www.mrrebates.com Open in urlscan Pro
64.106.178.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.travis.com/
Effective URL:
https://www.mrrebates.com/Default.asp
Submission: On June 29 via api (June 29th 2023, 5:22:04 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 57 HTTP transactions. The main IP is 64.106.178.205, located in United States and belongs to DATAPIPE, US. The main domain is www.mrrebates.com. The Cisco Umbrella rank of the primary domain is 627396.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 27th 2022. Valid for: a year.

This is the only time www.mrrebates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.163.153.22 69.163.153.22	26347 (DREAMHOST-AS) (DREAMHOST-AS)
3 22	64.106.178.205 64.106.178.205	14492 (DATAPIPE) (DATAPIPE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
10	52.216.42.112 52.216.42.112	16509 (AMAZON-02) (AMAZON-02)
19	54.231.130.176 54.231.130.176	16509 (AMAZON-02) (AMAZON-02)
1	185.14.184.154 185.14.184.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
57	8

1 69.163.153.22 (Brea, United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-igloo.chehalem.dreamhost.com

www.travis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 64.106.178.205 (United States) 3 redirects

ASN14492 (DATAPIPE, US)

www.mrrebates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.216.42.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.231.130.176 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.14.184.154 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

eu.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	amazonaws.com s3.amazonaws.com s3.us-east-1.amazonaws.com — Cisco Umbrella Rank: 3841	289 KB
22	mrrebates.com 3 redirects www.mrrebates.com — Cisco Umbrella Rank: 627396	221 KB
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 ajax.googleapis.com — Cisco Umbrella Rank: 433	35 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 483	17 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	337 B
1	cookie-script.com eu.cookie-script.com — Cisco Umbrella Rank: 132677	4 KB
1	travis.com 1 redirects www.travis.com	347 B
57	8

	Domain	Requested by
22	www.mrrebates.com	3 redirects www.mrrebates.com
19	s3.us-east-1.amazonaws.com	www.mrrebates.com
10	s3.amazonaws.com	www.mrrebates.com
3	fonts.gstatic.com	fonts.googleapis.com
2	ssl.google-analytics.com	1 redirects www.mrrebates.com
2	fonts.googleapis.com	www.mrrebates.com
1	stats.g.doubleclick.net	www.mrrebates.com
1	eu.cookie-script.com	www.mrrebates.com
1	ajax.googleapis.com	www.mrrebates.com
1	www.travis.com	1 redirects
57	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.twitter.com
cookie-script.com

Subject Issuer	Validity	Valid
mrrebates.com Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-18` - `2023-09-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.mrrebates.com/Default.asp
Frame ID: 343D5F268B52787CB14E25B112086E56
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mr. Rebates - Cash Back Shopping at 3000+ Stores

Page URL History Show full URLs

http://www.travis.com/ HTTP 302
http://www.mrrebates.com/?refid=444459 HTTP 302
https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
http://www.mrrebates.com/ HTTP 302
https://www.mrrebates.com/Default.asp Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

98 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

633 kB
Transfer

1125 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mrrebates
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/MrRebates
Title: Twitter

Search URL Search Domain Scan URL

URL: https://cookie-script.com/
Title: Free cookie consent by cookie-script.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.travis.com/ HTTP 302
http://www.mrrebates.com/?refid=444459 HTTP 302
https://www.mrrebates.com/Default.asp?refid=444459 HTTP 301
http://www.mrrebates.com/ HTTP 302
https://www.mrrebates.com/Default.asp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=100811737&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr.%20Rebates%20-%20Cash%20Back%20Shopping%20at%203000%2B%20Stores&utmhid=453566735&utmr=-&utmp=%2FDefault.asp&utmht=1688059319667&utmac=UA-2785414-1&utmcc=__utma%3D144528489.1483854935.1688059320.1688059320.1688059320.1%3B%2B__utmz%3D144528489.1688059320.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1904774267&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1483854935.1688059320&jid=1904774267&_v=5.7.2&z=100811737

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request Default.asp Show response
www.mrrebates.com/
Redirect Chain

http://www.travis.com/
http://www.mrrebates.com/?refid=444459
https://www.mrrebates.com/Default.asp?refid=444459
http://www.mrrebates.com/
https://www.mrrebates.com/Default.asp

31 KB
8 KB

154ms
154ms

Document
text/html

64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

a97020e744b3abe78c638380f97ce82d2d6c724327d92d60386a56a9d76c9826

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 7500
Content-Type: text/html
Date: Thu, 29 Jun 2023 17:21:57 GMT
Server: Microsoft-IIS/7.0
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 158
Content-Type: text/html
Date: Thu, 29 Jun 2023 17:21:57 GMT
Location: https://www.mrrebates.com/Default.asp
Server: Microsoft-IIS/7.0
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET

GET
H/1.1 200
OK autocomplete.css
www.mrrebates.com/css/ 2 KB
857 B 116ms
115ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/autocomplete.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:29 GMT
Server: Microsoft-IIS/7.0
ETag: "80b2c4daa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 536

GET
H/1.1 200
OK foundation.css
www.mrrebates.com/css/ 78 KB
14 KB 229ms
113ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:38 GMT
Server: Microsoft-IIS/7.0
ETag: "0fd2113aa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 13904

GET
H/1.1 200
OK foundation-icons.css
www.mrrebates.com/css/ 20 KB
4 KB 430ms
213ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation-icons.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:04:59 GMT
Server: Microsoft-IIS/7.0
ETag: "80fe3fba944d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3641

GET
H/1.1 200
OK app_04_02_23.css
www.mrrebates.com/css/ 30 KB
5 KB 434ms
215ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/app_04_02_23.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

09fc5372a0dcaa9d0d62457c4f725e2a820d89a0aae0e6d7ed8d3e28ee86098a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Apr 2023 03:50:31 GMT
Server: Microsoft-IIS/7.0
ETag: "801daf6fdf65d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4807

GET
H/1.1 200
OK motion-ui.css
www.mrrebates.com/css/ 19 KB
2 KB 340ms
112ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/motion-ui.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Oct 2017 05:05:26 GMT
Server: Microsoft-IIS/7.0
ETag: "0effabaa44d31:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1581

GET
H/1.1 200
OK balloon.css
www.mrrebates.com/css/ 8 KB
1 KB 345ms
115ms Stylesheet
text/css 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/balloon.css

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Nov 2019 19:59:31 GMT
Server: Microsoft-IIS/7.0
ETag: "8053cbd9caa3d51:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1140

GET
H2 200 css
fonts.googleapis.com/ 8 KB
904 B 92ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8387be45312794b59f9248e0431a2005972ef84b520fd41a892146b267314a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 17:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 17:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 17:21:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
922 B 91ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Baloo+Paaji

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a146af07daafb63859b01378d9924e59b95f73d6d1cb4e503b9f9d37ca56be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Jun 2023 17:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 17:21:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Jun 2023 17:21:58 GMT

GET
H/1.1 200
OK common_functions.js Show response
www.mrrebates.com/includes/ 3 KB
1 KB 344ms
113ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/includes/common_functions.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 30 Oct 2018 20:08:29 GMT
Server: Microsoft-IIS/7.0
ETag: "eed23a538c70d41:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 984

GET
H/1.1 200
OK MrRebates_SmBlackGrn3.gif
s3.amazonaws.com/mr.basics/ 7 KB
7 KB 346ms
122ms Image
image/gif 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/MrRebates_SmBlackGrn3.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f7908da05a461f55cdf943e69bacc4fb8c21e112354b432905ea961cfd0cc971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Mon, 11 Nov 2019 21:06:10 GMT
Server: AmazonS3
x-amz-request-id: C8TYKQ4WN1J40N86
ETag: "e091e923ef5c74f624b04d58add00ec2"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 6772
x-amz-id-2: cgkBHh6/GfpZ6yV0ha+4e5IqTkjQpu642McEGeE0/pYMGRnHJnZjHibXImQdNBkUidP9EY6DP3E=
x-amz-meta-s3b-last-modified: 20161101T032100Z

GET
H/1.1 200
OK walmart_120_60.png
s3.amazonaws.com/mr.logos.2/ 4 KB
4 KB 354ms
130ms Image
image/png 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/walmart_120_60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Mon, 01 Feb 2021 05:50:33 GMT
Server: AmazonS3
x-amz-request-id: C8TRD48K0Y6J9CR4
ETag: "bc2a78fb6eb378037206d501d7f82048"
x-amz-meta-sha256: 0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3921
x-amz-id-2: 5Jj7Z6ukh622zl5vNsuX4Azsj2kWIap7G2reIaFZKIRNyET8OBSlW0Mgtbv13WqhYIaC2CxL7FU=
x-amz-meta-s3b-last-modified: 20210201T055027Z

GET
H/1.1 200
OK macys_120_60.png
s3.amazonaws.com/mr.logos.2/ 3 KB
3 KB 343ms
119ms Image
image/png 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/macys_120_60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Mon, 02 Dec 2019 01:36:39 GMT
Server: AmazonS3
x-amz-request-id: C8TGHPH1R2Z2HQZM
ETag: "ac947845bd19df687f4a3a22272cbb37"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2932
x-amz-id-2: gJuv+T8vQ8abvmXc2uDEvs6mwoz2nIyN9C9/KZd2VRJbagOeXXvxo5JYILGjvkf3TZlZbLh4jHM=
x-amz-meta-s3b-last-modified: 20191202T013542Z

GET
H/1.1 200
OK ebay.gif
s3.amazonaws.com/mr.logos.2/ 5 KB
5 KB 347ms
122ms Image
image/gif 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/ebay.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Mon, 07 Oct 2019 23:32:56 GMT
Server: AmazonS3
x-amz-request-id: C8TPJ7QYZHBRPXZM
ETag: "9b744c7988833ef3f9a1f06d391402f1"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 5165
x-amz-id-2: xM/dGAa4/w5YyYHj+knrtwvGEUtEDPlG7Ao0aMvGHU0PA0DviU94/x/H7T2SbPp60soR3PzW/hI=
x-amz-meta-s3b-last-modified: 20161031T161200Z

GET
H/1.1 200
OK beauty-week-2022-650.png
s3.amazonaws.com/mr.weekly.promos/2022/beauty/ 33 KB
33 KB 349ms
125ms Image
image/png 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.weekly.promos/2022/beauty/beauty-week-2022-650.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: afb53066676a49ba42207bf3620b7fd7677fcb3906479c7fec57f5a8587c47d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Mon, 27 Jun 2022 02:55:41 GMT
Server: AmazonS3
x-amz-request-id: C8TGHN3KSC6D1KM2
ETag: "5716ff614f639764df9ce4c7387ba4b5"
x-amz-meta-sha256: afb53066676a49ba42207bf3620b7fd7677fcb3906479c7fec57f5a8587c47d8
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 33449
x-amz-id-2: VawEDBDq4975fUQXfBXmSha3BfEFsuW4Ba/CWhH14ogFk5TZrkTQdrys61ehz0rs45N5DrKEnHI=
x-amz-meta-s3b-last-modified: 20220624T105823Z

GET
H/1.1 200
OK beauty-week-2022-352.png
s3.amazonaws.com/mr.weekly.promos/2022/beauty/ 24 KB
24 KB 344ms
120ms Image
image/png 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.weekly.promos/2022/beauty/beauty-week-2022-352.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 57bfb13daa0b483812188d78e1b17cf9e0f5b2d2660d767ad22c8d6020b7f8c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Mon, 27 Jun 2022 02:55:41 GMT
Server: AmazonS3
x-amz-request-id: C8TGX5R9FD6NVPQG
ETag: "61a13ee31beaf30474aa893e9fb425af"
x-amz-meta-sha256: 57bfb13daa0b483812188d78e1b17cf9e0f5b2d2660d767ad22c8d6020b7f8c3
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 24554
x-amz-id-2: v9pq7rQoVXlkKKg3pzbiouX2rpi6zyCZP8xpte4BWk9UrrXLzzC6yBA3hf/5VCLUBFDaFx7yf6k=
x-amz-meta-s3b-last-modified: 20220624T105823Z

GET
H/1.1 200
OK beauty-week-2022-310.png
s3.amazonaws.com/mr.weekly.promos/2022/beauty/ 23 KB
24 KB 122ms
121ms Image
image/png 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.weekly.promos/2022/beauty/beauty-week-2022-310.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 482eeb17ad17b7616da9fe06e78c4e378ffc827cf87d2a4e460f7c325a12b278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Mon, 27 Jun 2022 02:55:40 GMT
Server: AmazonS3
x-amz-request-id: N36DYVD28X4YYFXB
ETag: "9333135ebfd39a3ff08db4a10bf4dedf"
x-amz-meta-sha256: 482eeb17ad17b7616da9fe06e78c4e378ffc827cf87d2a4e460f7c325a12b278
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23796
x-amz-id-2: MvEm93I7l3tY7Bz00as9OVkJR05rnt344/+TpwRgTUrP08TmDfpvYkinVCJAk2CBfR7+6c2cWXs=
x-amz-meta-s3b-last-modified: 20220624T105823Z

GET
H/1.1 200
OK qvc_06292023.jpg
s3.us-east-1.amazonaws.com/mr.hero/ 83 KB
84 KB 361ms
131ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.hero/qvc_06292023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 881ce9ba2a798aabcffd22efa78276ccbea9cc0652529e0a21b4403bf8159a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Thu, 22 Jun 2023 20:38:31 GMT
Server: AmazonS3
x-amz-request-id: C8TMVSX073YF26TY
ETag: "1bbb3218aba5dbf07d0df8973b2a94b5"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 881ce9ba2a798aabcffd22efa78276ccbea9cc0652529e0a21b4403bf8159a2a
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 85178
x-amz-id-2: nE4WfZZf6fxk0VT++WILCIomjDjXnG7VMMBznHR9sgtVbMkd2dDpDxjMAxny5HMgHU41M+Vt0cc=
x-amz-meta-s3b-last-modified: 20230622T201900Z

GET
H/1.1 200
OK skin_store_120x60.jpg
s3.amazonaws.com/mr.logos.2/ 4 KB
5 KB 118ms
118ms Image
image/jpeg 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/skin_store_120x60.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25148c18c1a2a320a236a1d783b29201cbd4bb9bfdf4431473cfd9ca82045899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Thu, 05 Nov 2020 21:14:44 GMT
Server: AmazonS3
x-amz-request-id: N36EVQ61KSYQVGER
ETag: "85f3de12a1fd364366364db388bf5c1f"
x-amz-meta-sha256: 25148c18c1a2a320a236a1d783b29201cbd4bb9bfdf4431473cfd9ca82045899
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4483
x-amz-id-2: RIU/eaE2ElsjlpaptGQBwtMi6TR5F/u73aF7Rg+y9M4zgV5Hgnuxm5HNUmBqlG/A5D/SJPctZXY=
x-amz-meta-s3b-last-modified: 20201105T211200Z

GET
H/1.1 200
OK murad_120x60.png
s3.amazonaws.com/mr.logos.2/ 1 KB
2 KB 118ms
118ms Image
image/png 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.logos.2/murad_120x60.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 99b11effe2c620fb6e4fad00074beacf0b81463979eabb8c6929ab2e916d94d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Thu, 02 Jul 2020 21:25:58 GMT
Server: AmazonS3
x-amz-request-id: N36EXWWQFFDX1KH6
ETag: "c0af088f953cc96aec902ce26e5056cf"
x-amz-meta-sha256: 99b11effe2c620fb6e4fad00074beacf0b81463979eabb8c6929ab2e916d94d4
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1348
x-amz-id-2: nbmQQKpQt5sDx48rNEzI4xRFz17GH7/Pe928DMsV0Sb/mnfXhZ10d9JSAq0xb4ptoxmdifLUcek=
x-amz-meta-s3b-last-modified: 20200702T212400Z

GET
H/1.1 200
OK the_north_face_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 4 KB
4 KB 352ms
123ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/the_north_face_logo.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e1c36871d227fc4adb87d3ab37f141349a0479765646719e0d875ccb195aeb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:59 GMT
Last-Modified: Tue, 08 Oct 2019 20:21:01 GMT
Server: AmazonS3
x-amz-request-id: C8TXDQ69YBEGJCQX
ETag: "c1372e17fbd16ec010d86700391aacd0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4142
x-amz-id-2: t6actBGoRNwjrratxu64u5Nqfvnq4YozM/JFesxoDEa1F+UCk5dOlXVxbJehBe5rgLO+qOQbbF0=
x-amz-meta-s3b-last-modified: 20190621T223200Z

GET
H/1.1 200
OK under_armour_logo_2017.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
3 KB 334ms
124ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/under_armour_logo_2017.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bc9e8ad84b1ccdbf268a2a51c7b348e70f541be98a06d30decf66681fd81edb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:21:04 GMT
Server: AmazonS3
x-amz-request-id: N36FY89HH3M0ACCH
ETag: "283240792483e63177ee56a04da271c8"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3063
x-amz-id-2: fFdPPCRksAieyCqoUpD7UdYGewaspLshsykbYnsU2chicGEBo8S1VbhvPVwk15uILQ3wXXo9Ry8=
x-amz-meta-s3b-last-modified: 20181127T202800Z

GET
H/1.1 200
OK bloomingdales_logo.gif
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 2 KB
3 KB 339ms
127ms Image
image/gif 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/bloomingdales_logo.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 94659a108f2d170dabfd1c524d56bbfa6d7a74323141943f6e8a27d43df332fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:17 GMT
Server: AmazonS3
x-amz-request-id: N36B5Y8YQQJSWD4Y
ETag: "4641efcc1b09083370d372f0c250f984"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 2256
x-amz-id-2: ysHjwu6Rz1cVkDTgvvhndU4oYVMiGwNNfOU3on5Qdu72SVGaiAYwLLM6nZBk7bVtwhRERQgGF6w=
x-amz-meta-s3b-last-modified: 20190405T224500Z

GET
H/1.1 200
OK home_depot_06222023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 6 KB
7 KB 119ms
118ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/home_depot_06222023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ca21700a81e0eb29f37ae719b2a43188592d3dcca9338e82a5b13689a4e6c991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 14 Jun 2023 16:23:29 GMT
Server: AmazonS3
x-amz-request-id: N360Q5B7S2WVBVAF
ETag: "732d25456f96c37ae0bb675ee88cf444"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: ca21700a81e0eb29f37ae719b2a43188592d3dcca9338e82a5b13689a4e6c991
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6448
x-amz-id-2: xk7Vi/DTcKySZW6Bs4IUUtI1SgVYXm8AkzoN13+Gz/RB+v/dRr1Lk4iM8JIxJj47Y7UcBDfszZM=
x-amz-meta-s3b-last-modified: 20230614T162245Z

GET
H/1.1 200
OK belk_logo_2019.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 2 KB
3 KB 134ms
134ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/belk_logo_2019.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4baa39b03dad19b6f05a9cb939794cd191cf2462b19a287a7b91c70628cf1e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Fri, 22 Nov 2019 22:50:27 GMT
Server: AmazonS3
x-amz-request-id: N36E2BCVG77BCFS5
ETag: "04c72d7d5d4c124b31de96ae9dcf6386"
x-amz-meta-sha256: 4baa39b03dad19b6f05a9cb939794cd191cf2462b19a287a7b91c70628cf1e3c
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2184
x-amz-id-2: MLT8eVemHi2NNJMt4jKjm1JmEV/s9cFr4xJ1/cFiOV4UMTzwFSn1g95BE7I5F5PlQ1ArptFzALE=
x-amz-meta-s3b-last-modified: 20191122T224800Z

GET
H/1.1 200
OK macys_logo_2019.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 10 KB
10 KB 118ms
117ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/macys_logo_2019.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 539f7785660d9419ffc3a0956eebc8eae001b4658896736a84d61030844db2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:43 GMT
Server: AmazonS3
x-amz-request-id: N3639MBX1XG7PQG3
ETag: "310004b54a80026b3c4193853628be3a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 9954
x-amz-id-2: gaiTLNi1/MFQArI8RZI9gNmCBR5dTqlMA/dg9v9JLgpJjiRCJ4fCO16O2gJbyOHRRZoVf6p6BFs=
x-amz-meta-s3b-last-modified: 20190829T193100Z

GET
H/1.1 200
OK vitamin_world_logo_2023.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
3 KB 193ms
118ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/vitamin_world_logo_2023.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f9b501f500d4eff727517ac4e624e31b6e6f9c1b22ab2ce26e35b306da35c84b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Fri, 23 Jun 2023 20:10:36 GMT
Server: AmazonS3
x-amz-request-id: N36C2JK9K6VAXBAR
ETag: "4331c0db5717ed2663a8b03e08849987"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: f9b501f500d4eff727517ac4e624e31b6e6f9c1b22ab2ce26e35b306da35c84b
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2864
x-amz-id-2: kxs7pPsNeMUt4s+9IjsLUDyf31mMYgdzE0Q8S84FpLKgicBIfrGYorBEcbEzxcsShm26Vp43h34=
x-amz-meta-s3b-last-modified: 20230623T201014Z

GET
H/1.1 200
OK perricone_logo.gif
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
3 KB 206ms
119ms Image
image/gif 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/perricone_logo.gif
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 06 Nov 2019 20:42:47 GMT
Server: AmazonS3
x-amz-request-id: N36D8DN8KVMQ0XKN
ETag: "135b9afa93ecc58a4bdabf8a918a2f98"
x-amz-meta-sha256: 3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 2836
x-amz-id-2: 9Imcs37JW0URYo+8wdc/hVtI7F09VVGJ2Njdoq0obSzxGMCizbt/K9jkvtB/lhE2zCYiDmJNC4s=
x-amz-meta-s3b-last-modified: 20170120T202800Z

GET
H/1.1 200
OK ihg_logo_2021.png
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 3 KB
4 KB 166ms
121ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/ihg_logo_2021.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Fri, 30 Apr 2021 19:24:47 GMT
Server: AmazonS3
x-amz-request-id: N368SRT9AQPW77PE
ETag: "d16595a6fb197d881aacffded688e43f"
x-amz-meta-sha256: ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3336
x-amz-id-2: KAVyPQ8Ht1mYsZn90H47A2ai7ZrNbpzLuQKsmYQfrJXHBot1vVAuctk+41yRVVndFeU3aC3/k4o=
x-amz-meta-s3b-last-modified: 20210430T192439Z

GET
H/1.1 200
OK space_nk_logo.png
s3.us-east-1.amazonaws.com/mr.newsletter/ 6 KB
7 KB 164ms
115ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.newsletter/space_nk_logo.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 603a60e3f4ff3bbb95297d0d73c5fb9da134b68284331a2e4cd51138e4eb123c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Mon, 08 May 2023 16:34:28 GMT
Server: AmazonS3
x-amz-request-id: N36A5R8TTTCE6PGH
ETag: "db663a34d771b770219d391f07ca92b9"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 603a60e3f4ff3bbb95297d0d73c5fb9da134b68284331a2e4cd51138e4eb123c
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6198
x-amz-id-2: nTeHAkwhnROuTwSC7dHkadSgduA2XnFUGs0hxj4fTa3ZlMByM2WE4Qlnyh10OD3WoT+fS3qgPF4=
x-amz-meta-s3b-last-modified: 20230508T163418Z

GET
H/1.1 200
OK gopuff_logo.png
s3.us-east-1.amazonaws.com/mr.newsletter/ 7 KB
8 KB 190ms
115ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.newsletter/gopuff_logo.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2bdee1fdf2a6455442114f2179e783a9d070a8b9d578e017b2dff1a7c361d98b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Mon, 29 Aug 2022 20:35:45 GMT
Server: AmazonS3
x-amz-request-id: N363K2J3H6DF8NXX
ETag: "92ea0c132e948e81c53302cbcb07baac"
x-amz-meta-sha256: 2bdee1fdf2a6455442114f2179e783a9d070a8b9d578e017b2dff1a7c361d98b
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7251
x-amz-id-2: LFXBe0BiibO0WtbwPlWPNjb87wOZVkiV5tu2M1l3xddIIMpgliTjlOrTVQXHjzKxYV6dNqhP+m0=
x-amz-meta-s3b-last-modified: 20220829T203500Z

GET
H/1.1 200
OK levis_logo.jpg
s3.us-east-1.amazonaws.com/mr.weekly.deals/ 26 KB
27 KB 189ms
117ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.weekly.deals/levis_logo.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f507fd5767c7df5ecf7a68c8572a985de5f809a433628b50d703ce52d0cc4fa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Tue, 08 Oct 2019 20:20:42 GMT
Server: AmazonS3
x-amz-request-id: N3625EDDWXHVSMMD
ETag: "20534f424baa87c0470611a79d243962"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 26807
x-amz-id-2: QLVwL+r/D0NJRd2t1neEOsg6DM8KSIdwmv9wienFagN8l8m+5zPuMdrlkUSVYHikUyABNE/mgN0=
x-amz-meta-s3b-last-modified: 20181229T002100Z

GET
H/1.1 200
OK ez_contacts_88x31.jpg
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
2 KB 140ms
126ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/ez_contacts_88x31.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 13fa4260b29d13781d9b6559ed087e5a820b77627e51160556b8ee861e989997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 28 Jun 2023 19:59:20 GMT
Server: AmazonS3
x-amz-request-id: N368M26YP7VJ0KY9
ETag: "4f81f276166b9b039c3eab31a8c7c0ae"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 13fa4260b29d13781d9b6559ed087e5a820b77627e51160556b8ee861e989997
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1770
x-amz-id-2: RvDSCRv+uu87jHQQLnqEKjjx9OKu1Qw1DpT/gh7H9NRkROR1cB5rdYVZNxAXVzTF3dcHey5vHBE=
x-amz-meta-s3b-last-modified: 20230628T195832Z

GET
H/1.1 200
OK finn_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 1 KB
2 KB 131ms
128ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/finn_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 405497f1c151b84592651b8420e6b4a13fec08b14bb47eb8510361bb923c0b47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:11:19 GMT
Server: AmazonS3
x-amz-request-id: N3690166E7CX9K19
ETag: "0058dc42d8b0d65daa0d4befa347f696"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 405497f1c151b84592651b8420e6b4a13fec08b14bb47eb8510361bb923c0b47
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1123
x-amz-id-2: zfxVAd6PtEi+fQYipC9b2R++aVaa9R6XpgZd7K6Dw9RpRnUAv/tEND0SR0OfYpy1scyJklP/0cw=
x-amz-meta-s3b-last-modified: 20230628T200818Z

GET
H/1.1 200
OK air_doctor_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 3 KB
3 KB 114ms
114ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/air_doctor_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 214ff01695c07da1069a66f57ac0656ab50a2b0b0d77463cfd7ef0072a09d4b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:17:09 GMT
Server: AmazonS3
x-amz-request-id: N36E0Q92MJDA4FDG
ETag: "3d7e89545aed92a6b75051ee8732113c"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 214ff01695c07da1069a66f57ac0656ab50a2b0b0d77463cfd7ef0072a09d4b5
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2888
x-amz-id-2: 8NinGdhobxhmFWdlY7uyCtvdykWOH0rjcsuM6nbFXdXeH49gdLNPffPUg63glI7iebZSHW350vA=
x-amz-meta-s3b-last-modified: 20230628T201630Z

GET
H/1.1 200
OK decathalon_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
3 KB 118ms
118ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/decathalon_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 566488b564a96e84f103ff5ead2947fd27d6cdabec09c6abf03e23d3260946bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:27:59 GMT
Server: AmazonS3
x-amz-request-id: N363H48TSXW4V8MM
ETag: "9eb8473737b75a0c145aae780571ec6d"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 566488b564a96e84f103ff5ead2947fd27d6cdabec09c6abf03e23d3260946bf
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2377
x-amz-id-2: q5Za3XVyL8uGy1hoBtOmgnX5VK2vph1UAJLxQSi4mpPfbx/TQwPr4G6a/8y9W+IR9Gtult2J0xo=
x-amz-meta-s3b-last-modified: 20230628T202726Z

GET
H/1.1 200
OK magid_88x31.jpg
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
2 KB 117ms
117ms Image
image/jpeg 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/magid_88x31.jpg
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1eb2b5f41ce1dabcae9dd8e6600bc582b4c3ada12cfd75bedb7269e9a0ce146b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:41:14 GMT
Server: AmazonS3
x-amz-request-id: N36CFZ7F1ST3WHEG
ETag: "4b70692b692b7075ddd6929a74095786"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1eb2b5f41ce1dabcae9dd8e6600bc582b4c3ada12cfd75bedb7269e9a0ce146b
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1723
x-amz-id-2: lUDAJ4DVw5eUXU/h/LBE1w2BxWVTLfEw+lLEK1AOSSxHc6HWKPltwaJgfV9IaEwcJUl4RXIjt6c=
x-amz-meta-s3b-last-modified: 20230628T203837Z

GET
H/1.1 200
OK woolfit_88x31.png
s3.us-east-1.amazonaws.com/mr.logos.1/ 2 KB
3 KB 117ms
116ms Image
image/png 54.231.130.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-east-1.amazonaws.com/mr.logos.1/woolfit_88x31.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.130.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a7f45ec573bb8f2739718361f60138d657532ce15164de537d99fed4b21cd2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Wed, 28 Jun 2023 20:59:58 GMT
Server: AmazonS3
x-amz-request-id: N363D8VP5GM2Z3PE
ETag: "591bc5afc36b4d0365eb89a681d31b4f"
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: a7f45ec573bb8f2739718361f60138d657532ce15164de537d99fed4b21cd2c7
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2446
x-amz-id-2: zy0qv+A7lsSOaBkfYKvMu3jZc7PGZVT5SJyoyRbmE9BG3ZKkmY7XNGb83INfZL9EY5sdqnokB7A=
x-amz-meta-s3b-last-modified: 20230628T205910Z

GET
H/1.1 200
OK Chrome_Icon_tiny.png
s3.amazonaws.com/mr.basics/ 493 B
897 B 118ms
118ms Image
image/png 52.216.42.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mr.basics/Chrome_Icon_tiny.png
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.42.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:22:00 GMT
Last-Modified: Mon, 11 Nov 2019 21:11:58 GMT
Server: AmazonS3
x-amz-request-id: N3677Q6SA377KM8E
ETag: "2dd7917117914767d869c2100764e9e6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 493
x-amz-id-2: 8Plke+lGkKshdP50G/4o9baKtBioXU5WY/wEN3NHDoalIQ1ihZmkkh4BuVcc+ov3NQ5OJ5+B3Ec=
x-amz-meta-s3b-last-modified: 20171201T203000Z

GET
H/1.1 200
OK jquery.js Show response
www.mrrebates.com/js/vendor/ 83 KB
38 KB 341ms
341ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/jquery.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:03 GMT
Server: Microsoft-IIS/7.0
ETag: "4792cb55f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 38298

GET
H/1.1 200
OK jquery.min.js Show response
www.mrrebates.com/js/vendor/ 82 KB
37 KB 118ms
117ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/jquery.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:02 GMT
Server: Microsoft-IIS/7.0
ETag: "e7d83055f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 37750

GET
H/1.1 200
OK what-input.min.js Show response
www.mrrebates.com/js/vendor/ 2 KB
1 KB 112ms
112ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/vendor/what-input.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:28:01 GMT
Server: Microsoft-IIS/7.0
ETag: "871f9654f833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 995

GET
H/1.1 200
OK foundation.min.js Show response
www.mrrebates.com/js/ 91 KB
31 KB 292ms
218ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:18 GMT
Server: Microsoft-IIS/7.0
ETag: "2722493bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 31728

GET
H/1.1 200
OK app.js Show response
www.mrrebates.com/js/ 25 B
480 B 109ms
108ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/app.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:20 GMT
Server: Microsoft-IIS/7.0
ETag: "27b1403cf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 142

GET
H/1.1 200
OK foundation.equalizer.js Show response
www.mrrebates.com/js/foundation/ 3 KB
2 KB 127ms
112ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation/foundation.equalizer.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:45 GMT
Server: Microsoft-IIS/7.0
ETag: "c78584bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1260

GET
H/1.1 200
OK foundation.dropdown.js Show response
www.mrrebates.com/js/foundation/ 11 KB
4 KB 228ms
112ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/foundation/foundation.dropdown.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:46 GMT
Server: Microsoft-IIS/7.0
ETag: "e784f74bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3589

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 83ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 12:19:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 12:19:48 GMT

GET
H/1.1 200
OK jquery.autocompleter.js Show response
www.mrrebates.com/js/ 33 KB
9 KB 115ms
113ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/jquery.autocompleter.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:17 GMT
Server: Microsoft-IIS/7.0
ETag: "8720a03af833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 8889

GET
H/1.1 200
OK ac_stores.js Show response
www.mrrebates.com/js/ 95 KB
30 KB 342ms
228ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/ac_stores.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

12bc9a0515a09479e783b527f6567d63a2bbaa0704b792a22b6aa02c82b0dcb8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jun 2023 14:38:54 GMT
Server: Microsoft-IIS/7.0
ETag: W/"3f6eb66d97aad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 29866

GET
H/1.1 200
OK ac_create.js Show response
www.mrrebates.com/js/ 1 KB
795 B 114ms
113ms Script
application/x-javascript 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/js/ac_create.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/Default.asp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Nov 2016 04:27:19 GMT
Server: Microsoft-IIS/7.0
ETag: "67acc93bf833d21:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 457

GET
H2 200 43b83f81b3c085a4cb6db4ed98b96827.js Show response
eu.cookie-script.com/s/ 12 KB
4 KB 107ms
35ms Script
application/javascript 185.14.184.154
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.cookie-script.com/s/43b83f81b3c085a4cb6db4ed98b96827.js
Requested by: Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.14.184.154 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Jun 2023 17:21:58 GMT
content-encoding: gzip
last-modified: Thu, 29 Jun 2023 17:08:21 GMT
x-cache-status: HIT
content-length: 3709
content-type: application/javascript

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 25 KB
26 KB 84ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:06:17 GMT
x-content-type-options: nosniff
age: 162942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 20:06:17 GMT

GET
H2 200 8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2
fonts.gstatic.com/s/baloopaaji/v21/ 25 KB
25 KB 103ms
48ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloopaaji/v21/8AttGsyxM5KQQU-Y4MTwVanUqRo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baloo+Paaji

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:58:09 GMT
x-content-type-options: nosniff
age: 426230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25900
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:14:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 18:58:09 GMT

GET
H/1.1 200
OK foundation-icons.woff
www.mrrebates.com/css/ 31 KB
32 KB 293ms
217ms Font
application/x-font-woff 64.106.178.205
DATAPIPE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mrrebates.com/css/foundation-icons.woff

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/css/foundation-icons.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

64.106.178.205 , United States, ASN14492 (DATAPIPE, US),

Reverse DNS

Software

Microsoft-IIS/7.0 / ASP.NET

Resource Hash

8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.mrrebates.com/css/foundation-icons.css
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 29 Jun 2023 17:21:58 GMT
Last-Modified: Sat, 14 Oct 2017 05:05:37 GMT
Server: Microsoft-IIS/7.0
ETag: "a386913aa44d31:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Accept-Ranges: bytes
Content-Length: 32020

GET
H2 200 u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2
fonts.gstatic.com/s/cabin/v26/ 16 KB
17 KB 71ms
23ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4V0qWljRw-Pd815fNqc8T_wAFcX-c37MPiNYlWniJ2hJXH9fKVxUbv.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500i,500,700%20|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrrebates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 12:13:32 GMT
x-content-type-options: nosniff
age: 104907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16732
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:42:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 12:13:32 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrrebates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Jun 2023 16:13:50 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4089
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 29 Jun 2023 18:13:50 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=100811737&utmhn=www.mrrebates.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Mr....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1483854935.1688059320&jid=1904774267&_v=5.7.2&z=100811737

35 B
337 B

91ms
33ms

Image
image/gif

2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1483854935.1688059320&jid=1904774267&_v=5.7.2&z=100811737

Requested by

Host: www.mrrebates.com
URL: https://www.mrrebates.com/Default.asp

Protocol

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrrebates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Jun 2023 17:21:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Jun 2023 17:21:59 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2785414-1&cid=1483854935.1688059320&jid=1904774267&_v=5.7.2&z=100811737
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.mrrebates.com/Default.asp(Line 598) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.mrrebates.com/Default.asp(Line 598) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
eu.cookie-script.com
fonts.googleapis.com
fonts.gstatic.com
s3.amazonaws.com
s3.us-east-1.amazonaws.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.mrrebates.com
www.travis.com
185.14.184.154
2a00:1450:4001:806::2003
2a00:1450:4001:828::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9d
52.216.42.112
54.231.130.176
64.106.178.205
69.163.153.22
074a85deae7abf5198de7802f2dc0aba809f100988efb4c255444c804e8e628d
09fc5372a0dcaa9d0d62457c4f725e2a820d89a0aae0e6d7ed8d3e28ee86098a
0c57e64247afe00b75a196664c0fc899699dcb4183170316110a28b3b212003a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12bc9a0515a09479e783b527f6567d63a2bbaa0704b792a22b6aa02c82b0dcb8
13fa4260b29d13781d9b6559ed087e5a820b77627e51160556b8ee861e989997
19632b60c37b4d80c62136863523a79de9b942e67cb6cb84d4b1daec7f4c8b48
1aa643e95e2150e824974ed0487bb7d32c5abf21af357adf49df624bd2ea17c9
1cc84587bba9b6912be24f688531aeb9cf74a8107609dd9dcc4b002e8f65a1ca
1eb2b5f41ce1dabcae9dd8e6600bc582b4c3ada12cfd75bedb7269e9a0ce146b
214ff01695c07da1069a66f57ac0656ab50a2b0b0d77463cfd7ef0072a09d4b5
25148c18c1a2a320a236a1d783b29201cbd4bb9bfdf4431473cfd9ca82045899
2bdee1fdf2a6455442114f2179e783a9d070a8b9d578e017b2dff1a7c361d98b
3182a2d06121f3b8cb39cd885c4e0848a28ddadd369a0a4d83cb97b175d60b7e
3dae6fd96e8294a33a28a8cff86a88bb2dbed58507413f34f2a6c201aa7864d8
405497f1c151b84592651b8420e6b4a13fec08b14bb47eb8510361bb923c0b47
40d05a03997f8379253a3ce3874165c47bbf56dde5fdb0325512aa15754552be
4268828e332479438339207e75862c8ff4b195dab0aa5eb90ee5d10cec4057c9
439c1ebdc8dcea3638a209f65c0ea978657cc9da71b74877c411fc9ad9ae7375
482eeb17ad17b7616da9fe06e78c4e378ffc827cf87d2a4e460f7c325a12b278
49cc34435a855f5a5705f60c96f04147c6458eb69c461d9d06a9ead7f90ff3b2
4baa39b03dad19b6f05a9cb939794cd191cf2462b19a287a7b91c70628cf1e3c
539f7785660d9419ffc3a0956eebc8eae001b4658896736a84d61030844db2fd
55ee2b8a2268cbf035a6ccd868a38730d8d87ceddb9a4795f9a0ac760a4c5d90
566488b564a96e84f103ff5ead2947fd27d6cdabec09c6abf03e23d3260946bf
57bfb13daa0b483812188d78e1b17cf9e0f5b2d2660d767ad22c8d6020b7f8c3
603a60e3f4ff3bbb95297d0d73c5fb9da134b68284331a2e4cd51138e4eb123c
610be2b45df873dcbbcfcf877bcb9600c960592772a30bce00489a4af46170a8
70eaa33ccc8b976b4aa55605241d65f033f86b5b2aea28d35c91a4d4e800de6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
881ce9ba2a798aabcffd22efa78276ccbea9cc0652529e0a21b4403bf8159a2a
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8e1c36871d227fc4adb87d3ab37f141349a0479765646719e0d875ccb195aeb9
94659a108f2d170dabfd1c524d56bbfa6d7a74323141943f6e8a27d43df332fd
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
98a16b79e62868fd5ae283dc4ce077f2fb3fc35b6caa2a435883e362523fd801
99b11effe2c620fb6e4fad00074beacf0b81463979eabb8c6929ab2e916d94d4
9e60f0e36d8fb6146350b4af56f87057389ee4bf90ae2cf38072dbc950c7711e
a146af07daafb63859b01378d9924e59b95f73d6d1cb4e503b9f9d37ca56be94
a7f45ec573bb8f2739718361f60138d657532ce15164de537d99fed4b21cd2c7
a97020e744b3abe78c638380f97ce82d2d6c724327d92d60386a56a9d76c9826
aec2ab45f3bd23b177fa8ea13cf443a41a9bfd03f426e296a32e0fc021a5aad2
afb53066676a49ba42207bf3620b7fd7677fcb3906479c7fec57f5a8587c47d8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bc9e8ad84b1ccdbf268a2a51c7b348e70f541be98a06d30decf66681fd81edb6
c04c9e7f8b3e8bed397526dbcdc25cf88f56bb1863c17fd1a77241a8ac9a9fee
ca21700a81e0eb29f37ae719b2a43188592d3dcca9338e82a5b13689a4e6c991
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e166664c0772a64d48be8ade6b4d59cf11dbf7ceea6bedff6321a0e0d822a9d9
e22883a04526785bb35feb658da4974c160999432286921d7df30235cc21e4f3
e8387be45312794b59f9248e0431a2005972ef84b520fd41a892146b267314a1
e9ecdd43ad169b257e40b7fedba732c74f075bf6cdea63c41a0685a91de049e3
ee1cfdca1e2dd1e86263d40cc3d987c458cd67efb79d1b81018a18af9054753b
f507fd5767c7df5ecf7a68c8572a985de5f809a433628b50d703ce52d0cc4fa8
f7908da05a461f55cdf943e69bacc4fb8c21e112354b432905ea961cfd0cc971
f8c55b45dbb198323809a8ff75815000437d12262267ba33b12dbb209fd9edde
f9b501f500d4eff727517ac4e624e31b6e6f9c1b22ab2ce26e35b306da35c84b

www.mrrebates.com Open in urlscan Pro 64.106.178.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

44 %IPv6

8 Domains

10 Subdomains

8 IPs

4 Countries

633 kBTransfer

1125 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.mrrebates.com Open in urlscan Pro
64.106.178.205 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

8
IPs

4
Countries

633 kB
Transfer

1125 kB
Size

0
Cookies

57 HTTP transactions
0 data transactions