-1000&zMoatPS=middle&zMoatABTest2=%3A&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=9&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110272&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=929432698137&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-middle%3FT-1000&zMoatPS=middle&zMoatABTest2=%3A&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=9&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110272&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=929432698137&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-middle%3FT-1000&zMoatPS=middle&zMoatABTest2=%3A&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=25&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110272&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=929432698137&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-middle%3FT-1000&zMoatPS=middle&zMoatABTest2=%3A&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=16&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110566&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=897643501179&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-bottom%3FT-1000&zMoatPS=bottom&zMoatABTest2=%3A&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=16&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110566&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=897643501179&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-bottom%3FT-1000&zMoatPS=bottom&zMoatABTest2=%3A&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=16&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110566&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=897643501179&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-bottom%3FT-1000&zMoatPS=bottom&zMoatABTest2=%3A&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=41&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138405110566&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=897643501179&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=rightrail-desktop-bottom%3FT-1000&zMoatPS=bottom&zMoatABTest2=%3A&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:03 GMT
generate_204
tpc.googlesyndication.com/ Frame 7058
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?W7t7sQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:50:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13495702354302384485&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&f=0&j=&t=1702403401384&de=394618716837&rx=355651258074&cu=1702403401384&m=2340&ar=cc84ca2002d-clean&iw=2034c62&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7296&le=1&lf=126&lg=1&lh=8&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A854%3A854%3A2680%3A780&as=0&ag=54&an=0&gf=54&gg=0&ix=54&ic=54&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=54&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=108&cd=0&ah=108&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5846368977%3A138404614248&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&zMoatW=728&zMoatH=90&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=header-desktop-nav%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=header-desktop-nav&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zMoatDfpSlotId=header-desktop-nav&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tz=header-desktop-nav&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=206701&na=659032411&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:04 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1702403401384&de=385248543665&rx=355651258074&m=0&ar=cc84ca2002d-clean&iw=2034c62&q=4&cb=0&cu=1702403401384&ll=2&lm=0&ln=0&em=0&en=0&d=5009920773%3A2848205265%3A5846368977%3A138404614821&zMoatW=300&zMoatH=250&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=rightrail-desktop-top%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&gw=redventuresgamheader644747280705&fd=1&it=500&ti=0&ih=2&pe=1%3A854%3A854%3A2680%3A780&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=206701&na=284870506&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:04 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3605542273632765505&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&f=0&j=&t=1702403401384&de=385248543665&rx=355651258074&cu=1702403401384&m=2392&ar=cc84ca2002d-clean&iw=2034c62&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7296&le=1&lf=126&lg=1&lh=8&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A854%3A854%3A2680%3A780&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=54&cd=0&ah=54&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5846368977%3A138404614821&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&zMoatW=300&zMoatH=250&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=rightrail-desktop-top%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=rightrail-desktop-top&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zMoatDfpSlotId=rightrail-desktop-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tz=rightrail-desktop-top&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=206701&na=411605486&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:04 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3700527001220058&bg=!cHOlczzNAAY3kmNgF5I7ADQBe5WfOGqPfQ8fGf01gfAsevp1hs8dEz3FtuzQOK5SHjy1g6WF9IfObORSaVA_Xef9sMeUAgAAADBSAAAAAmgBB5kDBrN5Vl2gfUXsdDk0lbf9MFaLBSojzBu_v9wQFbn4HSJ1UTgUCa5aSwfOPu4WXwZwyZwCeok0d-LC7SZ1BnePlstOwLc-RzBTkHrfK4HD7KCLwyGtkb-EBjHppso1O-TpMVBcNRiNsuJq6lu71oLo1AWKpZJfkAH-bQOEddgPwEccB9CoC9kCGvP5IkZi_SfKMRz3gBdv8JOV4Fg6v_M77cD0wKXYiZMrJ4OQyEeVL4EplkSCGCxUCVIuUS2AV0wYXqCA6wbGy4avRW9gMUs6kxW4lvPic5dSISWaMMKje0tjZa1QId_JPN2XkbKoGsvbKWV-sku7VboWr09pHpGPnML6VKNautcpovcWoHfLW7xR6Iv6rvqtunuT9J44CE4kxgr55ck2Z6XbI25NXn4k7uu71yvuZ9xHR-gVRnaM4Oy1XIWKesU5-5zosOPElakEYeiZ0e43dOUw4AnPT1a02btIBpiiCB-nLc2cDUdYGcYk9hKl1at27P6XJnjz0bI2iNOGHWM4TodhLCNSN497GmWyoguUpkn64wfOLJF_3mEPh0_1R9piK8YIE6zkgW_eopYRoFJ7rR6i1luhWWk2I0yKW7KFvpTXFassavuHkhltGfO0xMHKZ_68igRtYlh2HLBLU_olzrp43Bz185NHb-_CVOBhgcUOWUzFn88Dg6K-lXlfT4AF4P5sflGK-DhunPbuZQCG3uitFssRijsWx41HdKfVsovBEkaba1nC5uqvjuijc0xTrP94yTSrtEhuARksJezb6DHdO8LaPZoOID3zr3xk17HYsmZ6UaxPAhnJOPWUNrCDORQ6ZDHVBAUDNOhtdsASpOFQEnyGmPibbm1L9MBXnG2lTDQmwui3qDlFjcn_eXx9K2r2MSEzxnrqTCeUyHWr1TFIculT273IgGbHeduTv57zUqjrgTQ_rkPxAeKhjsaf30TUxhBy1Dry1roVUy-kDf4nxfMnqO1k7qd3R0fqlvM-VXE6xN2mkSIl2PqxL9DK_q3aW-yoIvWw7WsMGvSJSQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1702403401384&de=929432698137&rx=355651258074&m=0&ar=cc84ca2002d-clean&iw=2034c62&q=5&cb=0&cu=1702403401384&ll=2&lm=0&ln=0&em=0&en=0&d=5009920773%3A2848205265%3A5846368977%3A138405110272&zMoatW=300&zMoatH=250&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=rightrail-desktop-middle%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&gw=redventuresgamheader644747280705&fd=1&it=500&ti=0&ih=2&pe=1%3A854%3A854%3A2680%3A780&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=206701&na=1860909989&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:04 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3605542273632765505&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&f=0&j=&t=1702403401384&de=929432698137&rx=355651258074&cu=1702403401384&m=2401&ar=cc84ca2002d-clean&iw=2034c62&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7296&le=1&lf=126&lg=1&lh=8&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A854%3A854%3A2680%3A780&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9&cd=0&ah=9&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5846368977%3A138405110272&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&zMoatW=300&zMoatH=250&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=rightrail-desktop-middle%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=rightrail-desktop-middle&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zMoatDfpSlotId=rightrail-desktop-middle&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tz=rightrail-desktop-middle&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=206701&na=1053721233&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B7B0
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqNyZB5dGIefpGozewF4OhLh0pfgRZGhKAvgqAyouS7rapwyyXE0YkbpSAu3z-ZhYeAPLfSYjs1AKqmL1yzOkbr-BZtKhsjpQWZpeqDO5abgrAOYarow5CKHEkUelkt8C0bGg-dv8aCVN257LmnuDPpA&sig=Cg0ArKJSzBuOsye8VBvuEAE&id=lidar2&mcvt=1000&p=140,436,230,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1319707556&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702403403531&rpt=164&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=REDVENTURES_GAM_DISPLAY1&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1702403401384&de=897643501179&rx=355651258074&m=0&ar=cc84ca2002d-clean&iw=2034c62&q=6&cb=0&cu=1702403401384&ll=2&lm=0&ln=0&em=0&en=0&d=5009920773%3A2848205265%3A5846368977%3A138405110566&zMoatW=300&zMoatH=250&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=rightrail-desktop-bottom%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&gw=redventuresgamheader644747280705&fd=1&it=500&ti=0&ih=2&pe=1%3A854%3A854%3A2680%3A780&iq=noHistData&tt=noHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=206701&na=1346971171&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:04 GMT
pixel.gif
redventuresgamdisplay60805146916.s.moatpixel.com/
43 B
275 B
Image
General
Full URL
https://redventuresgamdisplay60805146916.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1016&tet=1163&fi=1&apd=1217&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=thepointsguy.com&L1id=5009920773&L2id=2848205265&L3id=5846368977&L4id=138404614248&S1id=22308610192&S2id=22614502375&ord=1702403401384&r=394618716837&t=iv&os=1&fi2=0&div1=1&ait=0&url=https%253A%252F%252Fthepointsguy.com%252Fnews%252Fzoom-backgrounds%252F&mobile=0&click=0&initW=728&initH=90&initSRE=0.034125&m_ltype=direct&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatPT=article&zMoatSL=header-desktop-nav%3FT-1000&zMoatPS=nav&zMoatABTest2=%3A&bedc=1&q=6&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.161.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-161-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:50:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
x-akamai-ew-subworker
8096267
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:04 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=bottom&zMoatSZPS=300x250%20%7C%20bottom&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F13320859533840401466&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&f=0&j=&t=1702403401384&de=897643501179&rx=355651258074&cu=1702403401384&m=2416&ar=cc84ca2002d-clean&iw=2034c62&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7296&le=1&lf=126&lg=1&lh=8&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A854%3A854%3A2680%3A780&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=16&cd=0&ah=16&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5846368977%3A138405110566&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&zMoatW=300&zMoatH=250&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=rightrail-desktop-bottom%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=rightrail-desktop-bottom&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zMoatDfpSlotId=rightrail-desktop-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tz=rightrail-desktop-bottom&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=206701&na=552629111&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:05 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&f=0&j=&t=1702403401384&de=394618716837&rx=355651258074&cu=1702403401384&m=3445&ar=cc84ca2002d-clean&iw=2034c62&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7296&le=1&lf=126&lg=1&lh=8&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A854%3A854%3A2680%3A780&as=1&ag=1163&an=54&gi=1&gf=1163&gg=54&ix=1163&ic=1163&ez=1&ck=1163&kw=1016&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1163&bx=54&ci=1163&jz=1016&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1016&cd=108&ah=1016&am=108&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5846368977%3A138404614248&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&zMoatW=728&zMoatH=90&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=header-desktop-nav%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=header-desktop-nav&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zMoatDfpSlotId=header-desktop-nav&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tz=header-desktop-nav&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=206701&na=1110328197&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:05 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&f=0&j=&t=1702403401384&de=394618716837&rx=355651258074&cu=1702403401384&m=3446&ar=cc84ca2002d-clean&iw=2034c62&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7296&le=1&lf=126&lg=1&lh=8&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A854%3A854%3A2680%3A780&as=1&ag=1163&an=1163&gi=1&gf=1163&gg=1163&ix=1163&ic=1163&ez=1&ck=1163&kw=1016&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1163&bx=1163&ci=1163&jz=1016&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1016&cd=1016&ah=1016&am=1016&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5846368977%3A138404614248&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&zMoatW=728&zMoatH=90&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=header-desktop-nav%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=header-desktop-nav&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zMoatDfpSlotId=header-desktop-nav&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tz=header-desktop-nav&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=206701&na=1229880866&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:05 GMT
pixel.gif
px.moatads.com/
43 B
265 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=6&sgs=3&bo=22308610192&bp=22614502375&bd=undefined&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=nav&zMoatSZPS=728x90%20%7C%20nav&zMoatPTAT=article&zMoatPTATSECT=article&vb=4&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=REDVENTURES_GAM_DISPLAY1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm~GefxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-BuYHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-QioJVCAZgVLOGg%3D%3D&sc=1&os=1-Dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&id=1&ii=4&f=0&j=&t=1702403401384&de=394618716837&rx=355651258074&cu=1702403401384&m=3446&ar=cc84ca2002d-clean&iw=2034c62&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7296&le=1&lf=126&lg=1&lh=8&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A854%3A854%3A2680%3A780&as=1&ag=1163&an=1163&gi=1&gf=1163&gg=1163&ix=1163&ic=1163&ez=1&ck=1163&kw=1016&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1163&bx=1163&ci=1163&jz=1016&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1016&cd=1016&ah=1016&am=1016&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5009920773%3A2848205265%3A5846368977%3A138404614248&gw=redventuresgamheader644747280705&zMoatOrigSlicer1=22308610192&zMoatOrigSlicer2=22614502375&dfp=0%2C1&la=22614502375&zMoatW=728&zMoatH=90&zMoatVGUID=09203e8d-0039-46d7-8082-c54ef510c4c6&zMoatSN=d&zMoatSL=header-desktop-nav%3FT-1000&zMoatABTest2=%3A&zMoatMMV=noHistData&zMoatMMV_MAX=noHistData&zMoatMGV=noHistData&zMoatMSafety=safe&zMoatMData=1&zMoatSlotId=header-desktop-nav&zMoatCURL=thepointsguy.com%2Fnews%2Fzoom-backgrounds&zMoatDev=Desktop&zMoatDfpSlotId=header-desktop-nav&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tz=header-desktop-nav&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=206701&na=1690194241&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.165.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-236.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thepointsguy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Tue, 12 Dec 2023 17:50:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 12 Dec 2023 17:50:05 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| __NEXT_PRELOADREADY object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| immediateUseAdLibFunctions object| BidBarrel object| _Cohesion object| _Preamp object| _Fuse object| _Tagular function| cohesion function| preamp function| fuse function| tagular function| OptanonWrapper function| gtag object| dataLayer object| OneTrustStub object| regeneratorRuntime object| adFlow object| FEATURES object| googletag object| confiant object| __Cohesion function| monarch function| taggy object| _Taggy object| google_tag_manager object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| ggeac object| google_js_reporting_queue object| pbjs string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust object| viacbs_at function| onYouTubeIframeAPIReady function| moatYieldReady function| setMoatPrebidData undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_57553782 object| Moat#PML#26#1.2 boolean| Moat#EVA object| DOMlessLLDcallback_57553782 object| MoatDataJsonpRequest_57553782 function| __moatSlotTagLoadedredventuresgamheader644747280705 object| moatPrebidApi function| ttd_dom_ready function| TTDUniversalPixelApi function| wait object| google_optimize number| google_unique_id object| GoogleGcLKhOms function| confiantDfpWrap object| lineItemInfo5846368977Callback_57553782 object| BrandSafetyNadoscallback_57553782 string| keyName object| google_image_requests

13 Cookies

Domain/Path Name / Value
.thepointsguy.com/ Name: cwr_u
Value: 6a8c3ba1-6fe3-4527-9cb7-28b54bb76b02
.cohesionapps.com/ Name: cohsn_xs_id
Value: 50caa52d-c410-456b-b583-cd518664e17a
.thepointsguy.com/ Name: _gid
Value: GA1.2.704951563.1702403400
.thepointsguy.com/ Name: _gat_gtag_UA_16558039_1
Value: 1
.thepointsguy.com/ Name: chsn_cnsnt
Value: thepointsguy.com%3AC0001
.thepointsguy.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Dec+12+2023+18%3A50%3A00+GMT%2B0100+(Central+European+Standard+Time)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=46b06f3a-83ea-4d83-9898-560c75aaaa7b&interactionCount=0&landingPath=https%3A%2F%2Fthepointsguy.com%2Fnews%2Fzoom-backgrounds%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0
thepointsguy.com/ Name: landing
Value: thepointsguy.com/news/zoom-backgrounds/
.thepointsguy.com/ Name: _ga
Value: GA1.1.2058534235.1702403400
.thepointsguy.com/ Name: __gads
Value: ID=cb84c1eebefb7604:T=1702403403:RT=1702403403:S=ALNI_MbcKVLifUqT6EGLnf6S_ZU9WYXBjA
.thepointsguy.com/ Name: __gpi
Value: UID=00000d18f9408ec6:T=1702403403:RT=1702403403:S=ALNI_MYhV5YRkitoFW84vjPdGJH39Jdilg
.thepointsguy.com/ Name: _ga_GVJPCKENFX
Value: GS1.1.1702403401.1.0.1702403403.58.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmGILM_EcaH7Tr_YoARMkDlvWKkeIxFa2Wxy3bfQDa-wFXgi-uB3VfflycpZ34
.thepointsguy.com/ Name: cwr_s
Value: eyJzZXNzaW9uSWQiOiIxNzc0ZWE1Yi1iNTYyLTQ1NTQtODQxZC02OTA5NjU4YTUwMGUiLCJyZWNvcmQiOmZhbHNlLCJldmVudENvdW50Ijo2OCwicGFnZSI6eyJwYWdlSWQiOiIvbmV3cy96b29tLWJhY2tncm91bmRzLyIsImludGVyYWN0aW9uIjowLCJyZWZlcnJlciI6IiIsInJlZmVycmVyRG9tYWluIjoiIiwic3RhcnQiOjE3MDI0MDMzOTk4MTV9fQ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.adtech.redventures.io
b227c1157b0e6655e951e5406790b04d.safeframe.googlesyndication.com
beam.thepointsguy.com
cdn.cohesionapps.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cognito-identity.us-east-1.amazonaws.com
empennage.api.thepointsguy.com
geolocation.onetrust.com
insight.adsrvr.org
mb.moatads.com
monarch.cohesionapps.com
pagead2.googlesyndication.com
px.moatads.com
redventuresgamdisplay60805146916.s.moatpixel.com
region1.analytics.google.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sts.us-east-1.amazonaws.com
taggy.cohesionapps.com
thepointsguy.com
thepointsguy.global.ssl.fastly.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
z.moatads.com
100.24.172.59
132.226.214.62
151.101.130.132
151.101.65.194
151.101.66.154
18.232.10.106
18.64.79.98
2.18.161.148
2001:4860:4802:34::36
23.213.165.236
2600:1f18:41d6:7402:4df3:454a:5580:5a3b
2600:9000:225a:8c00:1e:7632:5780:93a1
2606:4700:4400::6812:2089
2606:4700:4400::ac40:90a6
2606:4700::6812:83ec
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2001
2a00:1450:400c:c00::9b
3.223.9.153
3.33.220.150
52.119.199.56
0172c47e7657ae606b742da14ecfe0964814113b9678436b67bad2dd6cbe0c1e
02312bd828d6f5da42d1da4419e4b3393a0c7907c4e21d4f115230f2f4a4baa1
03bd180906455ea764be23a3100794d64cfdc7beadcee9b8b533570a288f255d
07341445c1bb2f07414fef3a4597f7a8a15a00151571a9d80481abc74d5bc14c
08f24a28e4554f3dbb23849dc47f98140e586701c6d0b955db04b23df84d17ac
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0ad4ff2ca8c5ac53fe7ff7a4b8df81fe3d3798087552cf69f71b3c3d804c4dcf
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
13ffc5b5a2a181b8cc45e9c8230aceab39aeeb2eb5cd4f9f63f8a10aa48f1d38
1413dbb4c508f9bdbe38aea543ac6d8e84848e76b5878b6e8cb496a5d1085099
152099f733a50d49cb0abbb66012a010503af956ce9eb1e02951bb3e223af7be
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
25d2bb3ef7666734c5c8e9f46905a422cb029c7c5e71cd4a90592ee07eb3d012
268942c8a2e832ac4f764dd3fdfe4b04e7b80e509f234525ace66ef43137d08d
26fe0ebac8ccab418c979ad61477a37d36bd257d3fbc8376083c6b1e26b9d35e
27b03aa34701a113ba8baecb91f9a0eb7915f87e1c1bc4d8e2db5460464d1b86
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
28ae7edc409718223f657064785965dd4be3ab612fe8c61c9ee034da136789b9
2bc56bedfbd6d2e324c643015101e562436d011d94197b1f6ccff2045c467c24
2f19fc9a6d9d6580ba1fa59b8f7549fe4753376268862cf8833a9cf636ceaeb5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32b6dc462015932bf0229c578425c7246a79003230193902ef38a128ea4b3635
365c97c017b108ce59f2022f66640e952999d21a72445e00d8b17d98755658e5
3d2729e66acd17956a1c82b42a56e8030ed4dcb40e7065c50be448e4da48f8af
3e234c8dd48112dd44edd655dd95e41026b1c0c7e2e06cc8b2563358ede2d470
40fc00ab008a7b8e34a69e36e5391eda4f328bf9abbeb89b9f39290e8ed1365e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459d89d424eea61a7b2af5232ff69ed500a0d29cbf74bc64f10b7fb5cd35e779
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4e8c79537ad608051945cf6f0c9982eb74fd0298a124536763b25a7a93a58131
5251e948890803b91f8b6cc43cea30a85fb1e2ae96106dc0544bac1a554d4021
54cafdf293da5ecf6aa2b64f6f08a6348b2b3ba47a5f29605c43f92676c77179
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d980ede2d12f83404412d600f4537905be8f26bc9592e1d3a61d51aedf7077
5acf505e1fdd79629b414d17f9e34c51e3e4c0b8fd7efa774cd6fa5636adb878
5bdb4b46913431ddd41cb9550a5cb059b22fb02bba996da892201d21a2e75621
5c166901ed21fbf2aa71d05fd2441a89c13a6c75ea6d5f0464c2bf0ea186f38e
5c7a54a45855cd80b865919513088288813f0594e3b7ee5a7c63677410cec3a1
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e8dc2d52b86ee21fef433439319305723dd6d7d81e268c746e4b79b9143125f
5fb6040f14bd78da9611b4fb9ee3ad64623e8ad8c59d3caddadc6e009be3f241
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a540be228fedbacb19d34359743eaf18706ef29230b0fa3d0296aea45f646f
63f2b5fe91f123608c0ce8830093f33d91d1eb5e8d14e68abcb665beb8e179bd
64645cf8e23e62ff0ec3b71999e9cda3343b32db8633dcf6f59648e9e13898a6
6581ca02bc9391450c75e25d83fdd6a216d5f3e2b1918fc253980b05a8f37da7
68657bfe62de1839dfbb52472b4ae0b919eb8f6c9c4a4f3950ba58c843bdf9a8
68d9eb6aefb519749c74c97c8b3271a6cb7279ea5f790803885d2a45eefb2269
68dbfba9727d2cb5453d4ec91296a69af8e31baf31187ea9198151de751fd144
6aef506e62bb63e39edb82d90db46c757689996420171500eba2f7df0e5f0d37
6b73c6928747811fe3963b38bd51bb19f510a21afadbe55be35fa09684bc666b
6d72fa0f78c80b1874d3ee4aadf43d973edc442a65fef83d37e684ac559893b7
6ef23518a83f4ebf188e2536de4696c848f89c9294283281a0065eb53929361f
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7009c21449e6c358b1355da398bb3fea44306c5c75e6fb769395922c0ddb80eb
739020a16539d8e2b028a4285a52532d1036ec1381842d63d815fd6159fce1f2
7467ce1cce8a5291083fb7573b1b06e94f12291e09d8c5033fb9ad725be4a46e
75e2031c90d10a611d298d627e297dd9bf6394f46bfdb0d204072b9e5fe8cb11
77955d774601e121af2db4ef7481e256f451faf868fcab2b5f3dda24d9922781
798b189e808a46eaff3c4aa3ee2fa48f0aff847369aeecd3ab542094c0aa2c81
7d1c67907cf4cf7c4bad640064a734d61874907da6aeebd12f8503db1775ba3b
7e3d4c4de893a4e60c2953d244246a48eeb68aa32a0a849ba81fd9d79dfeae96
800ae3e3771dee23d631b5b013b1184da362eccd30fcd49ba7cc6f2313330841
831efbe8f40da8a2721778725f0b68f468096f123a6cb72661cd8c3ae11c17d0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86a3a572984449a8bfdee97f076e9ee2ebe0ae739f278bb704c09840675e7419
88bebb821ebc59858c79922a9fa771a0443b8ea06f62ca5944bf0094a77e7ae6
8e65747cefcfea3b238374518a4c9941d2a22aac6a7f0e6da9a9beee8c27799b
902bed72f7c6e7bbc0e703f7c5ebccf67ed5d5f3ccf015d92cdeb53e895a2fd3
90a83822b5af5452c1da6311e4785c6815d4fe48594ba693dcb5c345c13ff52c
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9553ba5e18d6edf2146978f2481b1e9f955fdbdcb99a9037785023d2ad64dc16
96025fe9db6578d8bc7f4b8be739750b1490e07221c2b1f16acde2ea7669cedf
969d4a2b22cc23274ab0304765e1a999c53fc25f60488e651a05ba31339721c6
9ad3ac2e4d399fc9acea975ada0ef3080ec4f9469aaa437a0936e221bd9046e3
9ae13ddab63acb296700ae3579ebf12ca93759bcf6285822acc5f831fc6f62f0
9d8e4b0bc264540c769f11d933b394ad8a2b8c326b6d1be641c68f56cb59539e
9e7af480789a5e160bc4c77c15ffa1091cc926ef1d4d6a13ac4f30e26804448e
afee58a8eaa52be06d6bc91e3c2e6664b62672efc5c73bfeb0d1e812f9c821ff
b1504786698f8e47b941ab4fb14a52c19d9ab8c5293ebcb831b71ca8faf2fbf9
b2978ed39e4ca76413be4f3223b098616a3021faab5f0ea99b31a7d730a1b350
b3242e531e65b2acfbe4e60056f1b1ec44891d20f841133d91504d058ddb4726
b34f946baa10360555709e392c99024a11f4e66cfa1c061865a12706aabdd9c6
b62ccccc8dd403e4fddbebf79fa3866a8ef30b670cbffc1117e0e14f1305130d
b9610ce93171f0c59c238b28a1ddb9c8bd571c77688c7fb28149c217dedf1ba1
b9e4bc0bd8633503e4b8e412caebc24b0ae2f2a9abb0ccf2860bd8634488ec14
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
c5404255a0f782fde2353c7583e44cd8afba9b88ca0cbc09a8b3270626471fda
c6da3cddeb9e73c811f751688c8672ed30b0bb960f31e7ee09ec62a8562020f5
c92ae82dce7dca932fe60dac7d7a093fda14ac17f39744ebedb099c778e3763a
c96614dac63a6b7b7fba4de1f8ce1dc0ac0ead89853f98b97714d0d90814a1bb
c9e5eca8ec485060829e3886c122fca2843a73fecc6254c89d58d1580558fb77
cc75d10e39c98b7c9bbd9ae102b147ec1fa576939eaa5acc5a9824d150abed9a
cdd44dd919056252b70ec530942b6ba656fc4e47dff1e7d87a935ac19ecc2ef5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d459332e69ce757dacdb554b02effbb0d7f4b5d0e1cef29d72b4efd3c320198d
d649cc3f4a31824b8eb8225ba84645013fee8a4699283b8b65d0ff30e1435cf5
d755e28516ffa40507cab9e42dbf5339fa0e8cd6d85d2ea58fb5348e2aa82475
ddca35a8349a66dabad41c661a0049117fb52c0917b8921b93b219ccb060da12
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0eecce7045c5efcaff8e91f9feb423c469fbcecf0f4a632d0584ab6884972f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4867c7cf0cb3f6a82a057915dc05cdebbafaeb94f79a746cd5d18f7c6c2179c
eadcb10d0a8b835cbe4e286e3226c458790f3e2457f309553cd6bf2f2853b049
eda1d03d295937cdf9e0a27ee7d4d7247911ead406eeb84adbabf3d8c8edd782
eeddd2b39e4dd99f0e77e09c9fcf4946e5c8ea05fea0e43a4682229d76fdb649
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f416a3dca99ae36a1879941efd31211dcea3a31310ac2ed7e3440e96c0b64d50
f6a99db99b73f1e4332dc44c727ba47e2dcdd57024687423e5a49a94a285deba
f8845dd84501cd54fe690f1409a3a0e116551632bdccfe5ea791a0ba81667da4
f8d81e866a671e18244a82d87c6377b906239e6466c5d5cf8a54276bb6fdf5e5
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
faf3267f210d03b9b678da3fd1b5d559c8a96da515af139a144aff525301e7a1
fcfca61abe50ab7c72008dd818391c37f6a053921eac488a7832d105df0e08f7
fe34de18e1635775c464959aee9e9e9dc6892db0f1b24effdbeadf770f56918f