click.linksynergy.com Open in urlscan Pro
35.212.161.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://saks.org/
Effective URL:
https://click.linksynergy.com/fs-bin/click?id=nDQA3oKZiiQ&offerid=323040.10000021&subid=0&type=4&u1=1772052751&afsrc=1
Submission: On October 15 via manual (October 15th 2024, 10:25:14 am UTC) from IN — Scanned from US

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 40 HTTP transactions. The main IP is 35.212.161.71, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is click.linksynergy.com. The Cisco Umbrella rank of the primary domain is 42984.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 2nd 2024. Valid for: a year.

This is the only time click.linksynergy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.247.81.74 104.247.81.74	206834 (TEAMINTER...) (TEAMINTERNET-CA-AS)
1	2600:9000:27c... 2600:9000:27c5:3600:1d:4618:5c80:21	16509 (AMAZON-02) (AMAZON-02)
1	34.196.113.212 34.196.113.212	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.209.119.177 3.209.119.177	14618 (AMAZON-AES) (AMAZON-AES)
4	66.165.243.160 66.165.243.160	29802 (HVC-AS) (HVC-AS)
3	2607:f8b0:400... 2607:f8b0:4004:c19::71	15169 (GOOGLE) (GOOGLE)
10	108.138.64.27 108.138.64.27	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	44.225.19.37 44.225.19.37	16509 (AMAZON-02) (AMAZON-02)
1	15.235.54.6 15.235.54.6	16276 (OVH) (OVH)
1	148.113.163.172 148.113.163.172	16276 (OVH) (OVH)
2	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.212.161.71 35.212.161.71	15169 (GOOGLE) (GOOGLE)
40	14

4 104.247.81.74 (Canada)

ASN206834 (TEAMINTERNET-CA-AS, DE)

saks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:27c5:3600:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.113.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-113-212.compute-1.amazonaws.com

veles-swg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.119.177 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-119-177.compute-1.amazonaws.com

varun-ysz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.165.243.160 (Los Angeles, United States)

ASN29802 (HVC-AS, US)
PTR: 66-165-243-160.static.hvvc.us

r.redirekted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c19::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 108.138.64.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-27.iad12.r.cloudfront.net

www.mypoints.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.225.19.37 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-19-37.us-west-2.compute.amazonaws.com

api.mypoints.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.mypoints.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.54.6 (Canada)

ASN16276 (OVH, FR)
PTR: prd-capture-5.tjsint.net

capture.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.113.163.172 (Canada)

ASN16276 (OVH, FR)
PTR: prd-usage-5.tjsint.net

usage.trackjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
privacyportal.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.161.71 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 71.161.212.35.bc.googleusercontent.com

click.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mypoints.com 1 redirects www.mypoints.com — Cisco Umbrella Rank: 183764 api.mypoints.com — Cisco Umbrella Rank: 111486 go.mypoints.com — Cisco Umbrella Rank: 246570	154 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	143 KB
4	redirekted.com r.redirekted.com	11 KB
4	saks.org saks.org	4 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
2	linksynergy.com click.linksynergy.com — Cisco Umbrella Rank: 42984	3 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498 privacyportal.onetrust.com — Cisco Umbrella Rank: 2288	492 B
2	trackjs.com capture.trackjs.com — Cisco Umbrella Rank: 9611 usage.trackjs.com — Cisco Umbrella Rank: 3054	445 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	96 KB
1	varun-ysz.com 1 redirects varun-ysz.com — Cisco Umbrella Rank: 311193	343 B
1	veles-swg.com veles-swg.com — Cisco Umbrella Rank: 301023	3 KB
1	cloudfront.net d38psrni17bvxu.cloudfront.net	2 KB
0	asos.com Failed www.asos.com Failed
40	13

	Domain	Requested by
10	www.mypoints.com	r.redirekted.com www.mypoints.com
7	cdn.cookielaw.org	www.mypoints.com cdn.cookielaw.org
4	r.redirekted.com	veles-swg.com r.redirekted.com
4	saks.org	d38psrni17bvxu.cloudfront.net saks.org
3	www.google-analytics.com	r.redirekted.com www.google-analytics.com
2	click.linksynergy.com	www.mypoints.com
2	api.mypoints.com	www.mypoints.com
1	privacyportal.onetrust.com	cdn.cookielaw.org
1	go.mypoints.com	1 redirects
1	geolocation.onetrust.com	www.mypoints.com
1	usage.trackjs.com
1	capture.trackjs.com	www.mypoints.com
1	www.googletagmanager.com	www.google-analytics.com
1	varun-ysz.com	1 redirects
1	veles-swg.com	saks.org
1	d38psrni17bvxu.cloudfront.net	saks.org
0	www.asos.com Failed
40	17

This site contains no links.

Subject Issuer	Validity	Valid
zeropark.com Amazon RSA 2048 M02	`2024-06-11` - `2025-07-09`	a year	crt.sh
redirekted.com E6	`2024-10-10` - `2025-01-08`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
mypoints.com Amazon RSA 2048 M03	`2023-12-23` - `2025-01-19`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.trackjs.com RapidSSL TLS RSA CA G1	`2024-08-05` - `2025-08-11`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.linksynergy.com ZeroSSL RSA Domain Secure Site CA	`2024-05-02` - `2025-05-02`	a year	crt.sh
onetrust.com WE1	`2024-10-13` - `2025-01-11`	3 months	crt.sh

This page contains 2 frames:

Frame: https://www.asos.com/us/women/?af_sub1=35719&MID=35719&ranMID=35719&pubref=nDQA3oKZiiQ&af_adset_id=35719&af_sub_siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&pid=rakuten_int&is_retargeting=false&ranSiteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&af_click_lookback=30d&utm_content=4&utm_source=RAN&affid=2135&utm_medium=affiliate&channelref=Affiliate&link=4&source=linkshare&publisher=Prodege,%20LLC&AFFID=26429&utm_campaign=Prodege,%20LLC&ranEAID=nDQA3oKZiiQ&deep_link_value=asos%3A%2F%2Fwww.asos.com%2Fus%2Fwomen%2F&clickid=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgwA&af_reengagement_window=30d&promo=323040&utm_term=10000021&af_inactivity_window=0d&c=Rakuten%20Affiliates
Frame ID: 9AC74C7C416474F21FE39EFAF0E19ADF
Requests: 35 HTTP requests in this frame

Frame: https://r.redirekted.com/go?e=04mWWSFW0gRs7VlK-uPqugvq4SzXYIaBdHPsskKLwbGs-tKL9S2X60KLdVJsyNUM59Gr8RPXebwXypFB9IvXYcFWvVJsuWlKeHvWs5UX0yRsuk3K8AUAwk3F0ETs7ZlB59QDbkapeb0X7NTD1p3VVEmFNq0rvgFCmL3WYgKX9W2XXE2BmR2KUyaCwuTs7LlF8AUqX13p0NJs6flBlfRLTIQXWEHr-D2F1pUrb53pj5mZbVPL0V2VXSPXdtRsY1KBdfQsvclF8uRs7NKFefQAYglB09Ss7VlK-uvVVk3F0tRs7xQC59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Frame ID: 18BD91C3DDDD1EF502C97C59F80E2EC5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://saks.org/ HTTP 307
https://saks.org/ HTTP 307
http://saks.org/ Page URL
http://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f... HTTP 307
https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f... Page URL
https://varun-ysz.com/zclkredirect?visitid=bff8fa01-8adf-11ef-95a6-12ae111b4167&type=js&browserWid... HTTP 302
https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6... Page URL
https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_s... Page URL
https://go.mypoints.com/g/shopredir?merchant=5568&drctLink=3&cmp=1200&cxid=5568&aff_sid=Ns7DQM9gHraE... HTTP 302
https://click.linksynergy.com/fs-bin/click?id=nDQA3oKZiiQ&offerid=323040.10000021&subid=0&type=4&u1=177205... Page URL

Detected technologies

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

83 %
HTTPS

36 %
IPv6

13
Domains

17
Subdomains

14
IPs

2
Countries

438 kB
Transfer

1395 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://saks.org/ HTTP 307
https://saks.org/ HTTP 307
http://saks.org/ Page URL
http://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167 HTTP 307
https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167 Page URL
https://varun-ysz.com/zclkredirect?visitid=bff8fa01-8adf-11ef-95a6-12ae111b4167&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509 Page URL
https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF Page URL
https://go.mypoints.com/g/shopredir?merchant=5568&drctLink=3&cmp=1200&cxid=5568&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF HTTP 302
https://click.linksynergy.com/fs-bin/click?id=nDQA3oKZiiQ&offerid=323040.10000021&subid=0&type=4&u1=1772052751&afsrc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://saks.org/ HTTP 307
https://saks.org/ HTTP 307
http://saks.org/

Request Chain 5

http://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167 HTTP 307
https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167

Request Chain 6

https://varun-ysz.com/zclkredirect?visitid=bff8fa01-8adf-11ef-95a6-12ae111b4167&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509

Request Chain 37

https://asos-medialabs.onelink.me/PXyX?pid=rakuten_int&af_sub1=35719&c=Rakuten%20Affiliates&clickid=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgwA&is_retargeting=false&af_click_lookback=30d&af_reengagement_window=30d&af_inactivity_window=0d&af_adset_id=35719&af_sub_siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&af_web_dp=https%3A%2F%2Fwww.asos.com%2Fus%2Fwomen%2F&deep_link_value=asos%3A%2F%2Fwww.asos.com%2Fus%2Fwomen%2F&ranMID=35719&ranEAID=nDQA3oKZiiQ&ranSiteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&link=4&promo=323040&source=linkshare&affid=2135&channelref=Affiliate&pubref=nDQA3oKZiiQ&MID=35719&publisher=Prodege%2C+LLC&siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&utm_source=RAN&utm_medium=affiliate&AFFID=26429&utm_content=4&utm_campaign=Prodege%2C+LLC&utm_term=10000021 HTTP 301
https://www.asos.com/us/women/?af_sub1=35719&MID=35719&ranMID=35719&pubref=nDQA3oKZiiQ&af_adset_id=35719&af_sub_siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&pid=rakuten_int&is_retargeting=false&ranSiteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&af_click_lookback=30d&utm_content=4&utm_source=RAN&affid=2135&utm_medium=affiliate&channelref=Affiliate&link=4&source=linkshare&publisher=Prodege,%20LLC&AFFID=26429&utm_campaign=Prodege,%20LLC&ranEAID=nDQA3oKZiiQ&deep_link_value=asos%3A%2F%2Fwww.asos.com%2Fus%2Fwomen%2F&clickid=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgwA&af_reengagement_window=30d&promo=323040&utm_term=10000021&af_inactivity_window=0d&c=Rakuten%20Affiliates

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
saks.org/
Redirect Chain

http://saks.org/
https://saks.org/
http://saks.org/

2 KB
2 KB

319ms
319ms

Document
text/html

104.247.81.74
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://saks.org/
Protocol: HTTP/1.1
Server: 104.247.81.74 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 80095fd663c76a74ce34c75699e26ab3a81a9fff2b06b850a17127528dfe0602

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Oct 2024 10:25:07 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_gVwkfzp+xBAfOEpMsP+F5W/MgzVnjcSOC9oVd9JkirhkcZBK4Q5LWJKk7bKXxVvTWS4bMYIJ+Q5XSE1uFJuwjA==
X-Domain: saks.org
X-Pcrew-Blocked-Reason
X-Pcrew-Ip-Organization: Verizon Internet Services
X-Redirect: zeropark_zeroclick
X-Subdomain

Redirect headers

Location: http://saks.org/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
2 KB 91ms
82ms Script
application/javascript 2600:9000:27c5:3600:1d:4618:5c80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: saks.org
URL: http://saks.org/
Protocol: HTTP/1.1
Server: 2600:9000:27c5:3600:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://saks.org/

Response headers

ETag: "65fc1e7b-448"
Age: 58595
Connection: keep-alive
Via: 1.1 20848d4ff5765e0130bd5ac1450af23e.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 1096
X-Amz-Cf-Id: mebF6itpzs0cpjYPCgl5MDWV6ObB63xdIZdG24iSoc6nO-L8yhOKCA==
Date: Mon, 14 Oct 2024 18:08:32 GMT
Content-Type: application/javascript
Last-Modified: Thu, 21 Mar 2024 11:48:11 GMT
Server: nginx
X-Amz-Cf-Pop: IAD61-P5

GET
H/1.1 200
OK track.php Show response
saks.org/ 0
608 B 53ms
53ms XHR
text/html 104.247.81.74
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://saks.org/track.php?domain=saks.org&toggle=browserjs&uid=MTcyODk4NzkwNy40NDkxOmIzZDhlYTM3N2Y4OTUzYzc4MDhjZTY2NTU3NmZiMDJiMThkNzM3OTZkYWQ3MDNhYjBjNjBlZmY2NjUwMWI1Mjc6NjcwZTQzMDM2ZGE0YQ%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Server: 104.247.81.74 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://saks.org/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Connection: keep-alive
Accept-CH-Lifetime: 30
X-Custom-Track: browserjs
Access-Control-Allow-Origin: *
Date: Tue, 15 Oct 2024 10:25:07 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 201
Created ls.php
saks.org/ 16 B
865 B 58ms
58ms XHR
text/javascript 104.247.81.74
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://saks.org/ls.php?t=670e4303&token=c7a5858ee14a6809849494ad6e847b14b627c883
Requested by: Host: saks.org
URL: http://saks.org/
Protocol: HTTP/1.1
Server: 104.247.81.74 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://saks.org/

Response headers

Transfer-Encoding: chunked
Access-Control-Max-Age: 86400
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_QKi1a5rPOPsTnKH/Vz0JFh//nlqjzPnUHRzeF1Jsgai5sHpWVGuv2oPpj4bv2TnIqxJlhLrWS24s5kdXm6gtTg==
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin
Date: Tue, 15 Oct 2024 10:25:07 GMT
Content-Type: text/javascript;charset=UTF-8
Charset: utf-8
Server: nginx

GET
H/1.1 200
OK track.php
saks.org/ 0
623 B 162ms
155ms XHR
text/html 104.247.81.74
TEAMINTERNET-CA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://saks.org/track.php?click=65f2526985640ae00fad496f07eeff32777efffd&domain=saks.org&uid=MTcyODk4NzkwNy40NDkxOmIzZDhlYTM3N2Y4OTUzYzc4MDhjZTY2NTU3NmZiMDJiMThkNzM3OTZkYWQ3MDNhYjBjNjBlZmY2NjUwMWI1Mjc6NjcwZTQzMDM2ZGE0YQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTEsYnVja2V0MDg4LGJ1Y2tldDA4OXx8fHx8fDY3MGU0MzAzNmQ5YjJ8fHwxNzI4OTg3OTA3LjcwMTl8OTkyMjllN2JjZDk3MjdmODQ4N2Y1MWViYTY4ZGNkM2FhZTZhZTMwZnx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fGM3YTU4NThlZTE0YTY4MDk4NDk0OTRhZDZlODQ3YjE0YjYyN2M4ODN8MHx8MHwwfHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: HTTP/1.1
Server: 104.247.81.74 , Canada, ASN206834 (TEAMINTERNET-CA-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: http://saks.org/

Response headers

Transfer-Encoding: chunked
X-View-Match: true
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Connection: keep-alive
Accept-CH-Lifetime: 30
X-Custom-Track: none
Access-Control-Allow-Origin: *
Date: Tue, 15 Oct 2024 10:25:08 GMT
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H2

200

85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d Show response
veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/
Redirect Chain

http://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167
https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167

3 KB
3 KB

157ms
43ms

Document
text/html

34.196.113.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167

Requested by

Host: saks.org
URL: http://saks.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.113.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-113-212.compute-1.amazonaws.com

Software

Resource Hash

d799520bb541f59e9be26108e5ad2fa6a0861a80f6e82f05659992228a60cd68

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer: http://saks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 3088
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Tue, 15 Oct 2024 10:25:08 GMT

Redirect headers

Location: https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1

200
OK

redirect Show response
r.redirekted.com/
Redirect Chain

https://varun-ysz.com/zclkredirect?visitid=bff8fa01-8adf-11ef-95a6-12ae111b4167&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509

824 B
1 KB

1166ms
154ms

Document
text/html

66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509
Requested by: Host: veles-swg.com
URL: https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.27.0 / PHP/8.1.29
Resource Hash: 4f99e784c8eff4f2b1ed5ca3094fa2d3eb7938872e16b6c3c229540cb24dfb0c

Request headers

Referer: https://veles-swg.com/zclkvisitor/bff8fa01-8adf-11ef-95a6-12ae111b4167/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=c0164601-8adf-11ef-95a6-12ae111b4167
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Oct 2024 10:25:09 GMT
Server: nginx/1.27.0
Transfer-Encoding: chunked
X-Powered-By: PHP/8.1.29

Redirect headers

access-control-allow-headers: X-Requested-With,Content-Type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
date: Tue, 15 Oct 2024 10:25:08 GMT
location: https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509

GET
H/1.1 200
OK adren.css
r.redirekted.com/css/ 243 B
479 B 87ms
86ms Stylesheet
text/css 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/css/adren.css?n=2530124756
Requested by: Host: r.redirekted.com
URL: https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.27.0 /
Resource Hash: e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509

Response headers

ETag: "60dff9aa-f3"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 243
Date: Tue, 15 Oct 2024 10:25:09 GMT
Content-Type: text/css
Last-Modified: Sat, 03 Jul 2021 05:46:18 GMT
Server: nginx/1.27.0

GET
H/1.1 200
OK adren.min.js Show response
r.redirekted.com/js/ 7 KB
8 KB 183ms
96ms Script
application/javascript 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/js/adren.min.js?n=2530124756
Requested by: Host: r.redirekted.com
URL: https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.27.0 /
Resource Hash: 8597d8112ffa8f07199b715746aebe0bc4180e1c23cf4de02ef8fdc8f57e0bdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509

Response headers

ETag: "660ff04f-1d72"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7538
Date: Tue, 15 Oct 2024 10:25:09 GMT
Content-Type: application/javascript
Last-Modified: Fri, 05 Apr 2024 12:36:31 GMT
Server: nginx/1.27.0

GET
H/1.1 200
OK go Show response
r.redirekted.com/ Frame 18BD 1 KB
2 KB 87ms
87ms Document
text/html 66.165.243.160
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.redirekted.com/go?e=04mWWSFW0gRs7VlK-uPqugvq4SzXYIaBdHPsskKLwbGs-tKL9S2X60KLdVJsyNUM59Gr8RPXebwXypFB9IvXYcFWvVJsuWlKeHvWs5UX0yRsuk3K8AUAwk3F0ETs7ZlB59QDbkapeb0X7NTD1p3VVEmFNq0rvgFCmL3WYgKX9W2XXE2BmR2KUyaCwuTs7LlF8AUqX13p0NJs6flBlfRLTIQXWEHr-D2F1pUrb53pj5mZbVPL0V2VXSPXdtRsY1KBdfQsvclF8uRs7NKFefQAYglB09Ss7VlK-uvVVk3F0tRs7xQC59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Requested by: Host: r.redirekted.com
URL: https://r.redirekted.com/js/adren.min.js?n=2530124756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 66-165-243-160.static.hvvc.us
Software: nginx/1.27.0 / PHP/8.1.29
Resource Hash: 5e4d1d4742f17146394508fde504df5a39dcfd9b62509752fcbd3e7d8b6d7355

Request headers

Referer: https://r.redirekted.com/redirect?redirect_id=fba5a563a477d4e549a13c407831924c&request_id=132449a6db6c1ba343db6b67fb7f7509
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Oct 2024 10:25:10 GMT
Server: nginx/1.27.0
Transfer-Encoding: chunked
X-Powered-By: PHP/8.1.29

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 18BD 52 KB
21 KB 144ms
45ms Script
text/javascript 2607:f8b0:4004:c19::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r.redirekted.com
URL: https://r.redirekted.com/go?e=04mWWSFW0gRs7VlK-uPqugvq4SzXYIaBdHPsskKLwbGs-tKL9S2X60KLdVJsyNUM59Gr8RPXebwXypFB9IvXYcFWvVJsuWlKeHvWs5UX0yRsuk3K8AUAwk3F0ETs7ZlB59QDbkapeb0X7NTD1p3VVEmFNq0rvgFCmL3WYgKX9W2XXE2BmR2KUyaCwuTs7LlF8AUqX13p0NJs6flBlfRLTIQXWEHr-D2F1pUrb53pj5mZbVPL0V2VXSPXdtRsY1KBdfQsvclF8uRs7NKFefQAYglB09Ss7VlK-uvVVk3F0tRs7xQC59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://r.redirekted.com/

Response headers

content-encoding: gzip
age: 6614
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 10:34:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 08:34:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

POST
H2 200 collect
www.google-analytics.com/j/ Frame 18BD 15 B
372 B 257ms
257ms XHR
text/plain 2607:f8b0:4004:c19::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=26290195&t=pageview&_s=1&dl=https%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW0gRs7VlK-uPqugvq4SzXYIaBdHPsskKLwbGs-tKL9S2X60KLdVJsyNUM59Gr8RPXebwXypFB9IvXYcFWvVJsuWlKeHvWs5UX0yRsuk3K8AUAwk3F0ETs7ZlB59QDbkapeb0X7NTD1p3VVEmFNq0rvgFCmL3WYgKX9W2XXE2BmR2KUyaCwuTs7LlF8AUqX13p0NJs6flBlfRLTIQXWEHr-D2F1pUrb53pj5mZbVPL0V2VXSPXdtRsY1KBdfQsvclF8uRs7NKFefQAYglB09Ss7VlK-uvVVk3F0tRs7xQC59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=229209977&gjid=2084318943&cid=913325561.1728987910&tid=UA-32454353-1&_gid=1051446886.1728987910&_r=1&_slc=1&z=1757616981

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://r.redirekted.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 10:25:10 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://r.redirekted.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 collect
www.google-analytics.com/ Frame 18BD 35 B
407 B 39ms
39ms Image
image/gif 2607:f8b0:4004:c19::71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=26290195&t=pageview&_s=2&dl=https%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSFW0gRs7VlK-uPqugvq4SzXYIaBdHPsskKLwbGs-tKL9S2X60KLdVJsyNUM59Gr8RPXebwXypFB9IvXYcFWvVJsuWlKeHvWs5UX0yRsuk3K8AUAwk3F0ETs7ZlB59QDbkapeb0X7NTD1p3VVEmFNq0rvgFCmL3WYgKX9W2XXE2BmR2KUyaCwuTs7LlF8AUqX13p0NJs6flBlfRLTIQXWEHr-D2F1pUrb53pj5mZbVPL0V2VXSPXdtRsY1KBdfQsvclF8uRs7NKFefQAYglB09Ss7VlK-uvVVk3F0tRs7xQC59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=913325561.1728987910&tid=UA-32454353-1&_gid=1051446886.1728987910&cd1=p3I8MJqyMT9lpUk8sUkmqKkyM2Ixo3WjsUk8sN%3D%3D&z=787660649

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://r.redirekted.com/

Response headers

age: 63286
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 16:50:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 cashback-redirect Show response
www.mypoints.com/ 2 KB
1 KB 444ms
154ms Document
text/html 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5842816bfdd3d8a1faa85fbf8b37583ac5583fe5b53eb776042f6a9e0e52f578

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://r.redirekted.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 15 Oct 2024 10:25:11 GMT
etag: W/"2b8dfb12edc780b593495d872290d6cf"
last-modified: Mon, 14 Oct 2024 21:48:10 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
x-amz-cf-id: VmQh7ZcvMq1NhMuCYTvi91_9poaZLgzw3bOoxhfyoUC3jLWN3CqFFQ==
x-amz-cf-pop: IAD12-P1
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN

GET
H2 200 js
www.googletagmanager.com/gtag/ Frame 18BD 271 KB
96 KB 160ms
60ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TG55WX34R2&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://r.redirekted.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 15 Oct 2024 10:25:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 10:25:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97644
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 plus-jakarta-sans-font.css
www.mypoints.com/_r353-dfd9d75/css/ 2 KB
842 B 33ms
29ms Stylesheet
text/css 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/_r353-dfd9d75/css/plus-jakarta-sans-font.css

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b9d484770e0d284e19991041fb543f9f62667f1859f4ecb18c91b82ad47864dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

content-encoding: br
x-amz-version-id: null
etag: W/"14e5a7e345647ece8603c6f5ff02d277"
age: 45376
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: KC-s5Ny52C_Sz2prEdb1jyxveSg3Y8W_ybHxTVTyGU69gxgRESH58Q==
date: Mon, 14 Oct 2024 21:48:55 GMT
content-type: text/css
vary: Accept-Encoding
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
last-modified: Mon, 14 Oct 2024 21:48:10 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/49ceb91e-98eb-4601-b520-1d6b77fc6c1c/ 15 KB
3 KB 154ms
61ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49ceb91e-98eb-4601-b520-1d6b77fc6c1c/OtAutoBlock.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61e984c406a7e7805f2b0a2483912d976fa87230d6dc80c3955158373ae4ba2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

content-md5: fIB2WH8LVLV5FSpLgExz5Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC6EE369108B6E
age: 43351
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Wed, 16 Oct 2024 10:25:11 GMT
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 22:16:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: a576fc99-a01e-00a7-11cc-a0788a000000
cf-ray: 8d2f1a8c1b124246-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3152
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 143ms
50ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

content-md5: jwlUUXc1HMPClYXMpY+NPQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCECBD439DB9BF
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 2593
x-content-type-options: nosniff
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 02:01:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 8f7ade6b-901e-0064-2ea7-1e232a000000
cf-ray: 8d2f1a8c1b0e4246-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6881
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 trackjs-loader.js Show response
www.mypoints.com/_r353-dfd9d75/js/shared/ 425 B
1001 B 32ms
30ms Script
application/javascript 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/_r353-dfd9d75/js/shared/trackjs-loader.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7715b01cb95c6bbdb89fb0f3a816673b7328c42b44c3ad8280fe861ec17f65f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

etag: "4ba8ae766c56fa80ba14266aad845e53"
x-amz-version-id: null
age: 45376
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: R3yvqqLnk9WpbKtSTOjvWELbiLsbJJshyR7N8jWjyBt7NcRQrqRmQg==
date: Mon, 14 Oct 2024 21:48:55 GMT
content-type: application/javascript
last-modified: Mon, 14 Oct 2024 21:48:16 GMT
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 425
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 jquery.min.js Show response
www.mypoints.com/_r353-dfd9d75/js/lib/ 94 KB
32 KB 87ms
86ms Script
application/javascript 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/_r353-dfd9d75/js/lib/jquery.min.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

content-encoding: br
x-amz-version-id: null
etag: W/"eaec1712551cd2792f4607f39fab12e7"
age: 45376
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: rnB_8sq6SSp7azlk2r1Q3zDDWgsBszgIOBxB17YgikZ7KQWyafmwqA==
date: Mon, 14 Oct 2024 21:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
last-modified: Mon, 14 Oct 2024 21:48:16 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 handlebars.runtime.min.js Show response
www.mypoints.com/_r353-dfd9d75/js/lib/ 28 KB
10 KB 143ms
142ms Script
application/javascript 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/_r353-dfd9d75/js/lib/handlebars.runtime.min.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6589f6bdff85d200fbc5f6e8d6569b65aa0e768981fed5a7451542aad3be5f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

content-encoding: br
x-amz-version-id: null
etag: W/"79bc9590d0c5e8260a56af316524f057"
age: 45376
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Le7eMpcWkHXMy87H7JPNQ8RA74dy6RY6CTKY6zMcW9TfDigu5n51fg==
date: Mon, 14 Oct 2024 21:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
last-modified: Mon, 14 Oct 2024 21:48:16 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cashbackRedirect.js Show response
www.mypoints.com/_r353-dfd9d75/js/ 82 KB
24 KB 163ms
161ms Script
application/javascript 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/_r353-dfd9d75/js/cashbackRedirect.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b8984e1ebc107274cd4fc329ecebb1aba038c4e93a65427827be20dbc10e8888

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

content-encoding: br
x-amz-version-id: null
etag: W/"cc643d3807ab0fa6dd44af32dc51c853"
age: 44848
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: GK8_qon2uUNqLDf_glYZMOS1QrmranMIzK7LbSSmuOHZnxFxEoUYiA==
date: Mon, 14 Oct 2024 21:57:43 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
last-modified: Mon, 14 Oct 2024 21:48:15 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 accessibility-widget.compiled.js Show response
www.mypoints.com/_r353-dfd9d75/js/lib/ 246 KB
71 KB 168ms
168ms Script
application/javascript 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/_r353-dfd9d75/js/lib/accessibility-widget.compiled.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2765d553abd332ea5ba607264cc7a53600d32b1c101dd5a4f685d4a49f957e30

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

content-encoding: br
x-amz-version-id: null
etag: W/"e8dcfaea4a574097e2622b7cbd564b7e"
age: 45376
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: QJ2qiBP8YQwpJHLUPGoGPPyUqjC41o1BMsb3Z_jFg4l-FZl0ZoknJQ==
date: Mon, 14 Oct 2024 21:48:55 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
last-modified: Mon, 14 Oct 2024 21:48:16 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 f4c38e024a95b76a27c9f3dc9ff2eda6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 49ceb91e-98eb-4601-b520-1d6b77fc6c1c.json Show response
cdn.cookielaw.org/consent/49ceb91e-98eb-4601-b520-1d6b77fc6c1c/ 4 KB
2 KB 147ms
57ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49ceb91e-98eb-4601-b520-1d6b77fc6c1c/49ceb91e-98eb-4601-b520-1d6b77fc6c1c.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

791752843dc9daa1a0c54ff2c870ccd119d3cb30e91d7e25b18ee5c4109cbabb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

content-md5: fWVbwj1PwCOEQrtHIwdmJQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC6EE3694DD9A6
age: 43425
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Wed, 16 Oct 2024 10:25:11 GMT
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/json
last-modified: Tue, 07 May 2024 22:16:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 6abaa393-f01e-0078-37cc-a029de000000
cf-ray: 8d2f1a8d19e4c454-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1698
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 trackjs.min.js Show response
www.mypoints.com/_r353-dfd9d75/js/lib/ 29 KB
9 KB 30ms
29ms Script
application/javascript 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/_r353-dfd9d75/js/lib/trackjs.min.js

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/shared/trackjs-loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4ff8df7667f11d05fefad4126411a92e445eb234bf28bdb2fc1dc6b619c8750f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

content-encoding: br
etag: W/"b419e692cc9e0bf28dafc22f07c99b01"
x-amz-version-id: null
age: 45375
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: dmEGtVBoat6WMdiC-BD-lr7_kiLgpI9IdqtKDufvXs3s-Jvqe6mRVA==
date: Mon, 14 Oct 2024 21:48:57 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
last-modified: Mon, 14 Oct 2024 21:48:16 GMT
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 8415794d557292780ff382a8c5bd6058.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 / Show response
api.mypoints.com/ 856 B
2 KB 571ms
161ms XHR
application/json 44.225.19.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mypoints.com/?cmd=mp-gn-member-status

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/lib/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.19.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-19-37.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f2307e9535164d80275c95b08afb9591d664a896a45e7245e33f11be45ffb0fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mypoints.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-security-policy: frame-ancestors 'self' ;
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://www.mypoints.com
content-length: 856
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/json
server: nginx
x-frame-options: SAMEORIGIN

POST
H2 202 capture Show response
capture.trackjs.com/ 0
172 B 182ms
53ms XHR
text/plain 15.235.54.6
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://capture.trackjs.com/capture?token=a77f9aa3cfae4bc59cd1f05c818671ab&v=3.10.1
Requested by: Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/lib/trackjs.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 15.235.54.6 , Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-capture-5.tjsint.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.mypoints.com/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
content-length: 0
date: Tue, 15 Oct 2024 10:25:11 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS

GET
H/1.1 200
OK usage.gif
usage.trackjs.com/ 43 B
273 B 198ms
48ms Image
image/gif 148.113.163.172
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usage.trackjs.com/usage.gif?token=a77f9aa3cfae4bc59cd1f05c818671ab&correlationId=a02bc311-4cf7-4fb7-a5ce-4af8ac234afa&application=mypoints-prod&x=3ea3a3cf-466b-4ee7-b809-cfd786342c0b&
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.113.163.172 , Canada, ASN16276 (OVH, FR),
Reverse DNS: prd-usage-5.tjsint.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Length: 43
Date: Tue, 15 Oct 2024 10:25:11 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 favicon.svg
www.mypoints.com/ 264 B
743 B 31ms
30ms Other
image/svg+xml 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

482c664e27c4465df4e478b6ce2bef3e54ec6d18f33cce8583a98bb5a37ede29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

etag: "6b184cfd6bc455b0b1d548aa5239dfe4"
x-amz-version-id: null
age: 45375
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: VZ8GoJadOr5ko-LYZibUHviB3VGXENRTr5cRNzOeqCPz9U7ZwDgU9Q==
date: Mon, 14 Oct 2024 21:48:57 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 21:48:11 GMT
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 8415794d557292780ff382a8c5bd6058.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 264
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
305 B 139ms
52ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/lib/trackjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.mypoints.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d2f1a8e0be532c5-PHL
access-control-allow-origin: *
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 favicon.png
www.mypoints.com/ 188 B
652 B 32ms
31ms Other
image/png 108.138.64.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mypoints.com/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

108.138.64.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-64-27.iad12.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d3e76a7f51198c312802ed783e587693dbf8e619e30356189794639602088623

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/cashback-redirect?merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Response headers

etag: "7d0e92079778f179b2e4811935df2a51"
x-amz-version-id: null
age: 45375
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 8h1TqS9R9qzR-uLeHSPvNmxbmHHnAWAGE431NxHQRHJ1O1g7mCYf-g==
date: Mon, 14 Oct 2024 21:48:57 GMT
content-type: image/png
last-modified: Mon, 14 Oct 2024 21:48:11 GMT
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="prdg-prod-use1-mypsitebkt-01 expiration in 60 days"
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
cache-control: public,max-age=36000000
via: 1.1 8415794d557292780ff382a8c5bd6058.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 188
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/ 448 KB
109 KB 38ms
38ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05c58c759cab8d50d5e7f9d3b2faedcc0dd45fa3fb50899a224363a1dea93605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

content-md5: OwLk2N0IZ0eq8ykUTltEhw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E1D524AD71
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 83422
x-content-type-options: nosniff
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 21:54:14 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 4785b082-901e-0046-71cb-d74d1c000000
cf-ray: 8d2f1a8e5c8d4246-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 111077
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/49ceb91e-98eb-4601-b520-1d6b77fc6c1c/018f4128-dfb5-769d-b5b1-c705407e286a/ 48 KB
14 KB 47ms
46ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/49ceb91e-98eb-4601-b520-1d6b77fc6c1c/018f4128-dfb5-769d-b5b1-c705407e286a/en.json

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/lib/trackjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49acef8d45cf6c828d93919c59baa11043fc9287ca524f28c0e0d74f513e716f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

content-md5: m0yzGcX/VtIjjtNAGokAQA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC6EE36BBAAF0D
age: 16572
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Wed, 16 Oct 2024 10:25:11 GMT
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/json
last-modified: Tue, 07 May 2024 22:17:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 159e41ad-501e-0075-11cc-a0c6d2000000
cf-ray: 8d2f1a8f4b49c454-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13787
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/ 10 KB
3 KB 48ms
47ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otFloatingRoundedCorner.json

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/lib/trackjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

content-md5: l9ZxjQQaMDkmwPkwstOGDA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E1D1DBF2E7
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 43416
x-content-type-options: nosniff
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/json
last-modified: Tue, 16 Jul 2024 21:54:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: bbec8c71-f01e-0030-5ace-d7c9a0000000
cf-ray: 8d2f1a8fdba5c454-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2627
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202404.1.0/assets/ 24 KB
4 KB 64ms
64ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202404.1.0/assets/otCommonStyles.css

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/lib/trackjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.mypoints.com/

Response headers

content-md5: 4ErYmXXFNbMLrnc9DrDTsg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 43416
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 21:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 3b61ff9d-c01e-00b0-33ec-d76a0a000000
cf-ray: 8d2f1a8ffbbcc454-EWR
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 200 /
api.mypoints.com/ 165 B
873 B 175ms
174ms XHR
application/json 44.225.19.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mypoints.com/?cmd=mp-sh-cashback-redirect&merchant=5568&cmp=1200&cxid=5568&page=286&category=0&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF

Requested by

Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/lib/trackjs.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.19.37 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-19-37.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mypoints.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-security-policy: frame-ancestors 'self' ;
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: https://www.mypoints.com
content-length: 165
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: application/json
server: nginx
x-frame-options: SAMEORIGIN

GET
H/1.1

200

Primary Request click Show response
click.linksynergy.com/fs-bin/
Redirect Chain

https://go.mypoints.com/g/shopredir?merchant=5568&drctLink=3&cmp=1200&cxid=5568&aff_sid=Ns7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF
https://click.linksynergy.com/fs-bin/click?id=nDQA3oKZiiQ&offerid=323040.10000021&subid=0&type=4&u1=1772052751&afsrc=1

849 B
2 KB

350ms
101ms

Document
text/html

35.212.161.71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://click.linksynergy.com/fs-bin/click?id=nDQA3oKZiiQ&offerid=323040.10000021&subid=0&type=4&u1=1772052751&afsrc=1
Requested by: Host: www.mypoints.com
URL: https://www.mypoints.com/_r353-dfd9d75/js/cashbackRedirect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.161.71 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.161.212.35.bc.googleusercontent.com
Software: /
Resource Hash: 5690dd388e53dbc47b47cfc8d828823c31d2be25e7eda9a7ecf15c7f6d800d43

Request headers

Referer: https://www.mypoints.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
connection: close
content-type: text/html;charset=UTF-8
date: Tue, 15 Oct 2024 10:25:12 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR BUS STA"
pragma: no-cache
referer: https://www.mypoints.com/
refresh: 0;url=https://asos-medialabs.onelink.me/PXyX?pid=rakuten_int&af_sub1=35719&c=Rakuten%20Affiliates&clickid=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgwA&is_retargeting=false&af_click_lookback=30d&af_reengagement_window=30d&af_inactivity_window=0d&af_adset_id=35719&af_sub_siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&af_web_dp=https%3A%2F%2Fwww.asos.com%2Fus%2Fwomen%2F&deep_link_value=asos%3A%2F%2Fwww.asos.com%2Fus%2Fwomen%2F&ranMID=35719&ranEAID=nDQA3oKZiiQ&ranSiteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&link=4&promo=323040&source=linkshare&affid=2135&channelref=Affiliate&pubref=nDQA3oKZiiQ&MID=35719&publisher=Prodege%2C+LLC&siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&utm_source=RAN&utm_medium=affiliate&AFFID=26429&utm_content=4&utm_campaign=Prodege%2C+LLC&utm_term=10000021
transfer-encoding: chunked

Redirect headers

content-length: 156
content-security-policy: frame-ancestors 'self' ;
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 10:25:11 GMT
location: https://click.linksynergy.com/fs-bin/click?id=nDQA3oKZiiQ&offerid=323040.10000021&subid=0&type=4&u1=1772052751&afsrc=1
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx
x-frame-options: SAMEORIGIN

POST
H2 201 consentreceipts
privacyportal.onetrust.com/request/v1/ 0
187 B 195ms
92ms Ping
text/plain 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://privacyportal.onetrust.com/request/v1/consentreceipts

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202404.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.mypoints.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
cf-ray: 8d2f1a91f97032c6-PHL
access-control-allow-origin: *
content-length: 0
date: Tue, 15 Oct 2024 10:25:12 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: cloudflare

GET

/
www.asos.com/us/women/
Redirect Chain

https://asos-medialabs.onelink.me/PXyX?pid=rakuten_int&af_sub1=35719&c=Rakuten%20Affiliates&clickid=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgwA&is_retargeting=false&af_click_lookback=30d&af_reengagement_wi...
https://www.asos.com/us/women/?af_sub1=35719&MID=35719&ranMID=35719&pubref=nDQA3oKZiiQ&af_adset_id=35719&af_sub_siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&p...

0
0

GET
H/1.1 404 favicon.ico
click.linksynergy.com/ 796 B
951 B 297ms
91ms Other
text/html 35.212.161.71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://click.linksynergy.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.161.71 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.161.212.35.bc.googleusercontent.com
Software: /
Resource Hash: 9c4f067567884f501d8e3e1a145674e29268a1e7afb552a377d72b6a750ae0d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://click.linksynergy.com/fs-bin/click?id=nDQA3oKZiiQ&offerid=323040.10000021&subid=0&type=4&u1=1772052751&afsrc=1

Response headers

content-length: 796
date: Tue, 15 Oct 2024 10:25:11 GMT
content-type: text/html;charset=utf-8
content-language: en
connection: close

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.asos.com
URL: https://www.asos.com/us/women/?af_sub1=35719&MID=35719&ranMID=35719&pubref=nDQA3oKZiiQ&af_adset_id=35719&af_sub_siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&siteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&pid=rakuten_int&is_retargeting=false&ranSiteID=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw&af_click_lookback=30d&utm_content=4&utm_source=RAN&affid=2135&utm_medium=affiliate&channelref=Affiliate&link=4&source=linkshare&publisher=Prodege,%20LLC&AFFID=26429&utm_campaign=Prodege,%20LLC&ranEAID=nDQA3oKZiiQ&deep_link_value=asos%3A%2F%2Fwww.asos.com%2Fus%2Fwomen%2F&clickid=nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgwA&af_reengagement_window=30d&promo=323040&utm_term=10000021&af_inactivity_window=0d&c=Rakuten%20Affiliates

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
r.redirekted.com/	1970-01-21 00:17:54	Name: uuid Value: 7632340360497327104
.redirekted.com/	1970-01-21 09:52:27	Name: _ga Value: GA1.2.913325561.1728987910
.redirekted.com/	1970-01-21 00:17:54	Name: _gid Value: GA1.2.1051446886.1728987910
.redirekted.com/	1970-01-21 00:16:27	Name: _gat Value: 1
.redirekted.com/	1970-01-21 09:52:27	Name: _ga_TG55WX34R2 Value: GS1.2.1728987910.1.1.1728987910.0.0.0
.mypoints.com/	1970-01-21 09:52:27	Name: proson Value: rNfGgGcOQwc
api.mypoints.com/	1970-01-21 00:26:32	Name: AWSALB Value: drhiu/X9YNSo/nykCAcCvwI6YSOEa8LibySM/PQTmxpNayqivOEQW1j3TK2bsfbgI9EcNUJ6iIbnn829Idw8daVmZgdPnxcTHxTTqpgDCWEddJhe4g7VPeHc16cE
api.mypoints.com/	1970-01-21 00:26:32	Name: AWSALBCORS Value: drhiu/X9YNSo/nykCAcCvwI6YSOEa8LibySM/PQTmxpNayqivOEQW1j3TK2bsfbgI9EcNUJ6iIbnn829Idw8daVmZgdPnxcTHxTTqpgDCWEddJhe4g7VPeHc16cE
.mypoints.com/	1970-01-21 09:02:03	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Oct+15+2024+00%3A25%3A11+GMT-1000+(Hawaii-Aleutian+Standard+Time)&version=202404.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=e1559926-9863-4efb-bf31-f80c0bb5f787&interactionCount=1&isAnonUser=1&landingPath=https%3A%2F%2Fwww.mypoints.com%2Fcashback-redirect%3Fmerchant%3D5568%26cmp%3D1200%26cxid%3D5568%26page%3D286%26category%3D0%26aff_sid%3DNs7DQM9gHraEGL1ARAXE2E04GAakKW0uHs7jwF9IFCakKWdZ2A3qlF&groups=C0001%3A1%2CC0003%3A1%2CBG104%3A1%2CC0002%3A1%2CC0004%3A1
go.mypoints.com/	1970-01-21 00:26:32	Name: AWSALB Value: qg2YUCgJQIf70YmoazG6dRIdqPPUYjtdMEKbADX0P/ktE0javlYsC//0rv+Vll/aCjwgiMX7yhN7CDYWYwEscPxXByQ/2UBq/6D2uLlEOOLjO2b+AgTXz5UNZH0E
go.mypoints.com/	1970-01-21 00:26:32	Name: AWSALBCORS Value: qg2YUCgJQIf70YmoazG6dRIdqPPUYjtdMEKbADX0P/ktE0javlYsC//0rv+Vll/aCjwgiMX7yhN7CDYWYwEscPxXByQ/2UBq/6D2uLlEOOLjO2b+AgTXz5UNZH0E
.mypoints.com/	1970-01-21 09:02:03	Name: __urqc Value: b9322e73-1c5c-4fe1-ab52-51396dcd365d
.linksynergy.com/	1970-01-21 09:02:03	Name: lsn_statp Value: WJqFHQ4AAAC*RpWerpozPA%3D%3D
.linksynergy.com/	1970-01-21 09:02:03	Name: rmuid Value: dc1a56f9-a963-471d-ba2f-ff7575792abc
.linksynergy.com/	1970-01-21 09:52:27	Name: lsclick_mid35719 Value: "2024-10-15 10:25:12.326\|nDQA3oKZiiQ-mvU6TEpM6TMPgdNgTHiZgw"

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://click.linksynergy.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mypoints.com
capture.trackjs.com
cdn.cookielaw.org
click.linksynergy.com
d38psrni17bvxu.cloudfront.net
geolocation.onetrust.com
go.mypoints.com
privacyportal.onetrust.com
r.redirekted.com
saks.org
usage.trackjs.com
varun-ysz.com
veles-swg.com
www.asos.com
www.google-analytics.com
www.googletagmanager.com
www.mypoints.com
www.asos.com
104.247.81.74
108.138.64.27
148.113.163.172
15.235.54.6
2600:9000:27c5:3600:1d:4618:5c80:21
2606:4700:4400::6812:2089
2606:4700::6812:562a
2607:f8b0:4004:c09::61
2607:f8b0:4004:c19::71
3.209.119.177
34.196.113.212
35.212.161.71
44.225.19.37
66.165.243.160
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
05c58c759cab8d50d5e7f9d3b2faedcc0dd45fa3fb50899a224363a1dea93605
06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992
2765d553abd332ea5ba607264cc7a53600d32b1c101dd5a4f685d4a49f957e30
482c664e27c4465df4e478b6ce2bef3e54ec6d18f33cce8583a98bb5a37ede29
49acef8d45cf6c828d93919c59baa11043fc9287ca524f28c0e0d74f513e716f
4f99e784c8eff4f2b1ed5ca3094fa2d3eb7938872e16b6c3c229540cb24dfb0c
4ff8df7667f11d05fefad4126411a92e445eb234bf28bdb2fc1dc6b619c8750f
5690dd388e53dbc47b47cfc8d828823c31d2be25e7eda9a7ecf15c7f6d800d43
5842816bfdd3d8a1faa85fbf8b37583ac5583fe5b53eb776042f6a9e0e52f578
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5e4d1d4742f17146394508fde504df5a39dcfd9b62509752fcbd3e7d8b6d7355
61e984c406a7e7805f2b0a2483912d976fa87230d6dc80c3955158373ae4ba2b
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
7715b01cb95c6bbdb89fb0f3a816673b7328c42b44c3ad8280fe861ec17f65f5
791752843dc9daa1a0c54ff2c870ccd119d3cb30e91d7e25b18ee5c4109cbabb
80095fd663c76a74ce34c75699e26ab3a81a9fff2b06b850a17127528dfe0602
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8597d8112ffa8f07199b715746aebe0bc4180e1c23cf4de02ef8fdc8f57e0bdc
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
9c4f067567884f501d8e3e1a145674e29268a1e7afb552a377d72b6a750ae0d4
b8984e1ebc107274cd4fc329ecebb1aba038c4e93a65427827be20dbc10e8888
b9d484770e0d284e19991041fb543f9f62667f1859f4ecb18c91b82ad47864dc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3e76a7f51198c312802ed783e587693dbf8e619e30356189794639602088623
d6589f6bdff85d200fbc5f6e8d6569b65aa0e768981fed5a7451542aad3be5f5
d799520bb541f59e9be26108e5ad2fa6a0861a80f6e82f05659992228a60cd68
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3260db446188242293e04a658411e44c6175108bc5d8b7e7676e8786d4f0501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2307e9535164d80275c95b08afb9591d664a896a45e7245e33f11be45ffb0fc

click.linksynergy.com Open in urlscan Pro 35.212.161.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

40 Requests

83 %HTTPS

36 %IPv6

13 Domains

17 Subdomains

14 IPs

2 Countries

438 kBTransfer

1395 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

click.linksynergy.com Open in urlscan Pro
35.212.161.71 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

83 %
HTTPS

36 %
IPv6

13
Domains

17
Subdomains

14
IPs

2
Countries

438 kB
Transfer

1395 kB
Size

15
Cookies

40 HTTP transactions
0 data transactions