Submitted URL: http://rxxwin.com/rx.php?sub=SALE
Effective URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Submission: On September 30 via manual from DE — Scanned from US

Summary

This website contacted 52 IPs in 4 countries across 47 domains to perform 111 HTTP transactions. The main IP is 172.67.195.53, located in United States and belongs to CLOUDFLARENET, US. The main domain is 30.rewardzinga.com.
TLS certificate: Issued by WE1 on August 6th 2024. Valid for: 3 months.
This is the only time 30.rewardzinga.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a02:4780:6:1... 47583 (AS-HOSTINGER)
3 104.18.10.207 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.31 16276 (OVH)
4 2606:4700:21:... 13335 (CLOUDFLAR...)
1 23.33.42.81 20940 (AKAMAI-ASN1)
2 3.13.47.114 16509 (AMAZON-02)
1 172.64.153.173 13335 (CLOUDFLAR...)
2 67.202.105.34 32748 (STEADFAST)
2 108.138.128.124 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 148.113.153.94 16276 (OVH)
1 184.50.205.247 16625 (AKAMAI-AS)
1 23.33.42.82 20940 (AKAMAI-ASN1)
1 23.200.88.61 20940 (AKAMAI-ASN1)
2 3 52.54.69.117 14618 (AMAZON-AES)
2 2 142.251.35.162 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 54.174.150.34 14618 (AMAZON-AES)
3 4 68.67.179.166 29990 (ASN-APPNEX)
1 1 15.197.193.217 16509 (AMAZON-02)
2 2 108.138.106.5 16509 (AMAZON-02)
1 1 199.38.167.131 54312 (ROCKETFUEL)
2 2 44.215.250.231 14618 (AMAZON-AES)
1 107.178.254.65 396982 (GOOGLE-CL...)
1 1 67.202.105.24 32748 (STEADFAST)
1 35.244.154.8 15169 (GOOGLE)
1 1 67.202.105.23 32748 (STEADFAST)
1 23.200.88.69 20940 (AKAMAI-ASN1)
3 172.67.149.199 13335 (CLOUDFLAR...)
1 153.92.9.122 47583 (AS-HOSTINGER)
1 1 172.67.176.182 13335 (CLOUDFLAR...)
1 1 34.49.33.158 396982 (GOOGLE-CL...)
12 172.67.195.53 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 172.64.147.238 13335 (CLOUDFLAR...)
1 2606:4700:310... 13335 (CLOUDFLAR...)
2 54.146.146.68 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.128.100 16509 (AMAZON-02)
10 16.182.71.97 16509 (AMAZON-02)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
1 3.93.26.94 14618 (AMAZON-AES)
1 18.164.124.33 16509 (AMAZON-02)
1 6 3.231.112.165 14618 (AMAZON-AES)
2 2600:9000:21d... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 142.250.81.227 15169 (GOOGLE)
1 52.72.145.167 14618 (AMAZON-AES)
4 34.205.0.238 14618 (AMAZON-AES)
1 3.168.96.129 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.124.56 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.249.91.110 16509 (AMAZON-02)
2 23.20.238.11 ()
1 3.224.202.97 ()
1 3.229.6.108 ()
2 3.208.52.15 ()
111 52
Apex Domain
Subdomains
Transfer
12 rewardzinga.com
rewardzinga.com — Cisco Umbrella Rank: 672386
30.rewardzinga.com
111 KB
10 amazonaws.com
ppe-userenroll-assets.s3.amazonaws.com — Cisco Umbrella Rank: 528222
76 KB
8 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 27869
cdn.trustedform.com — Cisco Umbrella Rank: 32928
45 KB
8 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 8257
cdn.pushnami.com — Cisco Umbrella Rank: 17595
psp.pushnami.com
fpc.pushnami.com
trc.pushnami.com
21 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
ajax.googleapis.com — Cisco Umbrella Rank: 454
33 KB
5 leadid.com
create.leadid.com — Cisco Umbrella Rank: 15799
2 KB
4 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 520
4 KB
4 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 32622
t.sharethis.com — Cisco Umbrella Rank: 7081
5 KB
4 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 11768
t.dtscout.com — Cisco Umbrella Rank: 10242
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
257 KB
3 smrturl.co
smrturl.co — Cisco Umbrella Rank: 607467
2 KB
3 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 9206
2 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1289
2 KB
3 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 20196
ic.tynt.com — Cisco Umbrella Rank: 16325
de.tynt.com — Cisco Umbrella Rank: 1609
9 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 10083
s4.histats.com — Cisco Umbrella Rank: 10181
11 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1352
33 KB
3 rxxwin.com
rxxwin.com
39 KB
2 gstatic.com
fonts.gstatic.com
82 KB
2 ipredictive.com
js.ipredictive.com — Cisco Umbrella Rank: 12144
ad.ipredictive.com — Cisco Umbrella Rank: 8346
3 KB
2 tnapplications.com
api.tnapplications.com — Cisco Umbrella Rank: 55697
15 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 515
p.typekit.net — Cisco Umbrella Rank: 683
1 KB
2 33across.com
dp2.33across.com — Cisco Umbrella Rank: 16171
dp1.33across.com — Cisco Umbrella Rank: 5824
1019 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 626
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1433
3 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 358
1 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 297
2 KB
2 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2964
724 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1176
bcp.crwdcntrl.net Failed
20 KB
2 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 5551
2 KB
1 pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 7290
rum-collector-2.pingdom.net Failed
3 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 25553
38 KB
1 minionplatform.com
telemetry.partners.prod.minionplatform.com — Cisco Umbrella Rank: 111543
107 B
1 quilljs.com
cdn.quilljs.com — Cisco Umbrella Rank: 26595
4 KB
1 iconscout.com
unicons.iconscout.com — Cisco Umbrella Rank: 79779
10 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1486
12 KB
1 mzbvbn8trk.com
www.mzbvbn8trk.com — Cisco Umbrella Rank: 742364
933 B
1 bluejaymobi.com
fly.bluejaymobi.com — Cisco Umbrella Rank: 626719
675 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 487
441 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 838
344 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 873
1 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 413
627 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1400
428 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 10855
597 B
0 Failed
function sub() { [native code] }. Failed
0 krxd.net Failed
usermatch.krxd.net Failed
111 47
Domain Requested by
10 ppe-userenroll-assets.s3.amazonaws.com 30.rewardzinga.com
9 30.rewardzinga.com 30.rewardzinga.com
ajax.googleapis.com
6 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
6 fonts.googleapis.com 30.rewardzinga.com
5 create.leadid.com create.lidstatic.com
4 secure.adnxs.com 3 redirects rxxwin.com
3 www.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com 30.rewardzinga.com
www.googletagmanager.com
3 rewardzinga.com smrturl.co
3 smrturl.co
3 map.go.affec.tv 2 redirects rxxwin.com
3 ps.eyeota.net 2 redirects rxxwin.com
3 t.dtscout.com e.dtscout.com
3 maxcdn.bootstrapcdn.com rxxwin.com
3 rxxwin.com rxxwin.com
2 trc.pushnami.com api.pushnami.com
2 psp.pushnami.com api.pushnami.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.trustedform.com 30.rewardzinga.com
api.trustedform.com
2 api.pushnami.com 30.rewardzinga.com
api.pushnami.com
2 api.tnapplications.com 30.rewardzinga.com
2 i.liadm.com 2 redirects
2 live.rezync.com 2 redirects
2 px.ads.linkedin.com 1 redirects rxxwin.com
2 cm.g.doubleclick.net 2 redirects
2 t.sharethis.com pd.sharethis.com
t.sharethis.com
2 pixel.onaudience.com 2 redirects
2 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
2 pd.sharethis.com e.dtscout.com
rxxwin.com
2 pxdrop.lijit.com e.dtscout.com
pxdrop.lijit.com
2 s10.histats.com rxxwin.com
s10.histats.com
1 fpc.pushnami.com api.pushnami.com
1 cdn.pushnami.com api.pushnami.com
1 rum-static.pingdom.net www.googletagmanager.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 ad.ipredictive.com js.ipredictive.com
1 create.lidstatic.com 30.rewardzinga.com
1 telemetry.partners.prod.minionplatform.com api.tnapplications.com
1 p.typekit.net use.typekit.net
1 ajax.googleapis.com 30.rewardzinga.com
1 js.ipredictive.com 30.rewardzinga.com
1 cdn.quilljs.com 30.rewardzinga.com
1 unicons.iconscout.com 30.rewardzinga.com
1 use.typekit.net 30.rewardzinga.com
1 use.fontawesome.com 30.rewardzinga.com
1 www.mzbvbn8trk.com 1 redirects
1 fly.bluejaymobi.com 1 redirects
1 dp1.33across.com 1 redirects
1 idsync.rlcdn.com rxxwin.com
1 dp2.33across.com 1 redirects
1 pippio.com rxxwin.com
1 p.rfihub.com 1 redirects
1 match.adsrvr.org 1 redirects
1 de.tynt.com cdn.tynt.com
1 stags.bluekai.com rxxwin.com
1 t.dtscdn.com e.dtscout.com
1 ic.tynt.com rxxwin.com
1 cdn.tynt.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 s4.histats.com s10.histats.com
0 truncated Failed
0 rum-collector-2.pingdom.net Failed rum-static.pingdom.net
0 bcp.crwdcntrl.net Failed tags.crwdcntrl.net
0 usermatch.krxd.net Failed rxxwin.com
111 64

This site contains no links.

Subject Issuer Validity Valid
rxxwin.com
R10
2024-09-13 -
2024-12-12
3 months crt.sh
bootstrapcdn.com
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
s10.histats.com
WE1
2024-08-07 -
2024-11-05
3 months crt.sh
histats.com
R11
2024-08-06 -
2024-11-04
3 months crt.sh
dtscout.com
WE1
2024-09-10 -
2024-12-09
3 months crt.sh
cert2-prod.aut.a24365.net
R11
2024-07-26 -
2024-10-24
3 months crt.sh
sharethis.com
Amazon RSA 2048 M03
2024-04-21 -
2025-05-20
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2024-09-05 -
2025-09-30
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02
2024-09-07 -
2025-10-07
a year crt.sh
dtscdn.com
WE1
2024-09-06 -
2024-12-05
3 months crt.sh
cert1-prod.aut.a24365.net
R11
2024-09-25 -
2024-12-24
3 months crt.sh
smrturl.co
WE1
2024-09-13 -
2024-12-12
3 months crt.sh
rewardzinga.com
WE1
2024-08-06 -
2024-11-04
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
use.fontawesome.com
WE1
2024-09-09 -
2024-12-09
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-27 -
2025-09-27
a year crt.sh
iconscout.com
WE1
2024-09-14 -
2024-12-13
3 months crt.sh
cdn.quilljs.com
WE1
2024-08-18 -
2024-11-16
3 months crt.sh
api.tnapplications.com
R10
2024-08-15 -
2024-11-13
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.ipredictive.com
Amazon RSA 2048 M02
2024-02-12 -
2025-03-11
a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
telemetry.partners.prod.minionplatform.com
R11
2024-08-14 -
2024-11-12
3 months crt.sh
*.pushnami.com
Amazon RSA 2048 M02
2024-02-03 -
2025-03-03
a year crt.sh
lidstatic.com
E6
2024-09-20 -
2024-12-19
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
create.leadid.com
Amazon RSA 2048 M03
2024-07-20 -
2025-08-18
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.trustedform.com
Amazon RSA 2048 M02
2024-07-10 -
2025-08-06
a year crt.sh
pingdom.net
WE1
2024-09-12 -
2024-12-12
3 months crt.sh
cdn.trustedform.com
Amazon RSA 2048 M03
2024-02-13 -
2025-03-13
a year crt.sh

This page contains 8 frames:

Primary Page: https://30.rewardzinga.com/750-amazon-rewards-v-4
Frame ID: 3DF33FE96B025973649B68FD81D07650
Requests: 102 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C3017276996155B6AB80A892A796640
Frame ID: 209436025FF50385D86044AB6369018D
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1550.828&cid=c026&cls=sync
Frame ID: 9F6D893A97FB29D1C8A9B011903C5EAE
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1523.23404&cid=c010&cls=C
Frame ID: B925BE4DDA7792C9642F6CAB2ACC1583
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=111974&cache_buster=1727699620&url=https%3A%2F%2F30.rewardzinga.com%2F750-amazon-rewards-v-4&ps=0
Frame ID: 2B1DDD0DDD6DEB88198B658D85980190
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9618000B-8250-D9F3-D88C-3225DB8AB75B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=69EDB21F-622D-AA73-7E7B-1CDC74465E7A&lac=9F3784C7-6949-6299-8003-1FE5AA121320
Frame ID: A93A6A55E059B82F657DE8CBEB18CA96
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 66C2DB2077FCA328DF39185A90E345DB
Requests: 1 HTTP requests in this frame

Frame: https://create.leadid.com/2.15.0/InitFormData.iframe?msn=5&pid=cc79e577-9f33-4680-bb28-5ae9b74195b5&token=9618000B-8250-D9F3-D88C-3225DB8AB75B&_=152943141
Frame ID: 29BA56A06BA8F4A42C75974A611FD705
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

RewardZinga

Page URL History Show full URLs

  1. http://rxxwin.com/rx.php?sub=SALE HTTP 307
    https://rxxwin.com/rx.php?sub=SALE Page URL
  2. https://smrturl.co/o/516768/53354721?s1=SALE Page URL
  3. https://fly.bluejaymobi.com/click?pid=3554&offer_id=86793&sub2=Cdb2c23fae9531&sub5=516768&sub6=https%3A%... HTTP 302
    https://www.mzbvbn8trk.com/4DBH1D/PS824/?uid=509&sub3=66fa9aa2b8d03300011e8b42&sub1=3554&sub2=516768 HTTP 302
    https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989... Page URL
  4. https://30.rewardzinga.com/750-amazon-rewards-v-4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

87 %
HTTPS

25 %
IPv6

47
Domains

64
Subdomains

52
IPs

4
Countries

843 kB
Transfer

2433 kB
Size

83
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rxxwin.com/rx.php?sub=SALE HTTP 307
    https://rxxwin.com/rx.php?sub=SALE Page URL
  2. https://smrturl.co/o/516768/53354721?s1=SALE Page URL
  3. https://fly.bluejaymobi.com/click?pid=3554&offer_id=86793&sub2=Cdb2c23fae9531&sub5=516768&sub6=https%3A%2F%2Frxxwin.com%2F&sub7=https%3A%2F%2Frxxwin.com%2F HTTP 302
    https://www.mzbvbn8trk.com/4DBH1D/PS824/?uid=509&sub3=66fa9aa2b8d03300011e8b42&sub1=3554&sub2=516768 HTTP 302
    https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989e42bd1efc77e76&campaignid=15&sid3=66fa9aa2b8d03300011e8b42&first_name=&last_name=&email=&address1=&address2=&city=&state=&zip=&phone=&gender=&dob= Page URL
  4. https://30.rewardzinga.com/750-amazon-rewards-v-4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://rxxwin.com/rx.php?sub=SALE HTTP 307
  • https://rxxwin.com/rx.php?sub=SALE
Request Chain 17
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C3017276996155B6AB80A892A796640 HTTP 302
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
  • https://stags.bluekai.com/site/52799?id=05d5a95196b02271
Request Chain 22
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1727699616409.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1727699616409.1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjMtQUw0NXEta0JpZy1KS0k1SC0wUFBaNFRuV1BkTmhpVkVLdFJqMzFWRkE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjMtQUw0NXEta0JpZy1KS0k1SC0wUFBaNFRuV1BkTmhpVkVLdFJqMzFWRkE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_tc= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENZi9wT7ZEaQJwJ6YLrKl6Y&google_cver=1
Request Chain 23
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&_rand=1727699616409.2 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&_rand=1727699616409.2&expected_cookie=2d7cfd01-4e10-4e5e-a2df-6374eae9d160
Request Chain 24
  • https://map.go.affec.tv/map/3a/?pid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&ts=1727699616409.3 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D66fa9aa0d5024c000168156e%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D66fa9aa0d5024c000168156e%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
  • https://map.go.affec.tv/map/an/7551803593484917628?ch=66fa9aa0d5024c000168156e&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://map.go.affec.tv/map/ttd/10e479a6-ffa7-41f2-87b7-6d8d8f913d07?ttd_puid=&gdpr=0&gdpr_consent=
Request Chain 25
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&us_privacy=&cache_buster=1727699616409.4 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7bd38fcc-6f75-40c4-8096-2d3655937e9d%3A1727699616.6428924&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D7bd38fcc-6f75-40c4-8096-2d3655937e9d%253A1727699616.6428924%26pid%3D500040%26it%3D1%26iv%3D7bd38fcc-6f75-40c4-8096-2d3655937e9d%253A1727699616.6428924%26_%3D1727699616.6448224&cb=1727699616.6448648 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969470229184758589&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D7bd38fcc-6f75-40c4-8096-2d3655937e9d%253A1727699616.6428924%26pid%3D500040%26it%3D1%26iv%3D7bd38fcc-6f75-40c4-8096-2d3655937e9d%253A1727699616.6428924%26_%3D1727699616.6448224 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=7bd38fcc-6f75-40c4-8096-2d3655937e9d%3A1727699616.6428924&pid=500040&it=1&iv=7bd38fcc-6f75-40c4-8096-2d3655937e9d%3A1727699616.6428924&_=1727699616.6448224 HTTP 303
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924&pid=500040&_li_chk=true&_=1727699616.6448224&iv=7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924&previous_uuid=f33f13d63fb8463a8e743bb493706be3 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1727699616.6448224&iv=7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924
Request Chain 26
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&random=1727699616409.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&random=1727699616409.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6d904f3e-7826-4ced-a8d1-5a35eabcdddb%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6d904f3e-7826-4ced-a8d1-5a35eabcdddb%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=10e479a6-ffa7-41f2-87b7-6d8d8f913d07&ttd_puid=6d904f3e-7826-4ced-a8d1-5a35eabcdddb%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad
Request Chain 27
  • https://dp2.33across.com/ps/?pid=1205&rand=1727699616409.6 HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212814240041158
Request Chain 28
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&random=1727699616409.7&pu=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212813392945264&seg_code=33x&random=1727699616 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212813392945264%26seg_code%3D33x%26random%3D1727699616
Request Chain 36
  • https://fly.bluejaymobi.com/click?pid=3554&offer_id=86793&sub2=Cdb2c23fae9531&sub5=516768&sub6=https%3A%2F%2Frxxwin.com%2F&sub7=https%3A%2F%2Frxxwin.com%2F HTTP 302
  • https://www.mzbvbn8trk.com/4DBH1D/PS824/?uid=509&sub3=66fa9aa2b8d03300011e8b42&sub1=3554&sub2=516768 HTTP 302
  • https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989e42bd1efc77e76&campaignid=15&sid3=66fa9aa2b8d03300011e8b42&first_name=&last_name=&email=&address1=&address2=&city=&state=&zip=&phone=&gender=&dob=
Request Chain 69
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
rx.php
rxxwin.com/
Redirect Chain
  • http://rxxwin.com/rx.php?sub=SALE
  • https://rxxwin.com/rx.php?sub=SALE
2 KB
1 KB
Document
General
Full URL
https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:6:1421:0:1723:f658:10 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
427ab96827876250b27ebb81f63442976b478eb37fd398755b7a499342d3d28f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
901
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 12:33:35 GMT
panel
hpanel
platform
hostinger
refresh
0; url=https://smrturl.co/o/516768/53354721?s1=SALE
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/5.6.40

Redirect headers

Location
https://rxxwin.com/rx.php?sub=SALE
Non-Authoritative-Reason
HttpsUpgrades
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"04425bbdc6243fc6e54bf8984fe50330"
age
18632954
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 12:33:35 GMT
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
11/27/2023 07:00:17
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
49370a6ee2cfae6d6bb03390fb53d171
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8cb43e039a3f0349-MIA
access-control-allow-origin
*
cdn-edgestorageid
871
server
cloudflare
cdn-requestcountrycode
US
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/
115 KB
23 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"eedf9ee80c2faa4e1b9ab9017cdfcb88"
age
18643537
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 12:33:35 GMT
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
09/04/2022 09:22:42
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2a04404017d3215520eef4498db0031c
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.02
cf-ray
8cb43e039a410349-MIA
access-control-allow-origin
*
cdn-edgestorageid
876
server
cloudflare
cdn-requestcountrycode
US
bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"89b29714ad4aaaa3953ef3b51cf9c43a"
age
18632939
x-content-type-options
nosniff
date
Mon, 30 Sep 2024 12:33:35 GMT
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
12/11/2023 12:23:52
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a3c8c0a522e80db73e6b8a257b2f3517
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8cb43e039a3d0349-MIA
access-control-allow-origin
*
cdn-edgestorageid
974
server
cloudflare
cdn-requestcountrycode
US
load.gif
rxxwin.com/include/images/
29 KB
29 KB
Image
General
Full URL
https://rxxwin.com/include/images/load.gif
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:6:1421:0:1723:f658:10 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

content-security-policy
upgrade-insecure-requests
cache-control
public, max-age=604800
etag
"7507-65e8733c-61a9a30324566cd3;;;"
expires
Mon, 07 Oct 2024 12:33:35 GMT
accept-ranges
bytes
content-length
29959
date
Mon, 30 Sep 2024 12:33:35 GMT
content-type
image/gif
last-modified
Wed, 06 Mar 2024 13:44:28 GMT
server
LiteSpeed
platform
hostinger
panel
hpanel
js15_as.js
s10.histats.com/
11 KB
5 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:8472 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"-375139978"
age
44663
cf-ray
8cb43e04c9dd8dd0-MIA
accept-ranges
bytes
content-length
4547
date
Mon, 30 Sep 2024 12:33:35 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
vary
Accept-Encoding
server
cloudflare
0.php
s4.histats.com/stats/
376 B
511 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?4852088&@f16&@g1&@h1&@i1&@j1727699615524&@k0&@l1&@mGASPOL-LED&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-40054293&@b3:1727699616&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534110.ip-149-56-240.net
Software
/
Resource Hash
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

Content-Length
376
Date
Mon, 30 Sep 2024 12:33:26 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
cc_511.js
s10.histats.com/counters/
15 KB
6 KB
Script
General
Full URL
https://s10.histats.com/counters/cc_511.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:8472 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cache-control
max-age=28800
content-encoding
gzip
cf-cache-status
HIT
etag
"1364484781"
age
67520
cf-ray
8cb43e052a678dd0-MIA
accept-ranges
bytes
content-length
6278
date
Mon, 30 Sep 2024 12:33:35 GMT
content-type
text/javascript
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
vary
Accept-Encoding
server
cloudflare
/
e.dtscout.com/e/
8 KB
4 KB
Script
General
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4852088&@f16&@g1&@h1&@i1&@j1727699615524&@k0&@l1&@mGASPOL-LED&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-40054293&@b3:1727699616&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f83f2b095ff9a6aea46ddc2c373e783f3e29c4ba08c73c92886ad47035febc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nArVXnvPw%2FOl4Lp8aHG5oZ1YckRG%2FsiHxHuJ%2BorKCQqKQ5AjYrXXSQhUjSc68kp1EG52xu5Ye9WUsG6vUzaOKdpPaa18R99H%2BWMAA%2BEVME%2FQDGV2oSs4RQXz5jbVpbWkGUA%2F0wztxRCrXRg%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.229
cf-ray
8cb43e071e200a36-MIA
expires
Mon, 30 Sep 2024 12:33:34 GMT
date
Mon, 30 Sep 2024 12:33:35 GMT
content-type
application/javascript
x-s
mtl3
server
cloudflare
/
t.dtscout.com/idg/ Frame 2094
0
0
Document
General
Full URL
https://t.dtscout.com/idg/?su=4C3017276996155B6AB80A892A796640
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://rxxwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8cb43e085a86875d-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 12:33:36 GMT
expires
Mon, 30 Sep 2024 12:33:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zeMiYYTjcZmdzunvO%2Bs1fhTzSSb5hUo5gdgf8xpSH9ADOh6iTJ0QFZLl3RK20DenMakPEwYGG7y4Ir8lnfX%2F0%2B%2FdkHZGNbWLz330eiDfZz11vorixqM%2BsSChWXWdX4XWujCWU%2B1jcxcDzM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
t.dhj
pxdrop.lijit.com/1/d/
2 KB
2 KB
Script
General
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=rxxwin.com&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.33.42.81 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-42-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e4d7b0ab2a63d9da9ea5145f685d46e22ab45aa46d60a4612fd66bdad0d964f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Mon, 30 Sep 2024 13:33:36 GMT
Content-Length
1396
Date
Mon, 30 Sep 2024 12:33:36 GMT
Content-Type
application/javascript
dtscout
pd.sharethis.com/pd/
2 KB
3 KB
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.47.114 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-47-114.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d63ef8448d338eacee789785800627f2b51c0102c95cd85118a31e61bcf3c927
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
2444
Date
Mon, 30 Sep 2024 12:33:36 GMT
Content-Type
application/javascript
Connection
keep-alive
afwu.js
cdn.tynt.com/
19 KB
6 KB
Script
General
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"651ed188-4c00"
age
99867
cf-ray
8cb43e0849893710-MIA
expires
Thu, 03 Oct 2024 12:33:36 GMT
date
Mon, 30 Sep 2024 12:33:36 GMT
content-type
application/javascript
last-modified
Thu, 05 Oct 2023 15:08:56 GMT
vary
Accept-Encoding
server
cloudflare
/
t.dtscout.com/pv/
51 B
386 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=rxxwin.com&_ss=53tcwa8n7e&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=6iex&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e54e1e968b5c7ccd15f846afb0f963df377dede1f1482519daf1db49f5f6809

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBi5NelaEoCa6tvgs4AIn0FHYJlDdA58%2F9P201Qd2FNpl%2FLBxJ8eZgDg6LgtRCpslLDUypKNb%2BKevIA6XtzktFrjooonp4jNAqWIZV1T2Mo2UlLwx6OsboCfVhVGwiRFaZ%2BIG5vDV4xTRhw%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.12
cf-ray
8cb43e07eebd0a36-MIA
expires
Mon, 30 Sep 2024 12:33:35 GMT
date
Mon, 30 Sep 2024 12:33:36 GMT
content-type
application/javascript
server
cloudflare
p
ic.tynt.com/b/
35 B
648 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1727699616122&dn=AFWU&iso=0&pu=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&t=GASPOL-LED&chmob=0
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
etag
"4bc8846c-23"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
accept-ranges
bytes
content-length
35
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Mon, 30 Sep 2024 12:33:36 GMT
content-type
image/gif
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
62 KB
19 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2afd7a7856345176e1c9c378191ae043"
age
25189
via
1.1 57eada8217c838cfdc4ec177bbe3523c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
H1yDx3eNQ42q9pf3AlZrIJvyTk0QVfLAj6cCiz5Ifb8TyAtvav9XXw==
date
Mon, 30 Sep 2024 05:51:29 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
/
t.dtscdn.com/widget/
0
597 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=4C3017276996155B6AB80A892A796640&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mSWrWStMrsQQRWYtDGcxQHBtFchy5B8le696RQ5GuvEWIid1bnKaZvHxVyNVnkhQ99y3HJ8WIv9E65EJdX9mdo3fnTUFia%2FJ7OVWndCMo5%2BOfSrp8cyY%2FlhZaMPEP7dhzdzaDCutleswxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-t
1.01
cf-ray
8cb43e09ec67a4cd-MIA
expires
Mon, 30 Sep 2024 09:51:39 GMT
date
Mon, 30 Sep 2024 12:33:36 GMT
content-type
application/javascript; charset=UTF-8
x-server
web14.ny1.dtscdn.com
server
cloudflare
52799
stags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C3017276996155B6AB80A892A796640
  • https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
  • https://stags.bluekai.com/site/52799?id=05d5a95196b02271
62 B
428 B
Image
General
Full URL
https://stags.bluekai.com/site/52799?id=05d5a95196b02271
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Server
184.50.205.247 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-50-205-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
date
Mon, 30 Sep 2024 12:33:36 GMT
content-type
image/gif

Redirect headers

location
https://stags.bluekai.com/site/52799?id=05d5a95196b02271
content-length
0
t_.htm
pxdrop.lijit.com/a/ Frame 9F6D
0
0
Document
General
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1550.828&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=rxxwin.com&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.33.42.82 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-42-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://rxxwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Mon, 30 Sep 2024 12:33:36 GMT
Expires
Mon, 07 Oct 2024 12:33:36 GMT
X-Robots-Tag
noindex, nofollow
t.dhj
t.sharethis.com/1/k/
2 KB
2 KB
Script
General
Full URL
https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.42097522116529196&stid=ZGEAAWb6mqAAAAAJXaGSAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.61 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-61.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d7826299805a990e123b9e5be2c7491d2fe833dbbdabe4c44262f8fbd151908
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Mon, 30 Sep 2024 13:33:36 GMT
Content-Length
1384
Date
Mon, 30 Sep 2024 12:33:36 GMT
Content-Type
application/javascript
dtscout
pd.sharethis.com/pd/
42 B
265 B
Image
General
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&event_source=dtscout&rnd=0.42097522116529196&exptid=ZGEAAWb6mqAAAAAJXaGSAw%3D%3D&fcmp=false
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.13.47.114 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-13-47-114.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
X-Robots-Tag
noindex, nofollow
Content-Length
42
Date
Mon, 30 Sep 2024 12:33:36 GMT
Content-Type
image/gif
Connection
keep-alive
v2
de.tynt.com/deb/
1 KB
2 KB
Script
General
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
048321871c7866c02f151022180491c5dafe443205fe11ce583a1bd9bb0762dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1529
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date
Mon, 30 Sep 2024 12:33:36 GMT
content-type
application/javascript
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1727699616409.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1727699616409.1
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjMtQUw0NXEta0JpZy1KS0k1SC0wUFBaNFRuV1BkTmhpVkVLdFJqMzFWRkE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MjMtQUw0NXEta0JpZy1KS0k1SC0wUFBaNFRuV1BkTmhpVkVLdFJqMzFWRkE&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENZi9wT7ZEaQJwJ6YLrKl6Y&google_cver=1
70 B
440 B
Image
General
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENZi9wT7ZEaQJwJ6YLrKl6Y&google_cver=1
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
HTTP/1.1
Server
52.54.69.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-69-117.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Date
Mon, 30 Sep 2024 12:33:37 GMT
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENZi9wT7ZEaQJwJ6YLrKl6Y&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
375
date
Mon, 30 Sep 2024 12:33:37 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&_rand=1727699616409.2
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&_rand=1727699616409.2&expected_cookie=2d7cfd01-4e10-4e5e-a2df-6374eae9d160
0
357 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&_rand=1727699616409.2&expected_cookie=2d7cfd01-4e10-4e5e-a2df-6374eae9d160
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-msedge-ref
Ref A: 679AC63566194E28B6B99E5C66677259 Ref B: MIAEDGE2917 Ref C: 2024-09-30T12:33:36Z
x-li-fabric
prod-lor1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYjVWnuhMhs2LB3A730Tw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 30 Sep 2024 12:33:36 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
/db_sync?pid=15927&puuid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&_rand=1727699616409.2&expected_cookie=2d7cfd01-4e10-4e5e-a2df-6374eae9d160
x-msedge-ref
Ref A: A09C83EB37DB4F50A26602BE8566D6DB Ref B: MIAEDGE2917 Ref C: 2024-09-30T12:33:36Z
x-li-fabric
prod-lor1
x-li-uuid
AAYjVWnssGz1GxspTKtGMA==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 30 Sep 2024 12:33:36 GMT
10e479a6-ffa7-41f2-87b7-6d8d8f913d07
map.go.affec.tv/map/ttd/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&ts=1727699616409.3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D66fa9aa0d5024c000168156e%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D66fa9aa0d5024c000168156e%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
  • https://map.go.affec.tv/map/an/7551803593484917628?ch=66fa9aa0d5024c000168156e&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://map.go.affec.tv/map/ttd/10e479a6-ffa7-41f2-87b7-6d8d8f913d07?ttd_puid=&gdpr=0&gdpr_consent=
0
562 B
Image
General
Full URL
https://map.go.affec.tv/map/ttd/10e479a6-ffa7-41f2-87b7-6d8d8f913d07?ttd_puid=&gdpr=0&gdpr_consent=
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Server
54.174.150.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-150-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

date
Mon, 30 Sep 2024 12:33:37 GMT
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

location
https://map.go.affec.tv/map/ttd/10e479a6-ffa7-41f2-87b7-6d8d8f913d07?ttd_puid=&gdpr=0&gdpr_consent=
content-length
229
date
Mon, 30 Sep 2024 12:33:37 GMT
server
Kestrel
sync
pippio.com/api/
Redirect Chain
  • https://live.rezync.com/sync/?c=4656c20ee35215f78e9273796625d90b&p=cab5a4722e64fa65aba8e60b6da5d556&pid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&pcat=&pdev=&pctry=US&referrer=https%3A%2F%2Frxxwin.com%2Frx.php%...
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=7bd38fcc-6f75-40c4-8096-2d3655937e9d%3A1727699616.6428924&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D7bd38fcc-6f75-40c4...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969470229184758589&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D7bd38fc...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=7bd38fcc-6f75-40c4-8096-2d3655937e9d%3A1727699616.6428924&pid=500040&it=1&iv=7bd38fcc-6f75-40c4-8096-2d3655937e9d%3A1727699616.6428924&_=172...
  • https://i.liadm.com/s/56409?bidder_id=200442&it=1&bidder_uuid=7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924&pid=500040&_li_chk=true&_=1727699616.6448224&iv=7bd38fcc-6f75-40c4-8096-2d36559...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1727699616.6448224&iv=7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924
42 B
344 B
Image
General
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1727699616.6448224&iv=7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 30 Sep 2024 12:33:37 GMT
content-type
image/gif

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://pippio.com/api/sync?it=1&pid=500040&_=1727699616.6448224&iv=7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924
Content-Length
0
Date
Mon, 30 Sep 2024 12:33:37 GMT
Request-Time
0
Connection
keep-alive
v2
usermatch.krxd.net/um/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&random=1727699616409.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&random=1727699616409.5&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6d904f3e-7826-4ced-a8d1-5a35eabcdddb%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6d904f3e-7826-4ced-a8d1-5a35eabcdddb%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=10e479a6-ffa7-41f2-87b7-6d8d8f913d07&ttd_puid=6d904f3e-7826-4ced-a8d1-5a35eabcdddb%2Chttps%253A%252F%252Fusermatch.krxd.n...
  • https://usermatch.krxd.net/um/v2?partner=tapad
0
0

405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&rand=1727699616409.6
  • https://idsync.rlcdn.com/405716.gif?partner_uid=212814240041158
42 B
441 B
Image
General
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=212814240041158
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Mon, 30 Sep 2024 12:33:36 GMT
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, must-revalidate
location
https://idsync.rlcdn.com/405716.gif?partner_uid=212814240041158
pragma
no-cache
referrer-policy
unsafe-url
expires
Thu, 01-Jan-70 00:00:01 GMT
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
0
date
Mon, 30 Sep 2024 12:33:36 GMT
server
33XP007
bounce
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKR2b6mqAiyxc5C66SAg%3D%3D&us_privacy=&random=1727699616409.7&pu=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=212813392945264&seg_code=33x&random=1727699616
  • https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212813392945264%26seg_code%3D33x%26random%3D1727699616
43 B
1 KB
Image
General
Full URL
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212813392945264%26seg_code%3D33x%26random%3D1727699616
Requested by
Host: rxxwin.com
URL: https://rxxwin.com/rx.php?sub=SALE
Protocol
H2
Server
68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
38.132.118.77; 38.132.118.77; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
02ac5da5-332c-40ef-95b5-94cfa331822b
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 30 Sep 2024 12:33:37 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://secure.adnxs.com/bounce?%2Fmapuid%3Ft%3D2%26member%3D1001%26user%3D212813392945264%26seg_code%3D33x%26random%3D1727699616
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
38.132.118.77; 38.132.118.77; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
163ab49c-bd18-4b0c-b2e0-c6fbaf3c43cb
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Mon, 30 Sep 2024 12:33:36 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
t_.htm
t.sharethis.com/a/ Frame B925
0
0
Document
General
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1523.23404&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=C&rnd=0.42097522116529196&stid=ZGEAAWb6mqAAAAAJXaGSAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.88.69 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-88-69.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://rxxwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Mon, 30 Sep 2024 12:33:36 GMT
Expires
Mon, 07 Oct 2024 12:33:36 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://rxxwin.com/

Response headers

content-encoding
gzip
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
age
69355
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
kPT_sgxAHr0RAHEM5uhgs7G6b7HxikRDD-kT6CpEiAt2hNcxDiZkrQ==
date
Sun, 29 Sep 2024 17:17:43 GMT
content-type
application/json
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
cache-control
public, max-age=86400
via
1.1 77c1752e5c6dfb050c6304b9d473a1e2.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
53354721
smrturl.co/o/516768/
755 B
816 B
Document
General
Full URL
https://smrturl.co/o/516768/53354721?s1=SALE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash
943934a45c164089d854f9f408a639cc68e1fc8cfac7d3880e6a77c5c49fb582

Request headers

Referer
https://rxxwin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cb43e11fa81a51c-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 30 Sep 2024 12:33:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOOQTa5R9lLPkKMVaft2ovhiU5BJYg50EluxMIylXbCOjqMDAGi26YAIY0EUHJ8Rj1fqIePyICyHqO7BnqH89d69Y0jO%2BUMIHCuMuGHVch9CGrymhx8nxeWCtXkh"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
x-powered-by
PHP/7.4.11
/
t.dtscout.com/pv/
0
336 B
Ping
General
Full URL
https://t.dtscout.com/pv/
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frxxwin.com%2Frx.php%3Fsub%3DSALE&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryh8giXSLMAWAefHHa
Referer
https://rxxwin.com/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8U%2Fy%2Bwyluaj7DoXYconC51DGJ6SzlDS5CFSMMTAZlhnC3CDIK8I5WQoh1an4FP0JuRmPMECKlwRQi6UTjKbTNn3Bmp%2B6ZTGwDv6KhLDz58X%2F25IaP3K96NvyeGi5QwyEcqC9n%2BfGk9%2FpznQ%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.187
cf-ray
8cb43e11ae1f0a36-MIA
expires
Mon, 30 Sep 2024 12:33:36 GMT
date
Mon, 30 Sep 2024 12:33:37 GMT
content-type
application/javascript
server
cloudflare
favicon.ico
rxxwin.com/
22 KB
8 KB
Other
General
Full URL
https://rxxwin.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
153.92.9.122 Jakarta, Indonesia, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/5.6.40
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rxxwin.com/rx.php?sub=SALE

Response headers

platform
hostinger
content-security-policy
upgrade-insecure-requests
content-encoding
br
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
date
Mon, 30 Sep 2024 12:33:37 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.6.40
vary
Accept-Encoding
server
LiteSpeed
panel
hpanel
data
bcp.crwdcntrl.net/6/
0
0

speculation
smrturl.co/cdn-cgi/
128 B
524 B
Other
General
Full URL
https://smrturl.co/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://smrturl.co
Referer
https://smrturl.co/o/516768/53354721?s1=SALE

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mO3FcybLRmmO3vH3iLq%2Bl76tusQe1yAcwVWZiStTiF44J%2BSnWGxLAbQafu6tdPsPMf1Xn0So23Y%2BapegoHgcRI0pT9CKRy2MP1hgLSDn7f96ygK8mhQxHcs9c3gf"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e147df7a51c-MIA
access-control-allow-origin
https://smrturl.co
content-length
128
date
Mon, 30 Sep 2024 12:33:37 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
lmain
rewardzinga.com/
Redirect Chain
  • https://fly.bluejaymobi.com/click?pid=3554&offer_id=86793&sub2=Cdb2c23fae9531&sub5=516768&sub6=https%3A%2F%2Frxxwin.com%2F&sub7=https%3A%2F%2Frxxwin.com%2F
  • https://www.mzbvbn8trk.com/4DBH1D/PS824/?uid=509&sub3=66fa9aa2b8d03300011e8b42&sub1=3554&sub2=516768
  • https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989e42bd1efc77e76&campaignid=15&sid3=66fa9aa2b8d03300011e8b42&first_name=&last_name=&email=&address1...
2 KB
1 KB
Document
General
Full URL
https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989e42bd1efc77e76&campaignid=15&sid3=66fa9aa2b8d03300011e8b42&first_name=&last_name=&email=&address1=&address2=&city=&state=&zip=&phone=&gender=&dob=
Requested by
Host: smrturl.co
URL: https://smrturl.co/o/516768/53354721?s1=SALE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8cd6fe7805fbff49ad7703c41483700c5d2b6cb453e2a0e7da4be6e770347fd2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cb43e184d123dd7-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 12:33:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IHO0SekEXokSx%2B6pHUBPX4IeNuzzepLo%2FLwASHPCZQF097F9pe8E6t4Trs%2BiOf79MtT1k8%2BaCy5JzpkqNEFQRCq0wtW%2BtdcRhilel5y9JEd9lebsZLtNt2hKmPj9uda4%2BY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
Express

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 12:33:38 GMT
location
https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989e42bd1efc77e76&campaignid=15&sid3=66fa9aa2b8d03300011e8b42&first_name=&last_name=&email=&address1=&address2=&city=&state=&zip=&phone=&gender=&dob=
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
5cf548e4-32a9-4a81-86e2-eaf876cf0888
favicon.ico
smrturl.co/
13 B
515 B
Other
General
Full URL
https://smrturl.co/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.11
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
4559
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H7WTX3koH7Tu5K9DXZbpYEwKqH1ZcZhAP5FQMQ%2BE7tt3GGNSJwsdQZOtRr16IiQmw1nO31WvhROD0IfeBzhcno6Jlx7D7l%2BTkNfUaVo%2Bp37%2FiXFZvHRnkBLEIbzQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e14ae37a51c-MIA
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 12:33:38 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 11:17:39 GMT
speculation
rewardzinga.com/cdn-cgi/
128 B
541 B
Other
General
Full URL
https://rewardzinga.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rewardzinga.com
Referer
https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989e42bd1efc77e76&campaignid=15&sid3=66fa9aa2b8d03300011e8b42&first_name=&last_name=&email=&address1=&address2=&city=&state=&zip=&phone=&gender=&dob=

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=COQQlLLeDFSJ%2FYCU3iHPYHIEbNKzVgpqa0g%2FMol%2BzmiCYoqJ2DwFFFVK45fmsMv6HVMKuo4HGevhsLcwv8cic6x6MsqDZNkprg1%2BMICJRw1Ny38ALQkGXVaDdN9B28GMokU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1bd8b63dd7-MIA
access-control-allow-origin
https://rewardzinga.com
content-length
128
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
Primary Request 750-amazon-rewards-v-4
30.rewardzinga.com/
122 KB
26 KB
Document
General
Full URL
https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ac1e8ab1154217b676a9e8050b729dc224e6581877f61c08cca8ba638465f66f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://rewardzinga.com
Referer
https://rewardzinga.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8cb43e1c28f93dd7-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 12:33:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3S%2BZhHLaydvXIeXq6wYAnuBk6uUBZilut2fboMnnGnk2Xo9EwwWON0F0%2B0a9qrXUjUccaB%2B%2FBnIWVMa%2BbKbiMo9wg0EmlLF17QjYmOHRvqsf0zyd0qyfMJGfr1%2BEKlImkfBETA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-powered-by
Express
favicon.ico
rewardzinga.com/
10 KB
3 KB
Other
General
Full URL
https://rewardzinga.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rewardzinga.com/lmain?aid=10944&pid=3540&sid1=3554&sid2=516768&externalid=64653993aff64e7989e42bd1efc77e76&campaignid=15&sid3=66fa9aa2b8d03300011e8b42&first_name=&last_name=&email=&address1=&address2=&city=&state=&zip=&phone=&gender=&dob=

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
783
speculation-rules
"/cdn-cgi/speculation"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4Cn4P%2B0ib0TQ%2F26U%2FR02HtW2jFv4D5VBAWPTZBJDa0PqTdVeuTWGFq9sBFRyMVYCreviQHul%2BwahLPXbOXhruLKmPCSS4sBczIXR6mtJQN0PfNm%2FcFL4nsjH%2FrytnJNyjQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1c08e73dd7-MIA
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
Express
server
cloudflare
x-frame-options
SAMEORIGIN
css2
fonts.googleapis.com/
2 KB
604 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Yellowtail&family=Work+Sans&display=swap
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4b0a7093414a51ee870a011cdd3a02b85a07679b30dc3fd05cf3c362c5541398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 12:33:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
all.css
use.fontawesome.com/releases/v5.7.2/css/
53 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://30.rewardzinga.com
Referer
https://30.rewardzinga.com/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
age
30818
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7ILPDgUEZOsrCQtIhJkA026S7xIiSeeAEl%2FnRsLzflSfAGcREShD6ySXO%2B0xoGBqoWANF2dRJ%2BE%2B%2BYdxKe6hpJotdoSMjMthHt9ATMLl8RY6IhFnvO1APMs8gjDSxFdTwZlcsBnyYWpPkipNtgnTtjJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e225fe7da6f-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:45:51 GMT
vary
Origin, Accept-Encoding
server
cloudflare
mbm4hqk.css
use.typekit.net/
2 KB
859 B
Stylesheet
General
Full URL
https://use.typekit.net/mbm4hqk.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:8::1728:b32c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7bb363f145c893ca32ed5f9e330f9c94c5da6462611ac85bfbf22e3edbd2ae83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
636
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
bootstrap.min.css
30.rewardzinga.com/themes/myamericanprizes/assets/css/bootstrap/
152 KB
23 KB
Stylesheet
General
Full URL
https://30.rewardzinga.com/themes/myamericanprizes/assets/css/bootstrap/bootstrap.min.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0498163bb40b7944e36fef5b0b1730607365e90aeb1b335637d66fd384367029

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
30817
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dvGnWivn5VgIMzHacnf9By8p17ZB56%2B7n9%2FEDBRM0ZbJ18rbuDWQy8RkQ7jrFcnRcZVBbp4w3KiPTbKQmth4QxjmdCqsIUbVFub%2FTVfjvF33GQtmIelK9pBabEh6KP54cmSfzGY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1fac313dd7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
text/css
last-modified
Fri, 27 Sep 2024 18:33:31 GMT
vary
Accept-Encoding
server
cloudflare
line.css
unicons.iconscout.com/release/v4.0.0/css/
57 KB
10 KB
Stylesheet
General
Full URL
https://unicons.iconscout.com/release/v4.0.0/css/line.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.147.238 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b7b24020789a0b18782eb7a9236d863777dacdbdc5960555b7cfe17768e370

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
cf-bgj
minify
etag
W/"accdbde3b79ab05345137cafe7201b9d"
x-amz-version-id
x9j2dixZovbp4pqDw7Sco3szB8ofmJVA
cf-cache-status
HIT
age
1423323
expires
Tue, 30 Sep 2025 12:33:39 GMT
cf-polished
origSize=66419
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
text/css
last-modified
Thu, 20 May 2021 04:30:22 GMT
vary
Accept-Encoding
x-amz-id-2
a2LHxCNbt4k5+FgrlHx3/cex2gFVwm128P4W821ENxIy6TWmxJSp0XkYqkzrDKXWce54n4kcEhY=
x-amz-replication-status
REPLICA
cache-control
public, max-age=31536000
x-amz-request-id
X3736XQWBKCHPY60
cf-ray
8cb43e1fef84335b-MIA
server
cloudflare
x-amz-server-side-encryption
AES256
main.css
30.rewardzinga.com/themes/myamericanprizes/assets/css/
81 KB
12 KB
Stylesheet
General
Full URL
https://30.rewardzinga.com/themes/myamericanprizes/assets/css/main.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc5d974282631e61bab8e209ddc26f6d8a5a8b7b3b42b2b34d37d84e87f2500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
30817
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQUDEAzOyoPK%2FLIrK4tbw2Rfs97%2BQqy3gpe%2FQyeJWkmfWjhL4f4VL1eWNVNiWcqIe84v3giks%2BfETIVvk2kMaaAWCgHfWAjyxJYioCaehj1Hw%2BlPMze%2BvpgGGQTpYcqrJEjulJ8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1fac353dd7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
text/css
last-modified
Sun, 29 Sep 2024 03:35:56 GMT
vary
Accept-Encoding
server
cloudflare
quill.snow.css
cdn.quilljs.com/1.2.6/
24 KB
4 KB
Stylesheet
General
Full URL
https://cdn.quilljs.com/1.2.6/quill.snow.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:28a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
etag
W/"9f6624fdd91fb800234c1afe33f6ecbe"
age
598938
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KykXjfC7Jjv6WH9irS3jLdgGfPKGAHrN0DNyxplf3O9o98OvvEopULRmcCUNyhsQ9YGeWToupEswi8Pugj9CM2DxSX2b1tFqLKnIB%2FgJs5xZtFMPb4q6zaSgRmvzqxjVLFeAwTgTDXvboLJ3NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cb43e202adb129b-MIA
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 22 Apr 2024 16:07:39 UTC
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
flow-container.css
api.tnapplications.com/assets/52836128-0644-496c-8907-d7f01d34423f/
1 KB
1 KB
Stylesheet
General
Full URL
https://api.tnapplications.com/assets/52836128-0644-496c-8907-d7f01d34423f/flow-container.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.146.146.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-146-68.compute-1.amazonaws.com
Software
/
Resource Hash
f2076a4682a514378b685990322026d78220fe75e367f4d35083ee8880d0ff7f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-store
content-length
1064
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css;charset=UTF-8
content-disposition
attachment; filename=flow-container.css; filename*=UTF-8''flow-container.css
flow-container.js
api.tnapplications.com/assets/52836128-0644-496c-8907-d7f01d34423f/
13 KB
13 KB
Script
General
Full URL
https://api.tnapplications.com/assets/52836128-0644-496c-8907-d7f01d34423f/flow-container.js
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.146.146.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-146-68.compute-1.amazonaws.com
Software
/
Resource Hash
e572a5835952a8da483940cd9dd2ec57767b8a59eba58a86eeeb3054692187c4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
cache-control
no-store
content-length
13481
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename=flow-container.js; filename*=UTF-8''flow-container.js
js
www.googletagmanager.com/gtag/
221 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12888496
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fa6a3964e0edc761d4d4bf36947372ca73d4ec95705008cba90b08264baa7b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80714
x-xss-protection
0
server
Google Tag Manager
viant_universal_pixel.js
js.ipredictive.com/
2 KB
3 KB
Script
General
Full URL
https://js.ipredictive.com/viant_universal_pixel.js
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-100.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37412337e0163886147739badedad9c26799fad86084b52a5694b96fd0ed4ed6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

vary
Origin
etag
"b9945c83287e6353c078adc3293e6d98"
age
152
via
1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2530
x-amz-cf-id
9AQySdE0Mr3OfvLcC33AZAYIHNBvBf8hSQIl0dGZGU2Oev1mFoyMiw==
date
Mon, 30 Sep 2024 12:31:09 GMT
content-type
application/javascript
last-modified
Tue, 20 Aug 2024 00:38:12 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
age
431932
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 12:34:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:34:48 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29440
x-xss-protection
0
server
sffe
remodal.min.js
30.rewardzinga.com/assets/js/
21 KB
5 KB
Script
General
Full URL
https://30.rewardzinga.com/assets/js/remodal.min.js
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
30794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWNYQat66ITf0D25Fpl%2FYjaEuwofeAQ3sHsvgNyg5wg7VYIQSMnv6ygJa9BiCsdMSRQWZGMBDK2B3o7HCtJ27Mhcac9WLH7knJJlMEthwQeBp1rtSFlJqR%2FPnaGFJjy7swu62iA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1fac363dd7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 18:33:30 GMT
vary
Accept-Encoding
server
cloudflare
lander.js
30.rewardzinga.com/assets/js/
68 KB
15 KB
Script
General
Full URL
https://30.rewardzinga.com/assets/js/lander.js
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f58674fc10ba5368ee6dd6208f97697aaeedd3b6db9137375fa96d7025c5c1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
30794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BmxKACw1oVSBSnxY7Rg4wdr47%2FfnlPwTFDqDcoGxbGefIz1vR1eyq%2BT2O1C7H5BlNrz8XFmamCULnDbI0r7Lz%2BEE91tMqg0wFPynt%2FMZt8HwjTQx%2BEL8akUq9%2ByxFRGSjQq0fI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1fac373dd7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 18:33:30 GMT
vary
Accept-Encoding
server
cloudflare
path-form.css
30.rewardzinga.com/assets/css/
191 B
553 B
Stylesheet
General
Full URL
https://30.rewardzinga.com/assets/css/path-form.css
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
age
30794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6f8UAUpG6LzeHQ0qRSIou%2FbAqOCezIouOV6Nku%2Fp2I0BpDDSPJ4qAunX%2FYRLUpE6oU3YelW75f%2BRqzjkdazQTVXQwvUQ2%2BEH8cZujDBiBv14zIhM0w4lVhowuqJXecu%2FBogdHI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1fac383dd7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
text/css
last-modified
Fri, 27 Sep 2024 18:33:30 GMT
vary
Accept-Encoding
server
cloudflare
css2
fonts.googleapis.com/
5 KB
898 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b818de2c395ec6bacd5f52b62f4625a1ecadb789c7c7e2f0edce314e3ddd5ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 10:55:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea1ac21fa65ac3003d8b1a3fde6c30ae453782946cd8e4bc3a9643a3364cb30c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 12:26:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
2 KB
697 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8910eb7147c93440e1664fa8d3f0a992d6b2dfbbe20d4b05f448a26a7869f85e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 11:46:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
1720651048521
ppe-userenroll-assets.s3.amazonaws.com/
23 KB
23 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1720651048521
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7fde03bacf5bd5415581b51f2ddd3b0981c765d8c3d62fb49527c19512639757

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
LCMBCm12cdJnJXVleQDt5GU9K+dO7/etq5oLCUe0tysJUJkCdTtDK6kQouT5DCoiCnommeQb4ac=
ETag
"4d2175262a8754f07dbe9ce397900ad1"
x-amz-request-id
B7NE9DV7EHK9ZW9N
Accept-Ranges
bytes
Content-Length
23155
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Wed, 10 Jul 2024 22:37:29 GMT
Content-Type
image/svg+xml
Server
AmazonS3
x-amz-server-side-encryption
AES256
1720650132399
ppe-userenroll-assets.s3.amazonaws.com/
585 B
1011 B
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1720650132399
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6d92bce1d57f204f7e60645630e460c8d665ce6b023462dd9d79a6cab811f5af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
4l9D6swhvhCDgSj/+7WzqSbj+99SKJThqFbhjuY8q67ytyfj0Kk27RrJ8r4AuemY5Ards0Ni4jU=
ETag
"d084c367440d34ac7bfa3f2ccb264c75"
x-amz-request-id
B7NDFPGZYM98A7TX
Accept-Ranges
bytes
Content-Length
585
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Wed, 10 Jul 2024 22:22:13 GMT
Content-Type
image/svg+xml
Server
AmazonS3
x-amz-server-side-encryption
AES256
1722284720524
ppe-userenroll-assets.s3.amazonaws.com/
10 KB
11 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1722284720524
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a5a9a43642bd14df62cff9d73ce5d847f12a6c48b696d3fa71854dc034c974fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
Qn52fEAEnYRNjF3xJ06Ud0bJzW+HOOGhhRJll7Q2OcMnicLLO+C1v+ksjIfA8c2uvIGjqK7KVGk=
ETag
"612b11cd8125425e2000737794874f59"
x-amz-request-id
B7NFGCEGTHV9NV69
Accept-Ranges
bytes
Content-Length
10741
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Mon, 29 Jul 2024 20:25:21 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
1719934773143
ppe-userenroll-assets.s3.amazonaws.com/
8 KB
9 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1719934773143
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
393a16292611f3d1e36178bbc233a067b88dcc502a5c500ad2036d6524e878b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
e4cqFplcK3ABcar3RV6SHbX/1jXdC8a2AfmW0UqtMYtSGbEPiVHxiwuuFfw012Y/CYGOPsDZ1fU=
ETag
"6f86e0683821b75b5ec725ccc2f26b3b"
x-amz-request-id
B7N4PW5BGMPSGK1M
Accept-Ranges
bytes
Content-Length
8687
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Tue, 02 Jul 2024 15:39:34 GMT
Content-Type
image/svg+xml
Server
AmazonS3
x-amz-server-side-encryption
AES256
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=mbm4hqk&ht=tk&f=28128.28129&a=30457842&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/mbm4hqk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:8::1728:b323 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"65edab1d-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css
last-modified
Sun, 10 Mar 2024 12:44:13 GMT
server
nginx
collect
telemetry.partners.prod.minionplatform.com/
0
107 B
Ping
General
Full URL
https://telemetry.partners.prod.minionplatform.com/collect
Requested by
Host: api.tnapplications.com
URL: https://api.tnapplications.com/assets/52836128-0644-496c-8907-d7f01d34423f/flow-container.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.93.26.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-26-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://30.rewardzinga.com/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-origin
*
content-length
0
date
Mon, 30 Sep 2024 12:33:40 GMT
gtm.js
www.googletagmanager.com/
202 KB
72 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDTRTSZG
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3095756253bb9495fe769862510c1dae8ece1e41b5e80928c185d4fe0c32e7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 30 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
73668
x-xss-protection
0
server
Google Tag Manager
6682e3bdc751e60013d456c9
api.pushnami.com/scripts/v1/pushnami-adv/
100 KB
21 KB
Script
General
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/6682e3bdc751e60013d456c9
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-33.jfk50.r.cloudfront.net
Software
/
Resource Hash
afbcd2b84998dd94552587f80c314db63a04495b27c348c7dfdd05530a1f3325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

cache-control
no-cache
content-encoding
gzip
age
273
via
1.1 3b596e6534b28f6cf60d32fc6bf542dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
H5o-sKKhuApzvC5nykqfNXYKr19Cl8hFv7WoB63_mlXEqSaupMoPkg==
date
Mon, 30 Sep 2024 12:29:07 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
x-amz-cf-pop
JFK50-P7
css2
fonts.googleapis.com/
5 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b818de2c395ec6bacd5f52b62f4625a1ecadb789c7c7e2f0edce314e3ddd5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 10:55:58 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
1721761880132
ppe-userenroll-assets.s3.amazonaws.com/
16 KB
16 KB
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1721761880132
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6a8c983ca3a6566389183bd65f45f55446821939297e049032f683ff4a8572e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
image
x-amz-id-2
WwzA1NMlDcKsdot7LnXkAMRd/RyL0COt5R9whhRq+uoVPRRGBBYZCLeZkt7R2pAieS6YBMPTm9A=
ETag
"4143916622e899f2d4412f91e8ed87eb"
x-amz-request-id
B7NCBP6YY304ZH0J
Accept-Ranges
bytes
Content-Length
16256
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Tue, 23 Jul 2024 19:11:21 GMT
Content-Type
image/webp
Server
AmazonS3
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/
5 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea1ac21fa65ac3003d8b1a3fde6c30ae453782946cd8e4bc3a9643a3364cb30c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Sep 2024 12:26:51 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false
16 KB
6 KB
Script
General
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Server
2600:9000:21dd:f200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eb8b05089b753663acfc4e99d629a52b3e24820fc15278ffe083096d2d56f09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-cf-pop
EWR53-C2
content-encoding
gzip
x-amz-version-id
Zi0t0xxZO4o3vJw_BYLnfUU1uwFoytrz
etag
W/"b3bc785786206e7500d411bc5be1ffa5"
via
1.1 1f4c9bd672bb89060a69b305de06ad0e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
0fDqMjAo1Sishve5P3HDRClWLjX6ZwPh0dXIOfJLX-ByIcG3QdSwPA==
date
Mon, 30 Sep 2024 12:33:42 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 23 Sep 2024 18:27:04 GMT

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false
content-length
134
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/html
server
awselb/2.0
69edb21f-622d-aa73-7e7b-1cdc74465e7a.js
create.lidstatic.com/campaign/
118 KB
38 KB
Script
General
Full URL
https://create.lidstatic.com/campaign/69edb21f-622d-aa73-7e7b-1cdc74465e7a.js?snippet_version=2
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa69508da55ef61f655cdec0b6182e615af15d1bd02dbd5bc08a12431884907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4f239f31b955ed5a1c7fa4398bc1dba2"
x-amz-version-id
d0.Bd7slMo.H31zm2IfFosWHEJtoqsMZ
age
922
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
text/javascript
last-modified
Mon, 15 Jul 2024 17:19:05 GMT
vary
Accept-Encoding
x-amz-id-2
TvDr7dJMI+MLdnviEY/WTodD9aTJ+Z9nIRnYZoXuVM/lWhVwaShUv+Sawk/S8XoHL84cIPygOH4=
x-amz-replication-status
COMPLETED
cache-control
max-age=1800
x-amz-request-id
G9AT0H6JF8PJCPG0
cf-ray
8cb43e25bf8adac1-MIA
access-control-allow-origin
*
server
cloudflare
x-amz-server-side-encryption
AES256
remodal.min.js
30.rewardzinga.com/assets/js/
21 KB
0
Script
General
Full URL
https://30.rewardzinga.com/assets/js/remodal.min.js
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
HIT
age
30794
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWNYQat66ITf0D25Fpl%2FYjaEuwofeAQ3sHsvgNyg5wg7VYIQSMnv6ygJa9BiCsdMSRQWZGMBDK2B3o7HCtJ27Mhcac9WLH7knJJlMEthwQeBp1rtSFlJqR%2FPnaGFJjy7swu62iA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e1fac363dd7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Mon, 30 Sep 2024 12:33:39 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 18:33:30 GMT
vary
Accept-Encoding
server
cloudflare
helvetica-webfont.woff2
30.rewardzinga.com/themes/myamericanprizes/assets/fonts/
19 KB
19 KB
Font
General
Full URL
https://30.rewardzinga.com/themes/myamericanprizes/assets/fonts/helvetica-webfont.woff2
Requested by
Host: 30.rewardzinga.com
URL: https://30.rewardzinga.com/themes/myamericanprizes/assets/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a040842c270da63a354e4ab6bb4320a1b02280c4bc3b2bd36247385cccd7f5bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://30.rewardzinga.com
Referer
https://30.rewardzinga.com/themes/myamericanprizes/assets/css/main.css

Response headers

cache-control
public, max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
30818
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bz4zsBGmIdGSNIBeY59R3hr%2BlQ9H2QKodpgZVfeww97c3mJi7Jk8LLH6IfNpgsMtzGNDN4tapwCaexxpMJJIkHX4F6zhBbneOuJf1qUdDSMMovLhYqLm1AxFPnrDlFs%2B6Zr0FQc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e2579b03dd7-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
19304
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
font/woff2
last-modified
Fri, 27 Sep 2024 18:33:31 GMT
vary
Accept-Encoding
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://30.rewardzinga.com
Referer
https://fonts.googleapis.com/

Response headers

age
566393
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 23 Sep 2025 23:13:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Sep 2024 23:13:47 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,300..900;1,300..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://30.rewardzinga.com
Referer
https://fonts.googleapis.com/

Response headers

age
431557
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 12:41:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 12:41:03 GMT
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35448
x-xss-protection
0
server
sffe
submit
30.rewardzinga.com/api/session/
29 KB
6 KB
XHR
General
Full URL
https://30.rewardzinga.com/api/session/submit
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a17a5c701ec27afaf20920f87c1b225f998c8554b51c9f6977e047719e00f338
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://30.rewardzinga.com/750-amazon-rewards-v-4
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"7452-TpFx+2TSLxmQpkdRynsMlaKzlIA"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sinrXZuCIvInMmRli%2B5sCmVfrJf5%2FEBdWa1rlhgR1%2FEIRuroXBMsaCqyCHAHQm8lhw4O82TgoqASgrt849Gjhq%2Fio7OmVgvQTaAgrDj0OaMDydpik0gpURyI3toBshBc%2FGAne8w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cb43e2569a63dd7-MIA
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-powered-by
Express
server
cloudflare
x-frame-options
SAMEORIGIN
event
ad.ipredictive.com/d/track/ Frame 2B1D
0
0
Document
General
Full URL
https://ad.ipredictive.com/d/track/event?upid=111974&cache_buster=1727699620&url=https%3A%2F%2F30.rewardzinga.com%2F750-amazon-rewards-v-4&ps=0
Requested by
Host: js.ipredictive.com
URL: https://js.ipredictive.com/viant_universal_pixel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.145.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-145-167.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://30.rewardzinga.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Mon, 30 Sep 2024 12:33:40 GMT
X-CI-RTID
f0b85a1f-f311-4210-b6cb-7a0cb03907d1
GenerateToken
create.leadid.com/2.15.0/
36 B
659 B
XHR
General
Full URL
https://create.leadid.com/2.15.0/GenerateToken?msn=1&pid=cc79e577-9f33-4680-bb28-5ae9b74195b5&_=152943136
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/69edb21f-622d-aa73-7e7b-1cdc74465e7a.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.205.0.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-0-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
275469608f7a043cced2ca5f960b0bd557c19e22a3a543d4a630636fe615c413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://30.rewardzinga.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
js
www.googletagmanager.com/gtag/
321 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N68EZPQBD3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDTRTSZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80dd786ddc53bf74ce30f80d9cfebae5b195dffbc927e7630fa073e02fc05a96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 30 Sep 2024 12:33:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107896
x-xss-protection
0
server
Google Tag Manager
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame A93A
0
0
Document
General
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=9618000B-8250-D9F3-D88C-3225DB8AB75B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=69EDB21F-622D-AA73-7E7B-1CDC74465E7A&lac=9F3784C7-6949-6299-8003-1FE5AA121320
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/69edb21f-622d-aa73-7e7b-1cdc74465e7a.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.168.96.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-96-129.jfk52.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://30.rewardzinga.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
14600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 30 Sep 2024 08:30:21 GMT
Etag
W/"668f4bcd-dbb"
Last-Modified
Thu, 11 Jul 2024 03:04:45 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 6f0d33f9dc4943769155e0d17d0458aa.cloudfront.net (CloudFront)
X-Amz-Cf-Id
pWz6GYnSK8fmyMbvXLgGycIQTdDMdYN0Lnwq2LmgfOs6sfDC-1ss7A==
X-Amz-Cf-Pop
JFK52-P6
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.15.0/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.15.0/SaveDom?msn=2&pid=cc79e577-9f33-4680-bb28-5ae9b74195b5&token=9618000B-8250-D9F3-D88C-3225DB8AB75B&_=152943137
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/69edb21f-622d-aa73-7e7b-1cdc74465e7a.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.205.0.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-0-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://30.rewardzinga.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
InitFormData
create.leadid.com/2.15.0/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.15.0/InitFormData?msn=3&pid=cc79e577-9f33-4680-bb28-5ae9b74195b5&token=9618000B-8250-D9F3-D88C-3225DB8AB75B&_=152943138
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/69edb21f-622d-aa73-7e7b-1cdc74465e7a.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.205.0.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-0-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://30.rewardzinga.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N68EZPQBD3&gtm=45je49p0v9165362096z89165350925za200zb9165350925&_p=1727699620645&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686684~101747727&cid=314755151.1727699621&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727699621&sct=1&seg=0&dl=https%3A%2F%2F30.rewardzinga.com%2F750-amazon-rewards-v-4&dr=https%3A%2F%2Frewardzinga.com%2F&dt=RewardZinga&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1944
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N68EZPQBD3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://30.rewardzinga.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N68EZPQBD3&gtm=45je49p0v9165362096z89165350925za200zb9165350925&_p=1727699620645&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686684~101747727&cid=314755151.1727699621&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1727699621&sct=1&seg=0&dl=https%3A%2F%2F30.rewardzinga.com%2F750-amazon-rewards-v-4&dr=https%3A%2F%2Frewardzinga.com%2F&dt=RewardZinga&en=PageView&_et=4&tfd=1962
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N68EZPQBD3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://30.rewardzinga.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
text/plain
server
Golfe2
Snap
create.leadid.com/2.15.0/
0
622 B
XHR
General
Full URL
https://create.leadid.com/2.15.0/Snap?msn=4&pid=cc79e577-9f33-4680-bb28-5ae9b74195b5&token=9618000B-8250-D9F3-D88C-3225DB8AB75B&_=152943139
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/69edb21f-622d-aa73-7e7b-1cdc74465e7a.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.205.0.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-0-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://30.rewardzinga.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
expires
Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
text/plain;charset=UTF-8
server
nginx
access-control-allow-headers
X-Requested-With, Content-Type
hub
api.pushnami.com/scripts/v1/ Frame 66C2
0
0
Document
General
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6682e3bdc751e60013d456c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-56.jfk50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://30.rewardzinga.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
3446
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Mon, 30 Sep 2024 11:36:15 GMT
vary
accept-encoding
via
1.1 7c1248297a08764c17a9223ad5c211f8.cloudfront.net (CloudFront)
x-amz-cf-id
qwvxdjhEC1pPv3zPxcOJzkAYcQn_5LDto_xKVijolhDGW3I2REqZJA==
x-amz-cf-pop
JFK50-P7
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
certs
api.trustedform.com/
474 B
685 B
XHR
General
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.112.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-112-165.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
0ba4f79e6f8f97eda24acdd03598519b6eaed819903c18263e46e4d09290711c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://30.rewardzinga.com/

Response headers

access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
474
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
application/json; charset=utf-8
server
Cowboy
pa-6571d423daab420012000423.js
rum-static.pingdom.net/
6 KB
3 KB
Script
General
Full URL
https://rum-static.pingdom.net/pa-6571d423daab420012000423.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDTRTSZG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:5d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad19eab4ad76649718538a270316785ca53ea078ddf9534ba0504d034028e630

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

cache-control
max-age=86400
content-encoding
gzip
cf-cache-status
HIT
etag
W/"63490024-1852"
age
12
cf-ray
8cb43e2c4a4221c7-MIA
expires
Mon, 30 Sep 2024 12:38:29 GMT
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:33:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 14 Oct 2022 06:22:28 GMT
vary
Accept-Encoding
server
cloudflare
beacon.gif
rum-collector-2.pingdom.net/img/
0
0

trustedform-1.9.25.js
cdn.trustedform.com/
98 KB
37 KB
Script
General
Full URL
https://cdn.trustedform.com/trustedform-1.9.25.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17276996206680.5835463751744232&invert_field_sensitivity=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:f200:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d5f1c0a62589e130e1df06260f2baddff459fee615183fe457009f097fa9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-cf-pop
EWR53-C2
content-encoding
gzip
x-amz-version-id
th1QTntZ0kkfxgBAyYad3OuQZtjnDdbF
etag
W/"e5efb6170f403c834bc84b1d77f73d94"
age
7
via
1.1 1f4c9bd672bb89060a69b305de06ad0e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
a3lpjloMOsljEd3bfVB_b5eIH-9elfYT3-k--CcIMVRPvbd6B3OJ1A==
date
Mon, 30 Sep 2024 12:33:38 GMT
content-type
application/javascript
vary
Accept-Encoding
server
AmazonS3
last-modified
Mon, 23 Sep 2024 18:27:04 GMT
psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
cdn.pushnami.com/js/exp/
32 KB
0
Script
General
Full URL
https://cdn.pushnami.com/js/exp/psfpv4_client_1.128.0_e69807988e393582df7e4f36997f32ce191eefb9bae310a2b10e144b1d3638f9.js
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6682e3bdc751e60013d456c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.91.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-91-110.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

content-encoding
utf-8
x-amz-version-id
iJVtw0MDnvg5Vkf9zg8GHQyDY6vN4ZdU
etag
"4b9f77845d59f14274d2b8d4b1112ca4"
age
3059
x-cache
Hit from cloudfront
x-amz-cf-id
PqR7A5h_IzAMLO0wDOQ0BlI5uj8Hkqqg91xDBgh5SUtwF-esTy-tTw==
date
Mon, 30 Sep 2024 11:42:44 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 12 Aug 2024 17:22:56 GMT
via
1.1 83e921b0368805d97d43167d106203f2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
340965
x-amz-cf-pop
JFK52-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
events
api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/
0
159 B
Ping
General
Full URL
https://api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.112.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-112-165.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://30.rewardzinga.com/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Sep 2024 12:33:42 GMT
server
Cowboy
access-control-allow-credentials
true
truncated
/ Frame
0
0

snapshot
api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/
0
0

fingerprints
api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/
0
0

1720651048521
ppe-userenroll-assets.s3.amazonaws.com/
23 KB
0
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1720651048521
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7fde03bacf5bd5415581b51f2ddd3b0981c765d8c3d62fb49527c19512639757

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
LCMBCm12cdJnJXVleQDt5GU9K+dO7/etq5oLCUe0tysJUJkCdTtDK6kQouT5DCoiCnommeQb4ac=
ETag
"4d2175262a8754f07dbe9ce397900ad1"
x-amz-request-id
B7NE9DV7EHK9ZW9N
Accept-Ranges
bytes
Content-Length
23155
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Wed, 10 Jul 2024 22:37:29 GMT
Content-Type
image/svg+xml
Server
AmazonS3
x-amz-server-side-encryption
AES256
1720650132399
ppe-userenroll-assets.s3.amazonaws.com/
585 B
0
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1720650132399
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6d92bce1d57f204f7e60645630e460c8d665ce6b023462dd9d79a6cab811f5af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
4l9D6swhvhCDgSj/+7WzqSbj+99SKJThqFbhjuY8q67ytyfj0Kk27RrJ8r4AuemY5Ards0Ni4jU=
ETag
"d084c367440d34ac7bfa3f2ccb264c75"
x-amz-request-id
B7NDFPGZYM98A7TX
Accept-Ranges
bytes
Content-Length
585
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Wed, 10 Jul 2024 22:22:13 GMT
Content-Type
image/svg+xml
Server
AmazonS3
x-amz-server-side-encryption
AES256
1722284720524
ppe-userenroll-assets.s3.amazonaws.com/
10 KB
0
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1722284720524
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a5a9a43642bd14df62cff9d73ce5d847f12a6c48b696d3fa71854dc034c974fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
Qn52fEAEnYRNjF3xJ06Ud0bJzW+HOOGhhRJll7Q2OcMnicLLO+C1v+ksjIfA8c2uvIGjqK7KVGk=
ETag
"612b11cd8125425e2000737794874f59"
x-amz-request-id
B7NFGCEGTHV9NV69
Accept-Ranges
bytes
Content-Length
10741
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Mon, 29 Jul 2024 20:25:21 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
1719934773143
ppe-userenroll-assets.s3.amazonaws.com/
8 KB
0
Image
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1719934773143
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
393a16292611f3d1e36178bbc233a067b88dcc502a5c500ad2036d6524e878b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
file
x-amz-id-2
e4cqFplcK3ABcar3RV6SHbX/1jXdC8a2AfmW0UqtMYtSGbEPiVHxiwuuFfw012Y/CYGOPsDZ1fU=
ETag
"6f86e0683821b75b5ec725ccc2f26b3b"
x-amz-request-id
B7N4PW5BGMPSGK1M
Accept-Ranges
bytes
Content-Length
8687
Date
Mon, 30 Sep 2024 12:33:41 GMT
Last-Modified
Tue, 02 Jul 2024 15:39:34 GMT
Content-Type
image/svg+xml
Server
AmazonS3
x-amz-server-side-encryption
AES256
InitFormData
create.leadid.com/2.15.0/
0
0

psp
psp.pushnami.com/api/
2 B
152 B
Fetch
General
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6682e3bdc751e60013d456c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.20.238.11 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key
6682e3bdc751e60013d456c9
Referer
https://30.rewardzinga.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json, text/plain, */*
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
content-length
2
date
Mon, 30 Sep 2024 12:33:42 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/html; charset=utf-8
x-powered-by
Express
psp
psp.pushnami.com/api/ Frame
0
0
Preflight
General
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.20.238.11 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://30.rewardzinga.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
key
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 30 Sep 2024 12:33:42 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
snapshot
api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.112.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-112-165.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://30.rewardzinga.com/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Sep 2024 12:33:42 GMT
server
Cowboy
access-control-allow-credentials
true
fingerprints
api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/fingerprints
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.112.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-112-165.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://30.rewardzinga.com/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Sep 2024 12:33:42 GMT
server
Cowboy
access-control-allow-credentials
true
1718909534550
ppe-userenroll-assets.s3.amazonaws.com/
15 KB
15 KB
Other
General
Full URL
https://ppe-userenroll-assets.s3.amazonaws.com/1718909534550
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
16.182.71.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
6816ddb2d88ec46a73ced9782753d63931dbf00bbc0e7276d2599fece0af12c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-amz-meta-fieldname
image
x-amz-id-2
r/tJwIW1ex4CUtUxOmnwlbYq/9yv2sVANsQIFjYyC/ee6rt9guc7VjJfv542es9zmrUOcHLEJ3Y=
ETag
"9c21bbd56982b105321df5b3c14c58f7"
x-amz-request-id
W9XFAJTWN0S00162
Accept-Ranges
bytes
Content-Length
15406
Date
Mon, 30 Sep 2024 12:33:43 GMT
Last-Modified
Thu, 20 Jun 2024 18:52:15 GMT
Content-Type
image/vnd.microsoft.icon
Server
AmazonS3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-N68EZPQBD3&gtm=45je49p0v9165362096za200zb9165350925&_p=1727699620645&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101686684~101747727&cid=314755151.1727699621&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1727699621&sct=1&seg=0&dl=https%3A%2F%2F30.rewardzinga.com%2F750-amazon-rewards-v-4&dr=https%3A%2F%2Frewardzinga.com%2F&dt=RewardZinga&en=scroll&epn.percent_scrolled=90&_et=9&tfd=3057
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N68EZPQBD3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://30.rewardzinga.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Sep 2024 12:33:42 GMT
content-type
text/plain
server
Golfe2
InitFormData.iframe
create.leadid.com/2.15.0/ Frame 29BA
0
0
Document
General
Full URL
https://create.leadid.com/2.15.0/InitFormData.iframe?msn=5&pid=cc79e577-9f33-4680-bb28-5ae9b74195b5&token=9618000B-8250-D9F3-D88C-3225DB8AB75B&_=152943141
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.224.202.97 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Content-Type
multipart/form-data; boundary=----WebKitFormBoundarygzRmLVjRTAfj1sdP
Origin
https://30.rewardzinga.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-origin
*
access-control-max-age
1728000
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 30 Sep 2024 12:33:42 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
0
check
fpc.pushnami.com/psfp/a326f4e4-f519-428b-9606-124a10897cdb/
0
0
Fetch
General
Full URL
https://fpc.pushnami.com/psfp/a326f4e4-f519-428b-9606-124a10897cdb/check?websiteId=6682e3bdc751e60013d456c8
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6682e3bdc751e60013d456c9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.6.108 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://30.rewardzinga.com/

Response headers

x-request-id
4QU0bLceGLaHP23u4NpdmkWoKKR0ugmD
access-control-allow-origin
*
content-length
0
date
Mon, 30 Sep 2024 12:33:42 GMT
vary
Origin
track
trc.pushnami.com/api/push/
2 B
168 B
Fetch
General
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/6682e3bdc751e60013d456c9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.52.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

key
6682e3bdc751e60013d456c9
Referer
https://30.rewardzinga.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept
application/json, text/plain, */*
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
content-length
2
cache-control
no-cache
date
Mon, 30 Sep 2024 12:33:42 GMT
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame
0
0
Preflight
General
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.52.15 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://30.rewardzinga.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Mon, 30 Sep 2024 12:33:42 GMT
events
api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/
0
159 B
XHR
General
Full URL
https://api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/events
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.25.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.231.112.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-112-165.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://30.rewardzinga.com/

Response headers

access-control-expose-headers
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
date
Mon, 30 Sep 2024 12:33:43 GMT
server
Cowboy
access-control-allow-credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
usermatch.krxd.net
URL
https://usermatch.krxd.net/um/v2?partner=tapad
Domain
bcp.crwdcntrl.net
URL
https://bcp.crwdcntrl.net/6/data
Domain
rum-collector-2.pingdom.net
URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=6571d423daab420012000423&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=2&cE=2&dLE=2&dLS=2&fS=2&hS=-1&rE=-1&rS=-1&reS=17&resS=565&resE=597&uEE=-1&uES=-1&dL=570&dI=1484&dCLES=1484&dCLEE=1511&dC=2505&lES=2505&lEE=2515&s=nt&title=RewardZinga&path=https%3A%2F%2F30.rewardzinga.com%2F750-amazon-rewards-v-4&ref=https%3A%2F%2Frewardzinga.com%2F&sId=r12a6mqm&sST=1727699621&sIS=1&rV=0&v=1.4.1
Domain
truncated
URL
data:truncated
Domain
api.trustedform.com
URL
https://api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/snapshot
Domain
api.trustedform.com
URL
https://api.trustedform.com/certs/c4450d847249103d43f62b85171034eaa2f75b59/fingerprints
Domain
create.leadid.com
URL
https://create.leadid.com/2.15.0/InitFormData?msn=5&pid=cc79e577-9f33-4680-bb28-5ae9b74195b5&token=9618000B-8250-D9F3-D88C-3225DB8AB75B&_=152943140

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| ViantUniversalPixel function| urlChecker function| $ function| jQuery object| Lander function| submitRecaptcha object| feedbackElem function| handleChangeTitle function| setFormProgressBar object| LeadiD object| google_tag_manager object| google_tag_data object| pushWrap function| pnFirebaseModuleInterfaceInstantiator object| pnFirebaseModuleInterface function| showFbChkOptIn object| mailnamiPromptModule object| mailnami object| Pushnami string| id function| onYouTubeIframeAPIReady object| gaGlobal object| defaultStyleFrame object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording function| CrossStorageClient object| pushnamiStorage function| uuid object| regeneratorRuntime function| trustedFormNext

83 Cookies

Domain/Path Name / Value
smrturl.co/o/516768 Name: dynamo_v_id
Value: Vdb47103dc52e6
map.go.affec.tv/map/ttd Name: oo
Value: 1
map.go.affec.tv/map/an Name: oo
Value: 1
i.liadm.com/s Name: _li_ss
Value: CgA
rxxwin.com/ Name: HstCfa4852088
Value: 1727699615524
rxxwin.com/ Name: HstCla4852088
Value: 1727699615524
rxxwin.com/ Name: HstCmu4852088
Value: 1727699615524
rxxwin.com/ Name: HstPn4852088
Value: 1
rxxwin.com/ Name: HstPt4852088
Value: 1
rxxwin.com/ Name: HstCnv4852088
Value: 1
rxxwin.com/ Name: HstCns4852088
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: df
Value: 1727699615
.dtscout.com/ Name: l
Value: 4C3017276996155B6AB80A892A796640
.rxxwin.com/ Name: __dtsu
Value: 4C3017276996155B6AB80A892A796640
.lijit.com/ Name: lijitAcc3PC
Value: 1
.sharethis.com/ Name: __stid
Value: ZGEAAWb6mqAAAAAJXaGSAw==
.sharethis.com/ Name: __stidv
Value: 2
.tynt.com/ Name: uid
Value: CoIKR2b6mqAiyxc5C66SAg==
.dtscdn.com/ Name: uid
Value: 4C3017276996155B6AB80A892A796640
.onaudience.com/ Name: cookie
Value: 62f60e3e4fe3fb72
.onaudience.com/ Name: done_redirects282
Value: 1
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1727699616409%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1727699616409%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1727699616409%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1727699616409%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1727699616409%7D%2C%7B%22p%22%3A%22179d15a463%22%2C%22f%22%3A1%2C%22ts%22%3A1727699616409%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1727699616409%7D%5D
.tapad.com/ Name: TapAd_TS
Value: 1727699616566
.tapad.com/ Name: TapAd_DID
Value: 6d904f3e-7826-4ced-a8d1-5a35eabcdddb
.linkedin.com/ Name: li_sugr
Value: 2d7cfd01-4e10-4e5e-a2df-6374eae9d160
.linkedin.com/ Name: bcookie
Value: "v=2&43eaf243-e8ff-45b3-8467-cef9ab77846d"
.linkedin.com/ Name: lidc
Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3312:u=1:x=1:i=1727699616:t=1727786016:v=2:sig=AQF2btjBr1BCKAQCd557bkYF16ifDU5w"
.33across.com/ Name: 33x_ps
Value: u%3D212814240041158%3As1%3D1727699616619%3Ats%3D1727699616619
.go.affec.tv/ Name: ck
Value: 66fa9aa0d5024c000168156d
.go.affec.tv/ Name: oo
Value: 1
.rezync.com/ Name: zync-uuid
Value: 7bd38fcc-6f75-40c4-8096-2d3655937e9d:1727699616.6428924
.eyeota.net/ Name: mako_uid
Value: 19242ec03a5-3f9e0000010a533e
.eyeota.net/ Name: SERVERID
Value: 21310~DM
.bluekai.com/ Name: bku
Value: wXT99vYSIZjT8Cz0
.bluekai.com/ Name: bkpa
Value: KJy9cyeQd02pSUHknpD0BpA8wtkAwE9NjePCmEDhmEji1e/0BpWe9/6YYeQ=
.adsrvr.org/ Name: TDID
Value: 10e479a6-ffa7-41f2-87b7-6d8d8f913d07
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IsRGAIAwF0AmsmCMehPB_4jiADGRp6aSW3lm-dyWyz-prDMFiE8vDxHNAdFa0FpVnzKNQiQgU7DD1ULvT9qXTnp9fNJkdlVoAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDKyNLQwMTe1MLWwFOIz1E0rKUxLSs4sKUnVLQYAzdWvpiQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDE3MDKyNLQwMTe1MLWwFOIz1E0rKUxLSs4sKUnVLQYAzdWvpiQAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4CQEDs5yhKQQK3f3uyLeXnmqBCdcbJRJDkK0F9y5YrOfGRogMXHDNKn2A2T5u1k6AAAA
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 1_0_1727699616912
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6588
live.rezync.com/ Name: sd-session-id
Value: .eJwNyksOwiAQANC7zLoYGGA-XKZRoAnRoil1Y9O72-VL3gHzp27rvde-Q9q3b50gv9qlAemA0X5rfUICJQ1sEdVJ4ChRFM4JRh2jvfvcylX4UbwsORtaOJpgczBilQwWTzGq56olOUYmVXJ0o4CiGOD8A5XIJU8.ZvqaoA.G28CxAuqMIgZlGFH7H1UwUth-Hk
.rlcdn.com/ Name: rlas3
Value: 7JUZ3S2P5kC+BFlxuwSox2kxYMQP87p6e1hHFTZjE4M=
.adnxs.com/ Name: XANDR_PANID
Value: Uey84OOD5sCIsknzrtV7mrewsVyPmibjjduLk3l2GOanXudiPFPGQ7ydwUyN5sZSLPrcjYMegXh81S1At1mGe9jgflR1CbgN-Nu2z4Kvri4.
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E?ej[tpp!]tbP6j2F-XstGt!@E0h%+Va(
.adnxs.com/ Name: uuid2
Value: 1300567892410397073
.doubleclick.net/ Name: IDE
Value: AHWqTUmZUB0DrVArQnkR5JqzBApqUGrmNttHpZWQgHZcgF--Dz2HHgFN9J19dG3AT9A
.ml314.com/ Name: pi
Value: 3647375675264860162
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiq0Nu2xNWwPRAFGAEgASgCMgsI0t3c5drVsD0QBTgBWgdtc3NtMTE1YAI.
.rlcdn.com/ Name: pxrc
Value: CKG16rcGEgUI6EcQABIFCNtOEAA=
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTcyNzY5OTYxNywiaWQiOiI3NTUxODAzNTkzNDg0OTE3NjI4IiwibHMiOjE3Mjc2OTk2MTd9LCJ0dCI6eyJkdCI6MTcyNzY5OTYxNiwiaWQiOiJDb0lLUjJiNm1xQWl5eGM1QzY2U0FnPT0iLCJscyI6MTcyNzY5OTYxNn0sInRkIjp7ImR0IjoxNzI3Njk5NjE3LCJpZCI6IjEwZTQ3OWE2LWZmYTctNDFmMi04N2I3LTZkOGQ4ZjkxM2QwNyIsImxzIjoxNzI3Njk5NjE3fSwidiI6MH0=|1727699617|48fbdcc54dc0a40fb622b0a4544cf3240604f4fb
.pippio.com/ Name: did
Value: alxuasBYBS7_HdAV
.pippio.com/ Name: didts
Value: 1727699617
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CKG16rcGEgYIgr0rEAA=
.liadm.com/ Name: lidid
Value: f33f13d6-3fb8-463a-8e74-3bb493706be3
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d92156f6cb03cc8aa22259965ef3e2c3
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQSLE0MjQ1SzNLTjIwTk62SEw0MjIytbQ0M01NM041SjZmAIK0X7MWMsABz70PlowfZRn%2BMzIy%2FNw4hQXG%2FtelBWMunHGACcY%2Bd%2FQQM4x9d%2B1Tbhj7zpKvJjD24cVz4MacR2LfOPWIDcZu%2BK8JY15CEgYAMnc%2BiQ%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBI%2BzVrIQMMMDMwcM0Asxa1gkjGh%2FVAEgB2rQXJ"
.rxxwin.com/ Name: _cc_id
Value: d92156f6cb03cc8aa22259965ef3e2c3
.rxxwin.com/ Name: _cc_cc
Value: ACZ4nGNQSLE0MjQ1SzNLTjIwTk62SEw0MjIytbQ0M01NM041SjZmAIK0X7MWMsABz70PlowfZRn%2BMzIy%2FNw4hQXG%2FtelBWMunHGACcY%2Bd%2FQQM4x9d%2B1Tbhj7zpKvJjD24cVz4MacR2LfOPWIDcZu%2BK8JY15CEgYAMnc%2BiQ%3D%3D
.rxxwin.com/ Name: _cc_aud
Value: ABR4nGNgYGBI%2BzVrIQMMMDMwcM0Asxa1gkjGh%2FVAEgB2rQXJ
.rxxwin.com/ Name: panoramaId_expiry
Value: 1727786017916
fly.bluejaymobi.com/ Name: afclick
Value: 66fa9aa2b8d03300011e8b42
fly.bluejaymobi.com/ Name: afoffers
Value: {"86793":1727699618}
www.mzbvbn8trk.com/ Name: uniqueClick_PS824
Value: 17a6a021-07a8-4f03-ab02-58c645cb8def:1727699618
www.mzbvbn8trk.com/ Name: transaction_id
Value: 64653993aff64e7989e42bd1efc77e76
.rewardzinga.com/ Name: _psession
Value: c822e33b-d07a-4c24-a885-c23c73e70010
.rewardzinga.com/ Name: ue_wildcard
Value: eyJvcmlnaW5hbCI6InJld2FyZHppbmdhLmNvbSIsInJlZGlyZWN0ZWQiOiIzMC5yZXdhcmR6aW5nYS5jb20iLCJ0aW1lc3RhbXAiOjE3Mjc2OTk2MTg2OTUsInJvb3QiOiJyZXdhcmR6aW5nYS5jb20ifQ%3D%3D
.rewardzinga.com/ Name: _gcl_au
Value: 1.1.2088810467.1727699621
.ipredictive.com/ Name: cu
Value: 5d883504-d0e5-458b-bb5c-39abd9e999cb|1727699620952
30.rewardzinga.com/ Name: leadid_token-9F3784C7-6949-6299-8003-1FE5AA121320-69EDB21F-622D-AA73-7E7B-1CDC74465E7A
Value: 9618000B-8250-D9F3-D88C-3225DB8AB75B
.rewardzinga.com/ Name: _ga
Value: GA1.1.314755151.1727699621
.rewardzinga.com/ Name: _ga_N68EZPQBD3
Value: GS1.1.1727699621.1.0.1727699621.0.0.0
.trueleadid.com/ Name: nlbi_3051494
Value: xUtVQfo2VnjEvoS1C30iGwAAAADIkic+juHxcTpRuxZGvxf/
.trueleadid.com/ Name: visid_incap_3051494
Value: uuo9o+pYT72ZKRw0SNDT/6Wa+mYAAAAAQUIPAAAAAACbZ+JIXCtnfxr+wefmDYIw
.trueleadid.com/ Name: incap_ses_7230_3051494
Value: AnesVN2+3yqE34M02R5WZKWa+mYAAAAAO75YoTZbcNQ7RI0r4p/PLw==
.deviceid.trueleadid.com/ Name: uuid
Value: 4ac32b041b5c46ffb0a182f7d35d1524

3 Console Messages

Source Level URL
Text
network error URL: https://usermatch.krxd.net/um/v2?partner=tapad
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://rxxwin.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://30.rewardzinga.com/750-amazon-rewards-v-4
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30.rewardzinga.com
ad.ipredictive.com
ajax.googleapis.com
api.pushnami.com
api.tnapplications.com
api.trustedform.com
bcp.crwdcntrl.net
cdn.pushnami.com
cdn.quilljs.com
cdn.trustedform.com
cdn.tynt.com
cm.g.doubleclick.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
de.tynt.com
dp1.33across.com
dp2.33across.com
e.dtscout.com
fly.bluejaymobi.com
fonts.googleapis.com
fonts.gstatic.com
fpc.pushnami.com
i.liadm.com
ic.tynt.com
idsync.rlcdn.com
js.ipredictive.com
live.rezync.com
map.go.affec.tv
match.adsrvr.org
maxcdn.bootstrapcdn.com
p.rfihub.com
p.typekit.net
pd.sharethis.com
pippio.com
pixel.onaudience.com
ppe-userenroll-assets.s3.amazonaws.com
ps.eyeota.net
psp.pushnami.com
px.ads.linkedin.com
pxdrop.lijit.com
rewardzinga.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
rxxwin.com
s10.histats.com
s4.histats.com
secure.adnxs.com
smrturl.co
stags.bluekai.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.crwdcntrl.net
telemetry.partners.prod.minionplatform.com
trc.pushnami.com
truncated
unicons.iconscout.com
use.fontawesome.com
use.typekit.net
usermatch.krxd.net
www.google-analytics.com
www.googletagmanager.com
www.mzbvbn8trk.com
api.trustedform.com
bcp.crwdcntrl.net
create.leadid.com
rum-collector-2.pingdom.net
truncated
usermatch.krxd.net
104.18.10.207
107.178.254.65
108.138.106.5
108.138.128.100
108.138.128.124
13.249.91.110
142.250.81.227
142.251.35.162
148.113.153.94
149.56.240.31
15.197.193.217
153.92.9.122
16.182.71.97
172.64.147.238
172.64.153.173
172.67.149.199
172.67.176.182
172.67.195.53
18.164.124.33
18.164.124.56
184.50.205.247
199.38.167.131
23.20.238.11
23.200.88.61
23.200.88.69
23.33.42.81
23.33.42.82
2600:141b:1c00:8::1728:b323
2600:141b:1c00:8::1728:b32c
2600:9000:21dd:f200:1c:7f1a:6680:93a1
2606:4700:10::6816:26b6
2606:4700:10::ac42:8472
2606:4700:10::ac43:5d8
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:3037::ac43:8ef5
2606:4700:3108::ac42:28a3
2607:f8b0:4006:817::2008
2607:f8b0:4006:821::200a
2607:f8b0:4006:824::200e
2620:1ec:21::14
2a02:4780:6:1421:0:1723:f658:10
3.13.47.114
3.168.96.129
3.208.52.15
3.224.202.97
3.229.6.108
3.231.112.165
3.93.26.94
34.205.0.238
34.49.33.158
35.244.154.8
44.215.250.231
52.54.69.117
52.72.145.167
54.146.146.68
54.174.150.34
67.202.105.23
67.202.105.24
67.202.105.34
68.67.179.166
048321871c7866c02f151022180491c5dafe443205fe11ce583a1bd9bb0762dd
0498163bb40b7944e36fef5b0b1730607365e90aeb1b335637d66fd384367029
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ba4f79e6f8f97eda24acdd03598519b6eaed819903c18263e46e4d09290711c
0e54e1e968b5c7ccd15f846afb0f963df377dede1f1482519daf1db49f5f6809
0eb8b05089b753663acfc4e99d629a52b3e24820fc15278ffe083096d2d56f09
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
26f83f2b095ff9a6aea46ddc2c373e783f3e29c4ba08c73c92886ad47035febc
275469608f7a043cced2ca5f960b0bd557c19e22a3a543d4a630636fe615c413
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f58674fc10ba5368ee6dd6208f97697aaeedd3b6db9137375fa96d7025c5c1b
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397
3095756253bb9495fe769862510c1dae8ece1e41b5e80928c185d4fe0c32e7d2
37412337e0163886147739badedad9c26799fad86084b52a5694b96fd0ed4ed6
393a16292611f3d1e36178bbc233a067b88dcc502a5c500ad2036d6524e878b7
3aa69508da55ef61f655cdec0b6182e615af15d1bd02dbd5bc08a12431884907
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e4d7b0ab2a63d9da9ea5145f685d46e22ab45aa46d60a4612fd66bdad0d964f
3ff9b66e28f97f63b7838be7849c34c1d5617b850557618e6c03c260976a9565
427ab96827876250b27ebb81f63442976b478eb37fd398755b7a499342d3d28f
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4b0a7093414a51ee870a011cdd3a02b85a07679b30dc3fd05cf3c362c5541398
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ec363ca2ce5d9c918815bca74a1e25c79a9fae3c3885c97ce6680fc01f585c4
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
61b7b24020789a0b18782eb7a9236d863777dacdbdc5960555b7cfe17768e370
6816ddb2d88ec46a73ced9782753d63931dbf00bbc0e7276d2599fece0af12c2
6a8c983ca3a6566389183bd65f45f55446821939297e049032f683ff4a8572e2
6d92bce1d57f204f7e60645630e460c8d665ce6b023462dd9d79a6cab811f5af
7bb363f145c893ca32ed5f9e330f9c94c5da6462611ac85bfbf22e3edbd2ae83
7d7826299805a990e123b9e5be2c7491d2fe833dbbdabe4c44262f8fbd151908
7fc5d974282631e61bab8e209ddc26f6d8a5a8b7b3b42b2b34d37d84e87f2500
7fde03bacf5bd5415581b51f2ddd3b0981c765d8c3d62fb49527c19512639757
80dd786ddc53bf74ce30f80d9cfebae5b195dffbc927e7630fa073e02fc05a96
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8910eb7147c93440e1664fa8d3f0a992d6b2dfbbe20d4b05f448a26a7869f85e
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262
8b818de2c395ec6bacd5f52b62f4625a1ecadb789c7c7e2f0edce314e3ddd5ee
8cd6fe7805fbff49ad7703c41483700c5d2b6cb453e2a0e7da4be6e770347fd2
943934a45c164089d854f9f408a639cc68e1fc8cfac7d3880e6a77c5c49fb582
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602
a040842c270da63a354e4ab6bb4320a1b02280c4bc3b2bd36247385cccd7f5bb
a17a5c701ec27afaf20920f87c1b225f998c8554b51c9f6977e047719e00f338
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a5a9a43642bd14df62cff9d73ce5d847f12a6c48b696d3fa71854dc034c974fb
ac1e8ab1154217b676a9e8050b729dc224e6581877f61c08cca8ba638465f66f
ad19eab4ad76649718538a270316785ca53ea078ddf9534ba0504d034028e630
afbcd2b84998dd94552587f80c314db63a04495b27c348c7dfdd05530a1f3325
b3d5f1c0a62589e130e1df06260f2baddff459fee615183fe457009f097fa9bf
c688137dc1533e2f7e6b23450e9fbc83357a69b2f4cc416c5d0e1984bf197c87
d63ef8448d338eacee789785800627f2b51c0102c95cd85118a31e61bcf3c927
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e572a5835952a8da483940cd9dd2ec57767b8a59eba58a86eeeb3054692187c4
ea1ac21fa65ac3003d8b1a3fde6c30ae453782946cd8e4bc3a9643a3364cb30c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f2076a4682a514378b685990322026d78220fe75e367f4d35083ee8880d0ff7f
fa6a3964e0edc761d4d4bf36947372ca73d4ec95705008cba90b08264baa7b4c