www.buypowercard.com Open in urlscan Pro
198.208.73.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://buypowercard.capitalone.com/
Effective URL:
https://www.buypowercard.com/
Submission: On June 02 via manual (June 2nd 2021, 8:16:57 pm UTC) from US

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 32 domains to perform 65 HTTP transactions. The main IP is 198.208.73.91, located in United States and belongs to GENERAL-MOTORS-CORPORATION, US. The main domain is www.buypowercard.com.
TLS certificate: Issued by DigiCert Baltimore CA-2 G2 on April 17th 2021. Valid for: a year.

This is the only time www.buypowercard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.225.87.59 13.225.87.59	16509 (AMAZON-02) (AMAZON-02)
21	198.208.73.91 198.208.73.91	30383 (GENERAL-M...) (GENERAL-MOTORS-CORPORATION)
1 1	23.37.34.201 23.37.34.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	104.111.230.250 104.111.230.250	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2.18.234.122 2.18.234.122	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	52.19.195.165 52.19.195.165	16509 (AMAZON-02) (AMAZON-02)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.149.93 52.222.149.93	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.228.49.17 54.228.49.17	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.42.33 54.171.42.33	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.233 185.29.135.233	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 1	199.127.207.180 199.127.207.180	26120 (RHYTHMONE) (RHYTHMONE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.215.93.225 3.215.93.225	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.196.50.33 34.196.50.33	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	54.86.40.3 54.86.40.3	14618 (AMAZON-AES) (AMAZON-AES)
65	26

2 13.225.87.59 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-59.fra2.r.cloudfront.net

buypowercard.capitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 198.208.73.91 (United States)

ASN30383 (GENERAL-MOTORS-CORPORATION, US)

www.buypowercard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buypowercard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.34.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-34-201.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.250 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-250.deploy.static.akamaitechnologies.com

sadmin.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.122 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-122.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.19.195.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zn5cfoezj2kv4n9ub-generalmotors.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-93.cdg52.r.cloudfront.net

cdn.decibelinsight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.49.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-49-17.eu-west-1.compute.amazonaws.com

gm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

gmgmcard.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.42.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.233 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:ff3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.180 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.93.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-93-225.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.50.33 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-50-33.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.40.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-40-3.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	buypowercard.com www.buypowercard.com buypowercard.com	560 KB
11	demdex.net dpm.demdex.net gm.demdex.net	16 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
8	googleapis.com ajax.googleapis.com	290 KB
3	doubleclick.net 2 redirects cm.g.doubleclick.net	903 B
3	adobedtm.com assets.adobedtm.com	64 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	469 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	991 B
2	navdmp.com 1 redirects navdmp.com cdn.navdmp.com	363 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	803 B
2	facebook.com www.facebook.com	67 B
2	facebook.net connect.facebook.net	66 KB
2	capitalone.com 1 redirects buypowercard.capitalone.com	1 KB
1	rkdms.com mid.rkdms.com	47 B
1	pubmatic.com image2.pubmatic.com	547 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	ipredictive.com 1 redirects sync.ipredictive.com	432 B
1	postrelease.com jadserve.postrelease.com	428 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com	885 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	twitter.com analytics.twitter.com	581 B
1	mathtag.com 1 redirects sync.mathtag.com	639 B
1	2o7.net gmgmcard.112.2o7.net	484 B
1	decibelinsight.net cdn.decibelinsight.net	475 B
1	qualtrics.com zn5cfoezj2kv4n9ub-generalmotors.siteintercept.qualtrics.com	17 KB
1	brightcove.net players.brightcove.net	249 KB
1	brightcove.com sadmin.brightcove.com	12 KB
1	aspnetcdn.com ajax.aspnetcdn.com	19 KB
1	typography.com 1 redirects cloud.typography.com	419 B
65	32

	Domain	Requested by
20	www.buypowercard.com	www.buypowercard.com ajax.googleapis.com
10	dpm.demdex.net	assets.adobedtm.com
8	sync-tm.everesttech.net	8 redirects
8	ajax.googleapis.com	www.buypowercard.com
3	cm.g.doubleclick.net	2 redirects
3	assets.adobedtm.com	www.buypowercard.com assets.adobedtm.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	idsync.rlcdn.com	2 redirects
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	www.buypowercard.com connect.facebook.net
2	buypowercard.capitalone.com	1 redirects
1	mid.rkdms.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	sync.ipredictive.com	1 redirects
1	jadserve.postrelease.com
1	cms.analytics.yahoo.com	1 redirects
1	dt.scanscout.com	1 redirects
1	analytics.twitter.com
1	cdn.navdmp.com
1	navdmp.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cm.everesttech.net	1 redirects
1	gmgmcard.112.2o7.net	assets.adobedtm.com
1	gm.demdex.net	assets.adobedtm.com
1	cdn.decibelinsight.net	assets.adobedtm.com
1	zn5cfoezj2kv4n9ub-generalmotors.siteintercept.qualtrics.com	www.buypowercard.com
1	players.brightcove.net	www.buypowercard.com
1	sadmin.brightcove.com	www.buypowercard.com
1	ajax.aspnetcdn.com	www.buypowercard.com
1	buypowercard.com	www.buypowercard.com
1	cloud.typography.com	1 redirects
65	36

This site contains no links.

Subject Issuer	Validity	Valid
incubator-cloud.capitalone.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2021-07-25`	a year	crt.sh
card.drmp.gm.com DigiCert Baltimore CA-2 G2	`2021-04-17` - `2022-04-22`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
sadmin.brightcove.com DigiCert SHA2 Secure Server CA	`2021-02-18` - `2022-02-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-10-03`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
*.decibelinsight.net Amazon	`2021-03-15` - `2022-04-13`	a year	crt.sh
*.112.2o7.net DigiCert TLS RSA SHA256 2020 CA1	`2021-04-14` - `2022-04-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.rkdms.com Entrust Certification Authority - L1K	`2020-10-08` - `2021-10-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.buypowercard.com/
Frame ID: 8B71D68E4F6F14C66FFF7162E3C43D7C
Requests: 46 HTTP requests in this frame

Frame: https://gm.demdex.net/dest5.html?d_nsid=0
Frame ID: AAF9FBAB76EEF1283B27BADF6EA94F34
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://buypowercard.capitalone.com/ HTTP 301
https://buypowercard.capitalone.com/ Page URL
https://www.buypowercard.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

65
Requests

100 %
HTTPS

15 %
IPv6

32
Domains

36
Subdomains

26
IPs

6
Countries

1315 kB
Transfer

3895 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://buypowercard.capitalone.com/ HTTP 301
https://buypowercard.capitalone.com/ Page URL
https://www.buypowercard.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://buypowercard.capitalone.com/ HTTP 301
https://buypowercard.capitalone.com/

Request Chain 2

https://cloud.typography.com/650614/754828/css/fonts.css HTTP 302
https://buypowercard.com/fonts/391968/865E0C3C99BCB5601.css

Request Chain 44

https://cm.everesttech.net/cm/dd?d_uuid=84180912660124313823619440103149881885 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YLfnLQAAAE6tugHZ

Request Chain 46

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=84180912660124313823619440103149881885&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d84180912660124313823619440103149881885 HTTP 302
https://dpm.demdex.net/ibs:dpid=269&dpuuid=30e460b7-e72d-4100-9706-106131280bb1&ddsuuid=84180912660124313823619440103149881885

Request Chain 47

https://idsync.rlcdn.com/365868.gif?partner_uid=84180912660124313823619440103149881885 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODQxODA5MTI2NjAxMjQzMTM4MjM2MTk0NDAxMDMxNDk4ODE4ODUQABoNCK7O34UGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=0c5ed1ce6c26238be4c5ccb68586aa2bca3d9058865da07bb2465a88c76edbe9b0da87c991749652

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODQxODA5MTI2NjAxMjQzMTM4MjM2MTk0NDAxMDMxNDk4ODE4ODU= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODQxODA5MTI2NjAxMjQzMTM4MjM2MTk0NDAxMDMxNDk4ODE4ODU=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJpoZEFt5Su0bnwHW7PEyS4&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 49

https://navdmp.com/req?adID=84180912660124313823619440103149881885 HTTP 301
https://cdn.navdmp.com/req?adID=84180912660124313823619440103149881885

Request Chain 51

https://dt.scanscout.com/ssframework/uid?UIAA=84180912660124313823619440103149881885&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-59566ef49487877df5d2536ea898e8d6

Request Chain 52

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=84180912660124313823619440103149881885&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cR5U2VlE2pHIHacB38YdNXM8esEexzRdvmQ-~A

Request Chain 54

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID} HTTP 302
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=74d9b52d-c3df-11eb-ae58-577cbc3d6049

Request Chain 55

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=84180912660124313823619440103149881885?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=84180912660124313823619440103149881885?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9a349e023932ac88e5555561213adc9e

Request Chain 56

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUxmbkxRQUFBRTZ0dWdIWg==

Request Chain 57

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YLfnLQAAAE6tugHZ&expires=90

Request Chain 58

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLfnLQAAAE6tugHZ HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLfnLQAAAE6tugHZ&C=1

Request Chain 59

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YLfnLQAAAE6tugHZ HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYLfnLQAAAE6tugHZ

Request Chain 60

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YLfnLQAAAE6tugHZ HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YLfnLQAAAE6tugHZ

Request Chain 61

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLfnLQAAAE6tugHZ

Request Chain 62

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YLfnLQAAAE6tugHZ&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YLfnLQAAAE6tugHZ&img=1&__user_check__=1&sync_id=753bb2bc-c3df-11eb-8273-1e3504c40106

Request Chain 63

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YLfnLQAAAE6tugHZ&t=2592000&o=0

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
buypowercard.capitalone.com/
Redirect Chain

http://buypowercard.capitalone.com/
https://buypowercard.capitalone.com/

487 B
910 B

123ms
46ms

Document
text/html

13.225.87.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buypowercard.capitalone.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 470c420e167ef4f8a11235020c7710739c2881bcd5f717f36115f51b7a6f6f50

Request headers

:method: GET
:authority: buypowercard.capitalone.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
content-length: 487
date: Sun, 30 May 2021 14:10:37 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Jul 2019 02:55:06 GMT
etag: "de449f3e50d358f40c97253314ee0592"
x-amz-server-side-encryption: AES256
x-amz-version-id: Xn4Rk_6FEng9wN2fsVNt7IQ8v24G.ujy
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: hsd-GpVeHFSOeZxe6oQqqPgEN3HtmasZ7RHPnl2uEPSjvdV2T2qwSA==
age: 281166

Redirect headers

Server: CloudFront
Date: Wed, 02 Jun 2021 20:16:41 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://buypowercard.capitalone.com/
X-Cache: Redirect from cloudfront
Via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: 3cuPi0_GfpGDimzZyA6OYHAqHMZBACjCMOgKPcSElaTbCG68DgEvXw==

GET
H/1.1 200
OK Primary Request / Show response
www.buypowercard.com/ 14 KB
5 KB 603ms
122ms Document
text/html 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

87208d0a32bfd8fac94812cd0d2152d690fd4292662caed5ee0ea38926e57d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.buypowercard.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://buypowercard.capitalone.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://buypowercard.capitalone.com/

Response headers

Server: DRMP Web Server
Date: Wed, 02 Jun 2021 20:16:42 GMT
Vary: accept-encoding
Content-encoding: gzip
Content-type: text/html
Last-modified: Wed, 02 Jun 2021 14:33:00 GMT
Content-length: 4486
Etag: "1186-60b7969c"
Accept-ranges: bytes
X-frame-options: SAMEORIGIN
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
Access-control-allow-origin: *
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK main.min.css
www.buypowercard.com/css/ 3 KB
2 KB 125ms
122ms Stylesheet
text/css 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/css/main.min.css?rel=1622644233211

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

8da753f763b18229a6caba550ad42bcf79d732a0fe8f4f176bb137a5e2e218fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:42 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "49c-60469359"
X-frame-options: SAMEORIGIN
Content-type: text/css
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 1180
X-xss-protection: 1; mode=block

GET
H/1.1

200
OK

865E0C3C99BCB5601.css
buypowercard.com/fonts/391968/
Redirect Chain

https://cloud.typography.com/650614/754828/css/fonts.css
https://buypowercard.com/fonts/391968/865E0C3C99BCB5601.css

221 KB
222 KB

548ms
123ms

Stylesheet
text/css

198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://buypowercard.com/fonts/391968/865E0C3C99BCB5601.css

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

c9191695a2dceec09bdb4858f7ecf6026a1919210ba03b2b10e3c698db4ebdf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:44 GMT
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Etag: "375ae-60469359"
X-frame-options: SAMEORIGIN
Content-type: text/css
Access-control-allow-origin: *
Accept-ranges: bytes
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Content-length: 226734
X-xss-protection: 1; mode=block

Redirect headers

Date: Wed, 02 Jun 2021 20:16:44 GMT
Last-Modified: Thu, 19 Nov 2015 03:10:55 GMT
Server: AkamaiNetStorage
ETag: "e9df0280977be008f0d2be8f890b4aad:1589808552"
Content-Type: text/html
Location: https://buypowercard.com/fonts/391968/865E0C3C99BCB5601.css
Cache-Control: must-revalidate, private
Connection: keep-alive
Content-Length: 154
Expires: Wed, 02 June 2021 20:16:43 GMT

GET
H2 200 modernizr-2.8.3.js Show response
ajax.aspnetcdn.com/ajax/modernizr/ 50 KB
19 KB 148ms
35ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/modernizr/modernizr-2.8.3.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lha/8DFC) /

Resource Hash

7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6232410
x-cache: HIT
content-length: 19592
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Oct 2016 23:43:33 GMT
server: ECAcc (lha/8DFC)
etag: "9b6a4e97d033d21:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK main.min.js Show response
www.buypowercard.com/js/ 4 KB
2 KB 340ms
112ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/main.min.js?rel=1622644233211

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

71363ff01639348bab2f14684d9275aec6a808464dcf031d96d23b2c195e8516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:42 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "5ac-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 1452
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK font-awesome.min.css
www.buypowercard.com/css/font-awesome-4.3.0/css/ 23 KB
6 KB 251ms
126ms Stylesheet
text/css 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/css/font-awesome-4.3.0/css/font-awesome.min.css

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:42 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "17db-60469359"
X-frame-options: SAMEORIGIN
Content-type: text/css
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 6107
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK style.min.css
www.buypowercard.com/css/ 439 KB
85 KB 339ms
112ms Stylesheet
text/css 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/css/style.min.css?rel=1622644233211

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

a45b413f92cbfe54f891223d0c7220c708b0cfddbd13557efaa74d456626dde3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:42 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Wed, 02 Jun 2021 14:32:59 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "1513a-60b7969b"
X-frame-options: SAMEORIGIN
Content-type: text/css
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 86330
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK BrightcoveExperiences.js Show response
sadmin.brightcove.com/js/ 48 KB
12 KB 145ms
45ms Script
application/x-javascript 104.111.230.250
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sadmin.brightcove.com/js/BrightcoveExperiences.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.230.250 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-230-250.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3156000

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Jun 2018 15:36:45 GMT
Server: AkamaiNetStorage
ETag: "08117b928b93481e76c055da3748401b:1528299406"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: max-age=300
Strict-Transport-Security: max-age=3156000
Accept-Ranges: bytes
Content-Length: 12140

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.9/ 166 KB
166 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee78011a13dcb541325cb0fa85ae774c551aaa10429d714e8bbd766aa06ad3de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:48:23 GMT
x-content-type-options: nosniff
age: 70099
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 169920
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:48:23 GMT

GET
H2 200 angular-route.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.9/ 44 KB
12 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular-route.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f96b61cfdfa821e22fe72d944a9df6e1af4cb721dc2f7142df3a667da1c1dc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134321
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11815
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 06:58:01 GMT

GET
H/1.1 200
OK angular-ui-router.min.js Show response
www.buypowercard.com/js/vendor/ 33 KB
33 KB 340ms
113ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/angular-ui-router.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

396c4ad3d6c4a78e47b29a1d8e526bc83a72b61ead1b14b297752af2e8ab1005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:42 GMT
X-content-type-options: nosniff
Last-modified: Wed, 31 Mar 2021 20:53:28 GMT
Server: DRMP Web Server
Etag: "8411-6064e148"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Content-length: 33809
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK angular-socialshare.min.js Show response
www.buypowercard.com/js/vendor/ 8 KB
3 KB 341ms
113ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/angular-socialshare.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

c6c6fdd06901baa448b61efb5e8d313d2f56a6c3fb844cc8ea64f15cb2fd4a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:42 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "a01-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 2561
X-xss-protection: 1; mode=block

GET
H2 200 angular-sanitize.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.9/ 6 KB
3 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular-sanitize.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de844f2d9988bae8ae9b0787bc94ae18aae088c7f33518ef74ed20471241233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 23:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162905
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3433
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 May 2022 23:01:37 GMT

GET
H2 200 angular-touch.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.9/ 4 KB
2 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular-touch.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00436fdead9b34ceffe6675ae4fb6b82f95fc1548dffcceaf1e18a571a46a9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 23:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74049
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1871
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 23:42:33 GMT

GET
H2 200 angular-messages.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.9/ 3 KB
2 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular-messages.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bfd58504350d57ac5353a638c11067649c09a7ba554095d3ce0d7ed44d09649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 23:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1467
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 23:44:48 GMT

GET
H2 200 angular-aria.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.9/ 4 KB
2 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular-aria.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

925182a515ab34f58501ad6fa1007540aae918922d57974ee36190f697be8098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 09:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126693
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1477
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 09:05:09 GMT

GET
H2 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.9/ 25 KB
9 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular-animate.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47dfa5cdf5b3818ceda6809c6157460abe11235b97f0280689ba1dbff908eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72776
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9302
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 00:03:46 GMT

GET
H/1.1 200
OK angularUtils.js Show response
www.buypowercard.com/js/vendor/angularUtilsPagination/ 36 B
486 B 370ms
122ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/angularUtilsPagination/angularUtils.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

7557f8c55f22a714dd402d5a5a56d1bfaf13124b026bcd63b133164e489613df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Etag: "24-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Content-length: 36
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK dirPagination.js Show response
www.buypowercard.com/js/vendor/angularUtilsPagination/ 27 KB
28 KB 373ms
124ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/angularUtilsPagination/dirPagination.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

d6e1997f130e16cc63557d983fdc8898f41ad658e4c4badf486d7e1eddce7913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Etag: "6cd8-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Content-length: 27864
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK ng-flow-standalone.min.js Show response
www.buypowercard.com/js/vendor/flow/ 18 KB
7 KB 450ms
113ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/flow/ng-flow-standalone.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

135eee0e3ad21f9ed4eb4fca7c2200cffe06b354c9059a5d23b781918ebefed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "19af-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 6575
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK exif.js Show response
www.buypowercard.com/js/vendor/exif/ 30 KB
30 KB 452ms
113ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/exif/exif.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

c1f28f58bbc39a15631e073d4db737591a3d6177cbfc8dce41a715c27eba103d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Etag: "7604-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Content-length: 30212
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK card-config.min.js Show response
www.buypowercard.com/js/ 406 B
772 B 492ms
121ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/card-config.min.js?rel=1622644233211

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

ac434e9f130bb4e6834d9acdd24d818602b9cf03b515108c546f042703d8f59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "111-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 273
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK buypowercard.min.js Show response
www.buypowercard.com/js/ 398 KB
87 KB 572ms
121ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

8b2e06455f7fe42b675fd533b104fdb182ec74d3d785041e55565cff7366047d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Wed, 02 Jun 2021 14:33:00 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "15b7b-60b7969c"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 88955
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK v-accordion.min.js Show response
www.buypowercard.com/js/vendor/ 8 KB
3 KB 592ms
121ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/v-accordion.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

a12ceaf0a8c568677d4aa232fa202a650a143caf9662a9a4d79e5437a9ef45f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "a8f-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 2703
X-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
95 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:12:22 GMT
x-content-type-options: nosniff
age: 79460
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97163
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 22:12:22 GMT

GET
H/1.1 200
OK swiper.min.js Show response
www.buypowercard.com/js/vendor/ 125 KB
40 KB 615ms
123ms Script
application/x-javascript 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/js/vendor/swiper.min.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.buypowercard.com/
Connection: keep-alive
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:43 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "9de3-60469359"
X-frame-options: SAMEORIGIN
Content-type: application/x-javascript
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 40419
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/3113179986001/CUj8fHLso_default/ 2 MB
249 KB 649ms
553ms Script
application/javascript 2.18.234.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/3113179986001/CUj8fHLso_default/index.min.js
Requested by: Host: www.buypowercard.com
URL: https://www.buypowercard.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.234.122 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-122.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 85c56c71615061c136e348e422298a241bde5cdf9a393bae126f8e1b48240907

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: L3AD3YdAgr3HiivpwoMKP.OQvWkjcHHy
Content-Encoding: gzip
ETag: "4a1ddee21699ee2b575535f06872cfb4"
x-amz-request-id: CJ2SJAYBRZD6XQWM
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 253738
x-amz-id-2: uoTTIawAz68FH0Q+poxXx5sx7gLBm8vt3G/PV4ESVYTB3BEp/AvAD/RZWLVsjNEj6j0YMozUrbw=
X-BCOV-Response-Mode: 1
X-Served-By: cache-ams21076-AMS
Last-Modified: Wed, 02 Jun 2021 15:52:40 GMT
Server: AmazonS3
X-Timer: S1622655874.776213,VS0,VE756
Date: Wed, 02 Jun 2021 20:16:43 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=291
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js Show response
assets.adobedtm.com/ 185 KB
50 KB 58ms
28ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js
Requested by: Host: www.buypowercard.com
URL: https://www.buypowercard.com/js/main.min.js?rel=1622644233211
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 57e3adbc4db21d919f009cafb43f57a0115f05aab6a173a7fe7253393170e47b

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:45 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 13:09:11 GMT
server: AkamaiNetStorage
etag: "fdacfdd27d950e02bb76152d9cfecf5c:1622552951.687243"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.buypowercard.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jun 2021 21:16:45 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/js/vendor/angular-socialshare.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d298c3f645b70d9435a8db921704f0d2b79dc12887bc0e1572d60ffd4edeb55a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GBOmnDfGkABOQYcY2tDxqw==
cross-origin-resource-policy: cross-origin
expires: Wed, 02 Jun 2021 20:31:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: qB8LeNi+2vl9PFBQ+bP+9uVr2wDIljkq7zhjVV38I1IFwpZbL4P3h+1wQA+T1XRDxmB9CTQzQsLERrnKXJSsJQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 5b441406e98e2dd81c851d1a8a08f885
date: Wed, 02 Jun 2021 20:16:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8ed9433bd0116fb5e991164353f69257"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK popup-template.html Show response
www.buypowercard.com/html/templates/ 813 B
805 B 111ms
111ms XHR
text/html 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/html/templates/popup-template.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

16c1f4a2d4e75f7ee511d90a586cc7894f3de6e643e8402aa0e52454fae3ab5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.buypowercard.com/
Connection: keep-alive
If-Modified-Since: 0
Access-Control-Allow-Headers: *
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://www.buypowercard.com/
If-Modified-Since: 0
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:45 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "141-60469359"
X-frame-options: SAMEORIGIN
Content-type: text/html
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 321
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK content-two-block-full-width.html Show response
www.buypowercard.com/html/templates/ 665 B
781 B 123ms
123ms XHR
text/html 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/html/templates/content-two-block-full-width.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

ddd0dd9dc4bae91bfdc8c8223e42daf0fe454bae52ba41d99b51e530d28774fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.buypowercard.com/
Connection: keep-alive
If-Modified-Since: 0
Access-Control-Allow-Headers: *
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://www.buypowercard.com/
If-Modified-Since: 0
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:45 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "129-60469359"
X-frame-options: SAMEORIGIN
Content-type: text/html
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 297
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK masthead-full-width.html Show response
www.buypowercard.com/html/partials/ 6 KB
2 KB 111ms
110ms XHR
text/html 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/html/partials/masthead-full-width.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

8b0929827f15941161c2e84d00b3fac89a8bf1f07c1a1415d4958beab129b001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.buypowercard.com/
Connection: keep-alive
If-Modified-Since: 0
Access-Control-Allow-Headers: *
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://www.buypowercard.com/
If-Modified-Since: 0
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:45 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Wed, 02 Jun 2021 14:32:59 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "7cb-60b7969b"
X-frame-options: SAMEORIGIN
Content-type: text/html
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 1995
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK meet-the-cards-intro.html Show response
www.buypowercard.com/html/partials/ 301 B
638 B 123ms
123ms XHR
text/html 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/html/partials/meet-the-cards-intro.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

f48d34dae9037f836ec4b92adc43b504e0a13e0f1f49d3f97d690271ce3c02ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.buypowercard.com/
Connection: keep-alive
If-Modified-Since: 0
Access-Control-Allow-Headers: *
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://www.buypowercard.com/
If-Modified-Since: 0
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:45 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Wed, 02 Jun 2021 14:32:59 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "9b-60b7969b"
X-frame-options: SAMEORIGIN
Content-type: text/html
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 155
X-xss-protection: 1; mode=block

GET
H/1.1 200
OK meet-the-cards.html Show response
www.buypowercard.com/html/partials/ 4 KB
2 KB 110ms
110ms XHR
text/html 198.208.73.91
GENERAL-MOTORS-CO...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.buypowercard.com/html/partials/meet-the-cards.html

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

198.208.73.91 , United States, ASN30383 (GENERAL-MOTORS-CORPORATION, US),

Reverse DNS

Software

DRMP Web Server /

Resource Hash

852486636d33d438fa345331bed51dc76e967190142deef804ca0c7e54e3df49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.buypowercard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.buypowercard.com/
Connection: keep-alive
If-Modified-Since: 0
Access-Control-Allow-Headers: *
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Referer: https://www.buypowercard.com/
If-Modified-Since: 0
Access-Control-Allow-Headers: *
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:45 GMT
Content-encoding: gzip
X-content-type-options: nosniff
Last-modified: Mon, 08 Mar 2021 21:12:57 GMT
Server: DRMP Web Server
Access-control-allow-headers: Cache-Control, Origin, X-Requested-With, Content-Type, Accept
Etag: "4e3-60469359"
X-frame-options: SAMEORIGIN
Content-type: text/html
Access-control-allow-origin: *
Accept-ranges: bytes
Vary: accept-encoding
Content-length: 1251
X-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2662168c5c094cd4be9d146d5ac0800786db63df12f6021a0bc3accd719854cb

Request headers

Origin: https://www.buypowercard.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 218 KB
64 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=6092133d6265078c7fddb2354965a7f1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6090069e3a4163f5ffd0d8999ac9216cb165c9adc0b5f8731da1b0d174d2f834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.buypowercard.com
Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VTmHL9Xu+Uaosv/A3tIyFg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65906
x-fb-rlafr: 0
x-fb-debug: wm9lwjnGax6mcwElYjOI7p/2iZYwNqi6SiiK4O1mE3l7sFjlFtpzzItCRMonb3mRt7qMPMBYyUUHWdT1xZBoRQ==
x-fb-content-md5: da95bd6ab3724e5fe035c16d7aa46792
x-frame-options: DENY
date: Wed, 02 Jun 2021 20:16:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "42793b2b47066a6f2b89f2a57f456af1"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 17:37:56 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 153ms
41ms XHR
application/json 52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=757A02BE532B22BA0A490D4C%40AdobeOrg&d_nsid=0&ts=1622665005556

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5fe0a59318dd438e609d084476434daf6b56817232cd71d971055292c7bcfa0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v008-0e1798325.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: EvYpmIrNQYI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.buypowercard.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1492
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:45 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.buypowercard.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 02 Jun 2021 21:16:45 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:45 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.buypowercard.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 02 Jun 2021 21:16:45 GMT

GET
H2 200 / Show response
zn5cfoezj2kv4n9ub-generalmotors.siteintercept.qualtrics.com/SIE/ 54 KB
17 KB 114ms
54ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn5cfoezj2kv4n9ub-generalmotors.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5cFoezj2kv4n9uB

Requested by

Host: www.buypowercard.com
URL: https://www.buypowercard.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1e157303fb21d5cff22e9cb074012ab3ea18a421b2b761bcf13603cd5d17fbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 452556
cf-polished: origSize=56988
edge-control: max-age=604800
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
cf-request-id: 0a6ff822480000049f49004000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"de9c-9j5Rj903aufWOBjFvRZOl6rMpLo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 65935c7d381e049f-CDG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 di.js Show response
cdn.decibelinsight.net/i/12251/66297/ 1 B
475 B 111ms
63ms Script
text/javascript 52.222.149.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.decibelinsight.net/i/12251/66297/di.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.149.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-149-93.cdg52.r.cloudfront.net

Software

nginx /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 18:54:52 GMT
via: 1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
server: nginx
age: 4913
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=86400
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: CDG52-P1
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
content-length: 1
x-amz-cf-id: vv91uyJ5l8DoqqoSeMxG8nl-eCqcoPO_b7EEKriMiitGW5mAyJBQ0w==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 40ms
28ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1610663012584661&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.buypowercard.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=6092133d6265078c7fddb2354965a7f1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tRaCMatqkEZKLg+3PCse9tghE7h0LNKnkQC5qS240lYM+pSsI77cPuMI/ZwnN49guCvFp63t2Xn3DK+UfsQI8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Jun 2021 20:16:45 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.buypowercard.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
gm.demdex.net/ Frame AAF9 7 KB
3 KB 151ms
38ms Document
text/html 54.228.49.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gm.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.49.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-49-17.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: gm.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.buypowercard.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=84180912660124313823619440103149881885
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.buypowercard.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 2 Jun 2021 20:16:45 GMT
DCS: dcs-prod-irl1-2-v008-03a66cb5a.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 27 May 2021 13:49:19 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: +Np6jXn5SS4=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
gmgmcard.112.2o7.net/ 42 B
484 B 130ms
38ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gmgmcard.112.2o7.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=757A02BE532B22BA0A490D4C%40AdobeOrg&mid=84018787054597203683634612525718863547&ts=1622665005716

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

9b8f153f2bf574766acbd4f2ac88d327e593afd5521c1161a3bcf7dd1cc22f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 02 Jun 2021 20:16:45 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-796b78f698-sbdlc
vary: Origin
x-c: main-1475.Ic74f9e.M0-497
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.buypowercard.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 42
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YLfnLQAAAE6tugHZ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=84180912660124313823619440103149881885
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YLfnLQAAAE6tugHZ

42 B
975 B

50ms
49ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YLfnLQAAAE6tugHZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-06d23c56d.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yVhJVsGVQAw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YLfnLQAAAE6tugHZ
Date: Wed, 02 Jun 2021 20:16:45 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 102ms
60ms XHR
application/json 52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=757A02BE532B22BA0A490D4C%40AdobeOrg&d_nsid=0&d_mid=84018787054597203683634612525718863547&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%01305BF396ADA60E84-60001FA88C127EF5&ts=1622665005848

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENaa95191eb52941cb85f73f67e8a5fc19.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9cd4ea41843dbfd70cf43cd84ee8a838a5a9f5e597917fd324c6ad304d374c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.buypowercard.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v008-0b9308780.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ZrtO5OMNQA4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.buypowercard.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1492
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=269&dpuuid=30e460b7-e72d-4100-9706-106131280bb1&ddsuuid=84180912660124313823619440103149881885
dpm.demdex.net/ Frame AAF9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=84180912660124313823619440103149881885&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d84180912660124...
https://dpm.demdex.net/ibs:dpid=269&dpuuid=30e460b7-e72d-4100-9706-106131280bb1&ddsuuid=84180912660124313823619440103149881885

42 B
975 B

59ms
58ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=269&dpuuid=30e460b7-e72d-4100-9706-106131280bb1&ddsuuid=84180912660124313823619440103149881885

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-0e550184e.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MKqCHq/aR4Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 02 Jun 2021 20:18:54 GMT
Server: MT3 3736 915c305 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=269&dpuuid=30e460b7-e72d-4100-9706-106131280bb1&ddsuuid=84180912660124313823619440103149881885
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 02 Jun 2021 20:18:53 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=0c5ed1ce6c26238be4c5ccb68586aa2bca3d9058865da07bb2465a88c76edbe9b0da87c991749652
dpm.demdex.net/ Frame AAF9
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=84180912660124313823619440103149881885
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODQxODA5MTI2NjAxMjQzMTM4MjM2MTk0NDAxMDMxNDk4ODE4ODUQABoNCK7O34UGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=0c5ed1ce6c26238be4c5ccb68586aa2bca3d9058865da07bb2465a88c76edbe9b0da87c991749652

42 B
975 B

46ms
46ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=0c5ed1ce6c26238be4c5ccb68586aa2bca3d9058865da07bb2465a88c76edbe9b0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-06a5ab6df.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QUFhsc7mTwE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 02 Jun 2021 20:16:46 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=0c5ed1ce6c26238be4c5ccb68586aa2bca3d9058865da07bb2465a88c76edbe9b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEJpoZEFt5Su0bnwHW7PEyS4&google_cver=1
dpm.demdex.net/ Frame AAF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODQxODA5MTI2NjAxMjQzMTM4MjM2MTk0NDAxMDMxNDk4ODE4ODU=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODQxODA5MTI2NjAxMjQzMTM4MjM2MTk0NDAxMDMxNDk4ODE4ODU=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJpoZEFt5Su0bnwHW7PEyS4&google_cver=1?gdpr=0&gdpr_consent=

42 B
975 B

63ms
63ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJpoZEFt5Su0bnwHW7PEyS4&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-04b8c55a2.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZmKym4p2TJU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJpoZEFt5Su0bnwHW7PEyS4&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

req
cdn.navdmp.com/ Frame AAF9
Redirect Chain

https://navdmp.com/req?adID=84180912660124313823619440103149881885
https://cdn.navdmp.com/req?adID=84180912660124313823619440103149881885

6 B
102 B

149ms
148ms

Image
application/javascript

2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.navdmp.com/req?adID=84180912660124313823619440103149881885
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cf-ray: 65935c81ac60d6d1-FRA
content-length: 6
cf-request-id: 0a6ff825060000d6d1e0976000000001

Redirect headers

date: Wed, 02 Jun 2021 20:16:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
location: https://cdn.navdmp.com/req?adID=84180912660124313823619440103149881885
cf-ray: 65935c80ba52d6d1-FRA
cf-request-id: 0a6ff8247a0000d6d152adb000000001

GET
H2 200 adsct
analytics.twitter.com/i/ Frame AAF9 43 B
581 B 220ms
149ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=84180912660124313823619440103149881885&p_id=38594

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 02 Jun 2021 20:16:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 2f244af2da3b82ca9bda52c79766d5c251f6517e30f71425f3aaabaeee4198eb
x-transaction: feeaf61fa23238e9
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-59566ef49487877df5d2536ea898e8d6
dpm.demdex.net/ Frame AAF9
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=84180912660124313823619440103149881885&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-59566ef49487877df5d2536ea898e8d6

42 B
975 B

71ms
70ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-59566ef49487877df5d2536ea898e8d6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v008-07d9c3274.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /UljrFS1TrI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-59566ef49487877df5d2536ea898e8d6
Date: Wed, 02 Jun 2021 20:16:46 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame AAF9
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=84180912660124313823619440103149881885&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cR5U2VlE2pHIHacB38YdNXM8esEexzRdvmQ-~A

42 B
975 B

46ms
45ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cR5U2VlE2pHIHacB38YdNXM8esEexzRdvmQ-~A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-015ef1e04.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: n/3tQgOwSxY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 02 Jun 2021 20:16:46 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-cR5U2VlE2pHIHacB38YdNXM8esEexzRdvmQ-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2 200 7
jadserve.postrelease.com/dmp/ Frame AAF9 43 B
428 B 306ms
101ms Image
image/gif 3.215.93.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/dmp/7?vk=84180912660124313823619440103149881885&ntv_r=https://dpm.demdex.net/ibs:dpid=38117&dpuuid=NTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.93.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-93-225.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:46 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=2340&dpuuid=74d9b52d-c3df-11eb-ae58-577cbc3d6049
dpm.demdex.net/ Frame AAF9
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://dpm.demdex.net/ibs:dpid=2340&dpuuid=${ADELPHIC_CUID}
https://dpm.demdex.net/ibs:dpid=2340&dpuuid=74d9b52d-c3df-11eb-ae58-577cbc3d6049

42 B
975 B

54ms
54ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=2340&dpuuid=74d9b52d-c3df-11eb-ae58-577cbc3d6049

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-0d3610a81.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Wjd7dRBXS6k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=2340&dpuuid=74d9b52d-c3df-11eb-ae58-577cbc3d6049
Date: Wed, 02 Jun 2021 20:16:46 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 74d9b52e-c3df-11eb-ae58-577cbc3d6049

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=9a349e023932ac88e5555561213adc9e
dpm.demdex.net/ Frame AAF9
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=84180912660124313823619440103149881885?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=84180912660124313823619440103149881885?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9a349e023932ac88e5555561213adc9e

42 B
975 B

46ms
45ms

Image
image/gif

52.19.195.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9a349e023932ac88e5555561213adc9e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.195.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-195-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v008-0644320d8.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: U8KCHf32TTU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:46 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=9a349e023932ac88e5555561213adc9e
cache-control: no-cache
x-server: 10.45.18.195
content-length: 0
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUxmbkxRQUFBRTZ0dWdIWg==

170 B
188 B

39ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUxmbkxRQUFBRTZ0dWdIWg==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622665007.959940,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUxmbkxRQUFBRTZ0dWdIWg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YLfnLQAAAE6tugHZ&expires=90

0
239 B

192ms
52ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YLfnLQAAAE6tugHZ&expires=90
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622665007.994552,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YLfnLQAAAE6tugHZ&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLfnLQAAAE6tugHZ
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLfnLQAAAE6tugHZ&C=1

43 B
1003 B

114ms
114ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLfnLQAAAE6tugHZ&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 20:16:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 02 Jun 2021 20:16:47 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 20:16:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YLfnLQAAAE6tugHZ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Wed, 02 Jun 2021 20:16:47 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YLfnLQAAAE6tugHZ
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYLfnLQAAAE6tugHZ

43 B
1 KB

30ms
30ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYLfnLQAAAE6tugHZ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 20:16:47 GMT
X-Proxy-Origin: 45.152.181.220; 45.152.181.220; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid: fbd5a04f-d096-4dc9-ab14-07a188bf5dd0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 20:16:47 GMT
X-Proxy-Origin: 45.152.181.220; 45.152.181.220; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: 12992bb2-2dbd-4665-a4b6-c4be90e7a733
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYLfnLQAAAE6tugHZ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YLfnLQAAAE6tugHZ
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YLfnLQAAAE6tugHZ

43 B
180 B

27ms
27ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YLfnLQAAAE6tugHZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:47 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YLfnLQAAAE6tugHZ
date: Wed, 02 Jun 2021 20:16:47 GMT
via: 1.1 google
server: OXGW/16.208.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLfnLQAAAE6tugHZ

1 B
547 B

110ms
34ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLfnLQAAAE6tugHZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:47 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug004:0:880
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622665007.397990,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YLfnLQAAAE6tugHZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YLfnLQAAAE6tugHZ&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YLfnLQAAAE6tugHZ&img=1&__user_check__=1&sync_id=753bb2bc-c3df-11eb-8273-1e3504c40106

43 B
548 B

53ms
53ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YLfnLQAAAE6tugHZ&img=1&__user_check__=1&sync_id=753bb2bc-c3df-11eb-8273-1e3504c40106
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 20:16:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 41
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 02 Jun 2021 20:16:47 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YLfnLQAAAE6tugHZ&img=1&__user_check__=1&sync_id=753bb2bc-c3df-11eb-8273-1e3504c40106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 56
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

b.php
www.facebook.com/fr/ Frame AAF9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YLfnLQAAAE6tugHZ&t=2592000&o=0

43 B
67 B

30ms
29ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YLfnLQAAAE6tugHZ&t=2592000&o=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 13:16:47 PDT
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Sq3r0DXYDPFFFK8nTGNqGrcHL8nao9fWbCI4JsNs8M2L7JsIwWC9S5RRWTm/8uC6jmpAPpwD9pQ8UC/TK2APsg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Wed, 02 Jun 2021 13:16:47 PDT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 20:16:47 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1622665008.599011,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YLfnLQAAAE6tugHZ&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 bct
mid.rkdms.com/ Frame AAF9 0
47 B 312ms
101ms Image
text/plain 54.86.40.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=84180912660124313823619440103149881885&_ct=img
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.40.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-40-3.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gm.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 20:16:47 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.buypowercard.com/	1970-01-20 12:15:37	Name: AMCV_757A02BE532B22BA0A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18781%7CvVersion%7C5.2.0

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://players.brightcove.net/3113179986001/CUj8fHLso_default/index.min.js(Line 41) Message: Unable to use local storage.
console-api	log	URL: https://players.brightcove.net/3113179986001/CUj8fHLso_default/index.min.js(Line 45) Message: Using player 0
console-api	log	URL: https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211(Line 8) Message: devtrack-6.6.1-94
console-api	log	URL: https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211(Line 10) Message: $rootScope.marketingChannelCode: null
console-api	log	URL: https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211(Line 10) Message: $rootScope.external_id: null
console-api	log	URL: https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211(Line 10) Message: $rootScope.media_id: null
console-api	error	URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js(Line 124) Message: TypeError: Cannot read property 'clear' of null
console-api	log	URL: https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211(Line 11) Message: $rootScope.URLCard:
console-api	log	URL: https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211(Line 11) Message: $rootScope.cardType: common
console-api	log	URL: https://www.buypowercard.com/js/buypowercard.min.js?rel=1622644233211(Line 11) Message: $state: index

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
analytics.twitter.com
assets.adobedtm.com
buypowercard.capitalone.com
buypowercard.com
cdn.decibelinsight.net
cdn.navdmp.com
cloud.typography.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
dpm.demdex.net
dsum-sec.casalemedia.com
dt.scanscout.com
gm.demdex.net
gmgmcard.112.2o7.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
jadserve.postrelease.com
mid.rkdms.com
navdmp.com
pixel.rubiconproject.com
players.brightcove.net
sadmin.brightcove.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
us-u.openx.net
www.buypowercard.com
www.facebook.com
zn5cfoezj2kv4n9ub-generalmotors.siteintercept.qualtrics.com
104.111.230.250
104.17.209.240
104.244.42.3
13.225.87.59
13.36.218.177
142.250.185.226
151.101.14.49
152.199.19.160
185.29.135.233
185.33.220.240
185.64.190.80
185.94.180.126
198.208.73.91
199.127.207.180
2.18.234.122
2.18.234.21
212.82.100.182
23.37.34.201
2606:4700::6810:ff3
2a00:1450:4001:809::200a
2a02:26f0:6c00:299::1e80
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.215.93.225
34.196.50.33
34.98.64.218
35.244.174.68
52.19.195.165
52.222.149.93
54.171.173.220
54.171.42.33
54.228.49.17
54.86.40.3
69.173.144.138
00436fdead9b34ceffe6675ae4fb6b82f95fc1548dffcceaf1e18a571a46a9ed
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
135eee0e3ad21f9ed4eb4fca7c2200cffe06b354c9059a5d23b781918ebefed5
16c1f4a2d4e75f7ee511d90a586cc7894f3de6e643e8402aa0e52454fae3ab5e
1e157303fb21d5cff22e9cb074012ab3ea18a421b2b761bcf13603cd5d17fbd3
2662168c5c094cd4be9d146d5ac0800786db63df12f6021a0bc3accd719854cb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
396c4ad3d6c4a78e47b29a1d8e526bc83a72b61ead1b14b297752af2e8ab1005
470c420e167ef4f8a11235020c7710739c2881bcd5f717f36115f51b7a6f6f50
47dfa5cdf5b3818ceda6809c6157460abe11235b97f0280689ba1dbff908eb10
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bfd58504350d57ac5353a638c11067649c09a7ba554095d3ce0d7ed44d09649
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57e3adbc4db21d919f009cafb43f57a0115f05aab6a173a7fe7253393170e47b
5de844f2d9988bae8ae9b0787bc94ae18aae088c7f33518ef74ed20471241233
5fe0a59318dd438e609d084476434daf6b56817232cd71d971055292c7bcfa0e
6090069e3a4163f5ffd0d8999ac9216cb165c9adc0b5f8731da1b0d174d2f834
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
71363ff01639348bab2f14684d9275aec6a808464dcf031d96d23b2c195e8516
7557f8c55f22a714dd402d5a5a56d1bfaf13124b026bcd63b133164e489613df
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f
852486636d33d438fa345331bed51dc76e967190142deef804ca0c7e54e3df49
85c56c71615061c136e348e422298a241bde5cdf9a393bae126f8e1b48240907
87208d0a32bfd8fac94812cd0d2152d690fd4292662caed5ee0ea38926e57d4f
8b0929827f15941161c2e84d00b3fac89a8bf1f07c1a1415d4958beab129b001
8b2e06455f7fe42b675fd533b104fdb182ec74d3d785041e55565cff7366047d
8da753f763b18229a6caba550ad42bcf79d732a0fe8f4f176bb137a5e2e218fe
925182a515ab34f58501ad6fa1007540aae918922d57974ee36190f697be8098
9b8f153f2bf574766acbd4f2ac88d327e593afd5521c1161a3bcf7dd1cc22f6d
9cd4ea41843dbfd70cf43cd84ee8a838a5a9f5e597917fd324c6ad304d374c9c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12ceaf0a8c568677d4aa232fa202a650a143caf9662a9a4d79e5437a9ef45f0
a45b413f92cbfe54f891223d0c7220c708b0cfddbd13557efaa74d456626dde3
ac434e9f130bb4e6834d9acdd24d818602b9cf03b515108c546f042703d8f59e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
c1f28f58bbc39a15631e073d4db737591a3d6177cbfc8dce41a715c27eba103d
c6c6fdd06901baa448b61efb5e8d313d2f56a6c3fb844cc8ea64f15cb2fd4a52
c9191695a2dceec09bdb4858f7ecf6026a1919210ba03b2b10e3c698db4ebdf9
c9408cf5d8e0d12fb2b1d5ad6b4489be392384a4687962a0fc2a2877a57775c8
d298c3f645b70d9435a8db921704f0d2b79dc12887bc0e1572d60ffd4edeb55a
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d6e1997f130e16cc63557d983fdc8898f41ad658e4c4badf486d7e1eddce7913
ddd0dd9dc4bae91bfdc8c8223e42daf0fe454bae52ba41d99b51e530d28774fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee78011a13dcb541325cb0fa85ae774c551aaa10429d714e8bbd766aa06ad3de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48d34dae9037f836ec4b92adc43b504e0a13e0f1f49d3f97d690271ce3c02ec
f96b61cfdfa821e22fe72d944a9df6e1af4cb721dc2f7142df3a667da1c1dc52

www.buypowercard.com Open in urlscan Pro 198.208.73.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

15 %IPv6

32 Domains

36 Subdomains

26 IPs

6 Countries

1315 kBTransfer

3895 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.buypowercard.com Open in urlscan Pro
198.208.73.91 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

15 %
IPv6

32
Domains

36
Subdomains

26
IPs

6
Countries

1315 kB
Transfer

3895 kB
Size

1
Cookies

65 HTTP transactions
1 data transactions