financessecure.com Open in urlscan Pro
2606:4700:3031::ac43:a6c1 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://financessecure.com/coupons
Submission: On July 16 via manual (July 16th 2020, 5:07:20 am UTC) from JP

Summary HTTP 114 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 25 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3031::ac43:a6c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is financessecure.com.

This is the only time financessecure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2606:4700:303... 2606:4700:3031::ac43:a6c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:21f... 2600:9000:21f3:b600:a:6e64:b280:93a1	16509 (AMAZON-02) (AMAZON-02)
19	104.111.215.232 104.111.215.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:21f... 2600:9000:21f3:1e00:1f:d9e6:d540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.81.108 13.225.81.108	16509 (AMAZON-02) (AMAZON-02)
5	104.111.224.80 104.111.224.80	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:26f0:6c0... 2a02:26f0:6c00:19b::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.195.70.92 34.195.70.92	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
1	151.101.113.2 151.101.113.2	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:193::26b2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	34.238.223.59 34.238.223.59	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	23.210.248.192 23.210.248.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	95.101.106.24 95.101.106.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
114	35

36 2606:4700:3031::ac43:a6c1 (United States)

ASN13335 (CLOUDFLARENET, US)

financessecure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:b600:a:6e64:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.schemaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.111.215.232 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-232.deploy.static.akamaitechnologies.com

static.ebates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:1e00:1f:d9e6:d540:93a1 (United States)

ASN16509 (AMAZON-02, US)

data.schemaapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.81.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-81-108.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.224.80 (Netherlands)

ASN16625 (AKAMAI-AS, US)

events.engager.ecbsn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:19b::13b8 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.3 (United States) 1 redirects

ASN15169 (GOOGLE, US)

tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.70.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)

2700447.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:193::26b2 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

r.r10s.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.223.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b9d8f63c1ac12f93500f91b6d6e57da9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.192 (Netherlands)

ASN16625 (AKAMAI-AS, US)

rat.rakuten.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.106.24 (Ascension Island)

ASN16625 (AKAMAI-AS, US)

rat.rakuten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	financessecure.com financessecure.com	449 KB
19	ebates.com static.ebates.com	225 KB
8	doubleclick.net 2 redirects 2700447.fls.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	111 KB
7	googlesyndication.com b9d8f63c1ac12f93500f91b6d6e57da9.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	12 KB
5	ecbsn.com events.engager.ecbsn.com comev.ecbsn.com Failed	3 KB
5	google.com ampcid.google.com adservice.google.com www.google.com apis.google.com	43 KB
5	schemaapp.com cdn.schemaapp.com data.schemaapp.com	9 KB
4	facebook.net connect.facebook.net	230 KB
3	facebook.com www.facebook.com	807 B
3	optimizely.com 1 redirects cdn.optimizely.com errors.client.optimizely.com	96 KB
2	r10s.jp r.r10s.jp	22 KB
2	quora.com a.quora.com q.quora.com	14 KB
2	bing.com bat.bing.com	8 KB
2	linksynergy.com 1 redirects tags.rd.linksynergy.com	630 B
2	googletagmanager.com 1 redirects www.googletagmanager.com	51 KB
2	google.de ampcid.google.de www.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	rakuten.com rat.rakuten.com	423 B
1	rakuten.co.jp rat.rakuten.co.jp	720 B
1	google.ch adservice.google.ch	887 B
1	simpli.fi tag.simpli.fi	791 B
1	googleadservices.com www.googleadservices.com	12 KB
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com	11 KB
1	segment.com cdn.segment.com	63 KB
114	25

	Domain	Requested by
36	financessecure.com	financessecure.com www.datadoghq-browser-agent.com
19	static.ebates.com	financessecure.com
5	events.engager.ecbsn.com	cdn.segment.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	2700447.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	connect.facebook.net	financessecure.com connect.facebook.net
3	www.facebook.com	www.datadoghq-browser-agent.com connect.facebook.net
3	securepubads.g.doubleclick.net	financessecure.com securepubads.g.doubleclick.net www.datadoghq-browser-agent.com
3	cdn.schemaapp.com	financessecure.com cdn.schemaapp.com
2	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com
2	apis.google.com	financessecure.com apis.google.com
2	r.r10s.jp	www.googletagmanager.com r.r10s.jp
2	bat.bing.com	www.googletagmanager.com
2	tags.rd.linksynergy.com	1 redirects financessecure.com
2	cdn.optimizely.com	1 redirects financessecure.com
2	www.googletagmanager.com	1 redirects financessecure.com
2	www.google-analytics.com	financessecure.com www.google-analytics.com
2	data.schemaapp.com	cdn.schemaapp.com www.datadoghq-browser-agent.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	rat.rakuten.com
1	rat.rakuten.co.jp
1	b9d8f63c1ac12f93500f91b6d6e57da9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de
1	www.google.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	q.quora.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	tag.simpli.fi
1	a.quora.com	financessecure.com
1	www.googleadservices.com	www.googletagmanager.com
1	errors.client.optimizely.com	www.datadoghq-browser-agent.com
1	www.datadoghq-browser-agent.com	financessecure.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	cdn.segment.com	financessecure.com
0	comev.ecbsn.com Failed	financessecure.com
114	37

This site contains links to these domains. Also see Links.

Domain
go.rakuten.com
www.rakuten.ca
www.ebates.com
www.rebates.jp
www.bfads.net
www.cartera.com
www.shopstyle.com
www.surveymonkey.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
youtube.com
www.linkedin.com
global.rakuten.com
rd.rakuten.co.jp

Subject Issuer	Validity	Valid
cdn.schemaapp.com Amazon	`2020-01-14` - `2021-02-14`	a year	crt.sh
*.ebates.com DigiCert SHA2 Secure Server CA	`2020-01-09` - `2021-04-09`	a year	crt.sh
*.schemaapp.com Amazon	`2019-09-13` - `2020-10-13`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.datadoghq-browser-agent.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-08` - `2021-04-07`	2 years	crt.sh
www.ebatescanada.com GeoTrust RSA CA 2018	`2020-06-08` - `2020-12-13`	6 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.rd.linksynergy.com Thawte RSA CA 2018	`2020-01-03` - `2022-01-05`	2 years	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
quora.com Let's Encrypt Authority X3	`2020-07-12` - `2020-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.quora.com Let's Encrypt Authority X3	`2020-07-12` - `2020-10-10`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://financessecure.com/coupons
Frame ID: 7EBCFC75F003CC421EF2EFED90BE8921
Requests: 110 HTTP requests in this frame

Frame: http://2700447.fls.doubleclick.net/activityi;dc_pre=COu3iJeA0eoCFXjCEQgd_FkEyA;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
Frame ID: 852C95470100FA9D852346400E6B016B
Requests: 1 HTTP requests in this frame

Frame: http://2700447.fls.doubleclick.net/activityi;dc_pre=CK6yiJeA0eoCFVeuewoduTACww;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1
Frame ID: 1A268BE4DF2BDE2D8E8811F94508CC17
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: BA0687342EC221579BA848CE087E6A86
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: C1CB91A07D877FC2E96A8F99B0D26223
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

114
Requests

56 %
HTTPS

59 %
IPv6

25
Domains

37
Subdomains

35
IPs

5
Countries

1407 kB
Transfer

4004 kB
Size

8
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://go.rakuten.com/open-app
Title: FinancesSecure Mobile Apps

Search URL Search Domain Scan URL

URL: https://www.rakuten.ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.ebates.com/kr/
Title: Korea

Search URL Search Domain Scan URL

URL: https://www.rebates.jp/
Title: Japan

Search URL Search Domain Scan URL

URL: https://www.bfads.net/
Title: BFAds

Search URL Search Domain Scan URL

URL: http://www.cartera.com/
Title: Cartera

Search URL Search Domain Scan URL

URL: https://www.shopstyle.com/
Title: ShopStyle

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/r/rakuten-influencer
Title: Influencers & Partners

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rakuten/

Search URL Search Domain Scan URL

URL: https://twitter.com/FinancesSecure

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/rakuten/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rakuten/

Search URL Search Domain Scan URL

URL: https://youtube.com/c/FinancesSecurechannel

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/rakutenrewards

Search URL Search Domain Scan URL

URL: http://global.rakuten.com/corp/about/sports_entertainment/

Search URL Search Domain Scan URL

URL: https://rd.rakuten.co.jp/s2/?R2=https%3A%2F%2Fwww.viki.com%2F&D2=638.0.254432.0.32266763&C3=8c4f956fd025fffc9af6ee87c5ee18029e98a06d
Title: FinancesSecure Viki

Search URL Search Domain Scan URL

URL: https://rd.rakuten.co.jp/s2/?R2=https%3A%2F%2Fwww.viber.com%2Fen%2F&D2=638.0.254432.0.32266765&C3=991b53e6275f2bfcf1afc630cd682cb68446693f
Title: FinancesSecure Viber

Search URL Search Domain Scan URL

URL: https://rd.rakuten.co.jp/s2/?R2=https%3A%2F%2Fwww.kobo.com%2F&D2=638.0.254432.0.32266764&C3=0b89bca361af97fbd21151cec125e851fc43e74f
Title: FinancesSecure Kobo

Search URL Search Domain Scan URL

URL: https://rd.rakuten.co.jp/s2/?R2=https%3A%2F%2Ftravel.rakuten.com%2F&D2=638.0.254432.0.32266767&C3=a98bee048bb4f5aabfff86e03de8a699a3f429c0
Title: FinancesSecure Travel

Search URL Search Domain Scan URL

URL: https://rd.rakuten.co.jp/s2/?R2=https%3A%2F%2Fglobal.rakuten.com%2Fcorp%2Fabout%2Fcompany%2F&D2=638.0.254432.0.32266779&C3=a39d9a4bd3a6fae9223f079e192d7c8874091763
Title: More services

Search URL Search Domain Scan URL

URL: https://rd.rakuten.co.jp/s2/?R2=https%3A%2F%2Fglobal.rakuten.com%2Fcorp%2Fabout%2F&D2=638.0.254432.0.32266778&C3=35b5d62314457a4626fab4c79f2d9810735a3c13
Title: About FinancesSecure

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

http://static.ebates.com/static/images/footer/FCBxNBA_JL.svg HTTP 307
https://static.ebates.com/static/images/footer/FCBxNBA_JL.svg

Request Chain 33

http://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F

Request Chain 36

http://cdn.optimizely.com/js/11298023376.js HTTP 301
https://cdn.optimizely.com/js/11298023376.js

Request Chain 57

http://tags.rd.linksynergy.com/cs?ns=ebates&uid1=19AC6F18D374B4311B62FB9&uid3=79144782250296517539857877490095295329&gtmcb=942786088 HTTP 301
https://tags.rd.linksynergy.com/cs?ns=ebates&uid1=19AC6F18D374B4311B62FB9&uid3=79144782250296517539857877490095295329&gtmcb=942786088

Request Chain 58

http://static.ebates.com/static/images/ui/expander/trans-white-grad-60x1.png HTTP 307
https://static.ebates.com/static/images/ui/expander/trans-white-grad-60x1.png

Request Chain 66

http://2700447.fls.doubleclick.net/activityi;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
http://2700447.fls.doubleclick.net/activityi;dc_pre=COu3iJeA0eoCFXjCEQgd_FkEyA;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Request Chain 67

http://2700447.fls.doubleclick.net/activityi;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1 HTTP 302
http://2700447.fls.doubleclick.net/activityi;dc_pre=CK6yiJeA0eoCFVeuewoduTACww;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1

Request Chain 92

http://static.ebates.com/images/signup/join_overlay/join-final-piggy-sprite.1.0.0.gif HTTP 307
https://static.ebates.com/images/signup/join_overlay/join-final-piggy-sprite.1.0.0.gif

Request Chain 97

http://static.ebates.com/static/svg/rakuten/rakuten_nav_white.svg HTTP 307
https://static.ebates.com/static/svg/rakuten/rakuten_nav_white.svg

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set coupons Show response
financessecure.com/ 457 KB
44 KB 552ms
515ms Document
text/html 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7654b8a06a98292108c96904d8a70283c1463e6a03607aba5f4e26c9ee998dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block
X-Xss-Protection	1; mode=block

Request headers

Host: financessecure.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d6698e9d7ab18a5faa0d7311f6c7912701594876022; expires=Sat, 15-Aug-20 05:07:02 GMT; path=/; domain=.financessecure.com; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
expires: 0
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OUR DELi IND PHY ONL UNI COM NAV INT DEM CNT STA PRE", policyref="/w3c/p3p.xml"
pragma: no-cache
request-id: adcdab8ac8330ee0718629e36d06802e
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
set-cookie: JSESSIONID=aaaIAQVuoPuqy_O8k-1mx; path=/; HttpOnly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
CF-Cache-Status: DYNAMIC
cf-request-id: 03f79de78d000016f23a2ec200000001
Server: cloudflare
CF-RAY: 5b393285abb016f2-FRA
Content-Encoding: gzip

GET
H2 200 highlight.js Show response
cdn.schemaapp.com/javascript/ 17 KB
6 KB 48ms
7ms Script
application/javascript 2600:9000:21f3:b600:a:6e64:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.schemaapp.com/javascript/highlight.js
Requested by: Host: financessecure.com
URL: http://financessecure.com/coupons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b600:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea71e2a952821b155724a25370bd09916ef5b7e1af83cda573e2fb434391d22a

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 14:34:02 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 14:31:34 GMT
server: AmazonS3
age: 52382
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 2cShkQQNmTk91rsWT2sVQl02xpoNX8ie
status: 200
cache-control: max-age=699840
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: SHXWTdu1JTFSka8sdgdEAzd_H-IVhZfrVZOxGXPnqmySk7qq-p9v-w==
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)

GET
H2 200 schemaFunctions.min.js Show response
cdn.schemaapp.com/javascript/ 986 B
1 KB 47ms
7ms Script
application/javascript 2600:9000:21f3:b600:a:6e64:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.schemaapp.com/javascript/schemaFunctions.min.js
Requested by: Host: financessecure.com
URL: http://financessecure.com/coupons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b600:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 739106827a3feb38afd1a20fb7a24f5a27da2ee98618a5b9209c75cb4e88c354

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 03:36:16 GMT
via: 1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
age: 5447
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 986
last-modified: Mon, 15 Jun 2020 16:13:00 GMT
server: AmazonS3
etag: "34e82d09b247b5ee733347e209676c81"
x-amz-version-id: .Dsm9ODtmbW8Hdaw.k9FUo_s5KBM6S5v
cache-control: max-age=25200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: zINSxG9EGXYOG8tF3BJ0nIB0OPwuhAhlzEzd9JG4sGkpi1YqgdZnFA==

GET
H/1.1 200
OK ebates-rebrand-67b693f143.css
financessecure.com/dist/static/rev/scss/ 268 KB
49 KB 31ms
25ms Stylesheet
text/css 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80236f9a0c54850b99645385c4c89af4b22da6400281813fa9d26b27e9bf5de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88171
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: a38a3d21ccfa21056e963f4287488392
cf-request-id: 03f79de99a000097cc440bd200000001
Pragma: public
Last-Modified: Mon, 13 Jul 2020 23:03:51 GMT
Server: cloudflare
etag: W/"42e30-5aa5ab43fa676"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b393288f92d97cc-FRA
Expires: Thu, 13 Aug 2020 03:03:41 GMT

GET
H/1.1 200
OK home-869656a96c.css
financessecure.com/dist/static/rev/scss/styles/local/home/ 4 KB
2 KB 24ms
18ms Stylesheet
text/css 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/scss/styles/local/home/home-869656a96c.css

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c6c8c42052f422b2a54926c2781ee4c49dee2c9fae0397f4563faa24ee317f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88165
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 3fafb2a8237220200605b4472fd76fbe
cf-request-id: 03f79de99a00009ace4b14d200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"1164-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b393288faf59ace-FRA
Expires: Thu, 06 Aug 2020 05:45:00 GMT

GET
H/1.1 200
OK jquery-1.10.3.min.js Show response
financessecure.com/global_files/js/jquery/ 91 KB
33 KB 29ms
23ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

700374919b6ff85414c94daa6f8a85e5b6c044a539a861d9f0e29d06b003d806

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 356f74921a52db65e97dd3f677596d03
cf-request-id: 03f79de99e0000dfcb9f955200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"16b89-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b393288fa8cdfcb-FRA
Expires: Thu, 06 Aug 2020 05:45:00 GMT

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
financessecure.com/global_files/js/jquery/ 7 KB
4 KB 22ms
16ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/js/jquery/jquery-migrate-1.2.1.min.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 0b0341c6e9b149c8e4af4563c7c3ed93
cf-request-id: 03f79de99b00000eafe2b8d200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"1c1f-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b393288ff710eaf-FRA
Expires: Thu, 06 Aug 2020 05:45:00 GMT

GET
H/1.1 200
OK ebates-main-f002bddc11.js Show response
financessecure.com/dist/static/rev/global/js/eba/ 7 KB
4 KB 21ms
15ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/js/eba/ebates-main-f002bddc11.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9182f154dde041ef16e80ec7daedbe988cb5cf9477afa3bca84951a8012b54cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 48
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 2dc63453383e440bfd0c5800c448c256
cf-request-id: 03f79de99b00000ebbdb393200000001
Pragma: public
Last-Modified: Wed, 08 Jul 2020 15:42:53 GMT
Server: cloudflare
etag: W/"1d32-5a9eff6020a63"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b393288fd250ebb-FRA
Expires: Sat, 08 Aug 2020 13:50:14 GMT

GET
H/1.1 200
OK eb-global-functions-39c0b65e41.js Show response
financessecure.com/dist/static/rev/global/js/eba/ 15 KB
6 KB 33ms
11ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/js/eba/eb-global-functions-39c0b65e41.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb9ddbe7a0649f9f79004ff1594bd3bd0ee435c875caebb09f13dda2e6c1f6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 48
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 04d5231dfa27a5102d867204eb13d1dc
cf-request-id: 03f79de9ab00000eafe2b8e200000001
Pragma: public
Last-Modified: Thu, 09 Jul 2020 22:08:41 GMT
Server: cloudflare
etag: W/"3d86-5aa0977916c40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b3932891f970eaf-FRA
Expires: Sat, 15 Aug 2020 05:06:15 GMT

GET
H/1.1 200
OK stats-8ddd31cb9a.js Show response
financessecure.com/dist/static/rev/global/analytics/ 13 KB
5 KB 27ms
11ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/analytics/stats-8ddd31cb9a.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e5ae918e7c7fc0e47a2150c3b7ea62043314f4798502881b8a9053086a4bff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: c71172f526ef78bd57b1c8aab7826858
cf-request-id: 03f79de9ab00000ebbdb398200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"34d3-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b3932891d570ebb-FRA
Expires: Thu, 06 Aug 2020 05:45:00 GMT

GET
H/1.1 200
OK opt-1e3f00c405.js Show response
financessecure.com/dist/static/rev/global/js/opt/ 4 KB
2 KB 32ms
14ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/js/opt/opt-1e3f00c405.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d873e9100b5a58124c1957cd2d89e1a2a181c6e34fbac33e0d739be9589ad0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: aa8eaeccba280f5dc432da3e71d5a6f2
cf-request-id: 03f79de9ad00009ace4b14e200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"1075-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b3932891b0f9ace-FRA
Expires: Thu, 06 Aug 2020 05:45:00 GMT

GET
H/1.1 200
OK logo3.png
financessecure.com/ 5 KB
5 KB 13ms
12ms Image
image/png 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://financessecure.com/logo3.png
Requested by: Host: financessecure.com
URL: http://financessecure.com/coupons
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67bba3b3eb8782491156087c3842c11018e204549b0d944d9e41760b163dd59f

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Thu, 16 Jul 2020 05:07:03 GMT
CF-Cache-Status: HIT
Last-Modified: Sun, 15 Mar 2020 12:15:57 GMT
Server: cloudflare
Age: 88170
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=5184000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5b3932896b3a9ace-FRA
Content-Length: 4961
cf-request-id: 03f79de9e300009ace4b150200000001
Expires: Tue, 08 Sep 2020 04:01:19 GMT

GET
H2 200 blank.gif
static.ebates.com/global_files/layout2009/images/sprites/ 43 B
449 B 96ms
40ms Image
image/gif 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/global_files/layout2009/images/sprites/blank.gif

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: QskClci3a8vs5eOrVRgVCLGMykhWT.v2
etag: "325472601571f31e1bf00674c368d335"
x-amz-request-id: B58748F877F8F263
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 43
x-amz-id-2: KK1X3D8Z4RZd63RiyviXl5IY8K8tLHexPB9sME46n3QYmAujy4v4mNom+wx7H+fDRsvQvgoCsrQ=
last-modified: Wed, 15 May 2019 19:54:02 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

GET
H/1.1 200
OK jquery.menu-aim.min.js Show response
financessecure.com/static/js/global/ 1 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/static/js/global/jquery.menu-aim.min.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b57813ede6b50cef6faf0a5528378618e5c031dd37aacb94ec2a153603363ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88169
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 04528510a6456810dcccf39b8bd6335e
cf-request-id: 03f79de9c5000016f23a302200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"5a5-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328938fa16f2-FRA
Expires: Thu, 06 Aug 2020 05:45:00 GMT

GET
H/1.1 200
OK coupon_stores-996d1a9566.js Show response
financessecure.com/dist/static/rev/coupons/ 2 KB
2 KB 10ms
10ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/coupons/coupon_stores-996d1a9566.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d80adb91c03478a6718f095dcb1c4c31e9f9452cc70ed69f7f8a0438626a8acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88160
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 9323f9b3e7f259833341cdb12cd91998
cf-request-id: 03f79de9c500009ace4b14f200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"6e3-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b3932893b1d9ace-FRA
Expires: Thu, 13 Aug 2020 18:49:38 GMT

GET
H2 200 aHR0cDovL2ZpbmFuY2Vzc2VjdXJlLmNvbQ Show response
cdn.schemaapp.com/highlighter/prod/ 2 B
448 B 793ms
778ms XHR
application/json 2600:9000:21f3:b600:a:6e64:b280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.schemaapp.com/highlighter/prod/aHR0cDovL2ZpbmFuY2Vzc2VjdXJlLmNvbQ
Requested by: Host: cdn.schemaapp.com
URL: https://cdn.schemaapp.com/javascript/highlight.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:b600:a:6e64:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA2-C2
x-cache: Error from cloudfront
status: 200
content-length: 2
last-modified: Tue, 11 Dec 2018 16:01:38 GMT
server: AmazonS3
etag: "99914b932bd37a50b983c5e7c90ae93b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 4FsmemwQuur.Z0jxvea6XGJagB0M87fi
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/json
x-amz-cf-id: UaiTekkeLL1wtqeNtV-piUAWTvOav30nCl5T8UDGG_jm00t_K6B1vw==

GET
H2 200 aHR0cDovL2ZpbmFuY2Vzc2VjdXJlLmNvbS9jb3Vwb25z Show response
data.schemaapp.com/Ebates/ 0
526 B 549ms
549ms XHR
application/json 2600:9000:21f3:1e00:1f:d9e6:d540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://data.schemaapp.com/Ebates/aHR0cDovL2ZpbmFuY2Vzc2VjdXJlLmNvbS9jb3Vwb25z

Requested by

Host: cdn.schemaapp.com
URL: https://cdn.schemaapp.com/javascript/schemaFunctions.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:1e00:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: AKJQ8-DU899-NR9UJ-CL6HM

Response headers

x-amz-version-id: null
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-cf-pop: FRA2-C2
x-cache: Error from cloudfront
status: 200
access-control-max-age: 3000
strict-transport-security: max-age=31536000; includeSubDomains;
content-length: 0
last-modified: Mon, 11 Jun 2018 21:03:27 GMT
server: AmazonS3
date: Thu, 16 Jul 2020 05:07:05 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: GGMMLascdFrscCZS2go6MsWVCNX54bHmo_Xa6Eg7tTeq969pcFcJvA==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/vLFussC4XChxcOvzEXgApiBtItELHGtW/ 346 KB
63 KB 82ms
34ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/vLFussC4XChxcOvzEXgApiBtItELHGtW/analytics.min.js
Requested by: Host: financessecure.com
URL: http://financessecure.com/coupons
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.99.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5962f0d0d4c9ab53c579cefad60d451954b21988d87bd31048df30637cacd4f5

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: VmC5sSLDPDD62NfBxvXgdlQlaOU_xB7t
content-encoding: gzip
etag: "2af6934120dcd43a5ed4f73430113bf6"
age: 47
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 63423
access-control-allow-origin: *
last-modified: Fri, 19 Jun 2020 17:44:18 GMT
server: AmazonS3
date: Thu, 16 Jul 2020 05:06:17 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: xnNkWlSUuT3NBteuGDsXlPemMTxUPZCWmtH0XED36ufgwN6vfBej9g==

GET
H/1.1 200
OK analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google-analytics.com/analytics.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/dist/static/rev/global/analytics/stats-8ddd31cb9a.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Jun 2020 23:38:14 GMT
Server: Golfe2
Age: 3602
Date: Thu, 16 Jul 2020 04:07:01 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=7200
Content-Length: 18469
Expires: Thu, 16 Jul 2020 06:07:01 GMT

GET
H/1.1 200
OK rat_cookie.htm Show response
financessecure.com/ajax/ 16 B
1 KB 276ms
276ms XHR
text/html 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/ajax/rat_cookie.htm

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02aaa18184d594ae1dbeb86cc202ff7c0c02f233bc223c9c6a3e35c883d98a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: */*
Referer: http://financessecure.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OUR DELi IND PHY ONL UNI COM NAV INT DEM CNT STA PRE", policyref="/w3c/p3p.xml"
Transfer-Encoding: chunked
X-Nginx-Cache-Status: EXPIRED
Content-Type: text/html; charset=UTF-8
X-Server-Powered-By: Engintron
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: fd401eac2d34745c23d720bf43479896
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
Server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-request-id: 03f79de9e2000016f23a306200000001
CF-RAY: 5b393289694c16f2-FRA
expires: 0

GET
H/1.1 200
OK benton_sans_rak-regular.woff2
financessecure.com/global_files/fonts/BentonSans_RAK_Web/ 63 KB
64 KB 22ms
22ms Font
font/woff2 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/fonts/BentonSans_RAK_Web/benton_sans_rak-regular.woff2

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b226f5de1df7661a50769adbac5c54e396b347ebb5cf2beb3bdb8481608a1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
Origin: http://financessecure.com

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
CF-Cache-Status: HIT
Age: 88170
Connection: keep-alive
request-id: 22787f29e516d57a8b7777ec0bfa91e1
Content-Length: 64404
cf-request-id: 03f79de9ec000097cc440c1200000001
Pragma: public
Last-Modified: Thu, 28 May 2020 23:53:22 GMT
Server: cloudflare
etag: "fb94-5a6be089c2080"
Vary: Accept-Encoding
access-control-allow-methods: POST, GET
Content-Type: font/woff2
Cache-Control: max-age=5184000
access-control-allow-credentials: true
Accept-Ranges: bytes
CF-RAY: 5b39328979a497cc-FRA
Expires: Sun, 23 Aug 2020 23:38:58 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
financessecure.com/global_files/fonts/icon/fontawesome/v.4.5.0.7/fonts/fonts.1.1.9/ 30 KB
30 KB 173ms
171ms Font
font/woff2 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/fonts/icon/fontawesome/v.4.5.0.7/fonts/fonts.1.1.9/fontawesome-webfont.woff2?ghyph

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d63216e5d13fc954cb6c7b363301bd70807933d997fe08d8963b5012f19ba105

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
Origin: http://financessecure.com

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
CF-Cache-Status: HIT
x-check-cacheable: YES
Connection: keep-alive
request-id: 338408a659a62fa2d5d77041ef0a3c1a
Content-Length: 30236
cf-request-id: 03f79de9f100009ace4b151200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: "761c-5a8ef22f9ce40"
x-serial: 6874
Vary: Accept-Encoding
access-control-allow-methods: POST, GET
Content-Type: font/woff2
access-control-allow-origin: http://financessecure.com
Cache-Control: max-age=5184000
access-control-allow-credentials: true
x-akamai-ssl-client-sid: kPK5h9CIq3yMOG6ZiYfsiw==
Accept-Ranges: bytes
CF-RAY: 5b3932898b439ace-FRA
Expires: Fri, 11 Sep 2020 14:54:45 GMT

GET
H/1.1 200
OK benton_sans_rak-medium.woff2
financessecure.com/global_files/fonts/BentonSans_RAK_Web/ 63 KB
64 KB 17ms
17ms Font
font/woff2 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/fonts/BentonSans_RAK_Web/benton_sans_rak-medium.woff2

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91acd98bdce940ae3ee6284946b90b41927153b97c28c48ddcf54842c01b8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
Origin: http://financessecure.com

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
CF-Cache-Status: HIT
Age: 88169
Connection: keep-alive
request-id: beb77665d575064260e721dfcf825c0a
Content-Length: 64968
cf-request-id: 03f79dea06000097cc440c2200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: "fdc8-5a8ef22f9ce40"
Vary: Accept-Encoding
access-control-allow-methods: POST, GET
Content-Type: font/woff2
access-control-allow-origin: http://financessecure.com
Cache-Control: max-age=5184000
access-control-allow-credentials: true
Accept-Ranges: bytes
CF-RAY: 5b393289a9b197cc-FRA
Expires: Fri, 11 Sep 2020 00:05:09 GMT

GET
H/1.1 200
OK linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 04:38:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Server: sffe
Age: 1698
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Content-Length: 859
X-XSS-Protection: 0
Expires: Thu, 16 Jul 2020 05:38:45 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
564 B 37ms
14ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jul 2020 05:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://financessecure.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
493 B 33ms
13ms XHR
application/json 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Jul 2020 05:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://financessecure.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK Stag-Light-Web.woff2
financessecure.com/global_files/fonts/stag/ 42 KB
42 KB 10ms
9ms Font
font/woff2 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/fonts/stag/Stag-Light-Web.woff2

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de029c13cf0dc7134b0ce7e033246aa938a09eafb9bdaf77ad38f66c84a917fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
Origin: http://financessecure.com

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
CF-Cache-Status: HIT
Age: 88169
Connection: keep-alive
request-id: cf0fdc67b6f9be99cd57e9c9863692fa
Content-Length: 42821
cf-request-id: 03f79dea64000097cc440d8200000001
Pragma: public
Last-Modified: Fri, 19 Jun 2020 17:44:21 GMT
Server: cloudflare
etag: "a745-5a87371698740"
Vary: Accept-Encoding
access-control-allow-methods: POST, GET
Content-Type: font/woff2
Cache-Control: max-age=5184000
access-control-allow-credentials: true
Accept-Ranges: bytes
CF-RAY: 5b39328a3a1297cc-FRA
Expires: Fri, 28 Aug 2020 15:58:46 GMT

GET
H/1.1 200
OK attestation-sdk.1.1.0.min.js Show response
financessecure.com/static/js/attestation/ 22 KB
8 KB 12ms
11ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/static/js/attestation/attestation-sdk.1.1.0.min.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f65432f3b3c4761e1aab77c6689753439473e3d3a8304d15f7f58deccd3e724

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88169
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: f12d3dfe30478ec52b283a6ff085bd4c
cf-request-id: 03f79dea9b000097cc440da200000001
Pragma: public
Last-Modified: Thu, 09 Jul 2020 22:08:41 GMT
Server: cloudflare
etag: W/"5839-5aa0977916c40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328a9a4a97cc-FRA
Expires: Sun, 09 Aug 2020 01:42:53 GMT

GET
H/1.1 200
OK jail.fixed.0.9.5.min.js Show response
financessecure.com/global_files/js/jquery/plugins/jail/ 3 KB
2 KB 33ms
32ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/js/jquery/plugins/jail/jail.fixed.0.9.5.min.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c4a27db0499dfc0f98646145c9ed8ff4c0b2b1021909f5e95cdb44f2801666a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-check-cacheable: YES
Age: 88169
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 67ce52374acb1721fda28b5b103e2df7
cf-request-id: 03f79dead4000097cc440df200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"db4-5a8ef22f9ce40"
x-serial: 6874
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328aea7197cc-FRA
Expires: Wed, 12 Aug 2020 14:53:43 GMT

GET
H2

200

FCBxNBA_JL.svg
static.ebates.com/static/images/footer/
Redirect Chain

http://static.ebates.com/static/images/footer/FCBxNBA_JL.svg
https://static.ebates.com/static/images/footer/FCBxNBA_JL.svg

20 KB
15 KB

29ms
29ms

Image
image/svg+xml

104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/static/images/footer/FCBxNBA_JL.svg

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

250c6e3f0502f8fcdef9876d8694dbfc316d1548b4186fe0f6c0efb07e496ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: f_fWQpe7F.RhXqubOX2Sc_gWqBeUH4MV
content-encoding: gzip
etag: "981fb7edbc0d1a7934d9ac0923ccf957"
x-amz-request-id: 7810050BD96039FF
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 15048
x-amz-id-2: 3vzGhzFicOw22Mc0dp0NZ3HaoaTrdOWRl6KHPunqRb6rNKWEHHpoi7QmnxR3E5XAuuHkFNMVdvQ=
last-modified: Wed, 22 Apr 2020 21:30:52 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
access-control-allow-methods: POST, GET
content-type: image/svg+xml
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes

Redirect headers

Location: https://static.ebates.com/static/images/footer/FCBxNBA_JL.svg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK clip.1.0.0.min.js Show response
financessecure.com/mobile_web/stores/merchant_landing/raf_sharing/js/ 10 KB
4 KB 11ms
10ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/mobile_web/stores/merchant_landing/raf_sharing/js/clip.1.0.0.min.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffca4a7b24266a992f0381d1bbf770c5a442d9c7032126a7186061769eab09b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88160
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 64392aa758f85171f5807803004a2fb4
cf-request-id: 03f79deadc00009ace4b158200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"27cf-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328afbff9ace-FRA
Expires: Wed, 12 Aug 2020 14:54:21 GMT

GET
H/1.1 200
OK expander_v2-cf3d7aa5e6.js Show response
financessecure.com/dist/static/rev/global/js/eba/ 2 KB
1 KB 529ms
529ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/js/eba/expander_v2-cf3d7aa5e6.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f313913b1c34c10a5280506bdb90134150da459e73d44f1aa536320d018f2f9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 8c3c6884202b016d94f5f84ed63600f9
cf-request-id: 03f79deae100000ebbdb3a2200000001
Pragma: public
Last-Modified: Fri, 19 Jun 2020 17:44:22 GMT
Server: cloudflare
etag: W/"656-5a8737178c980"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328b08240ebb-FRA
Expires: Fri, 14 Aug 2020 04:23:10 GMT

GET
H/1.1 200
OK sort.htm Show response
financessecure.com/ajax/buyonline/ 3 B
1 KB 248ms
247ms XHR
text/html 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/ajax/buyonline/sort.htm?sort=

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: */*
Referer: http://financessecure.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OUR DELi IND PHY ONL UNI COM NAV INT DEM CNT STA PRE", policyref="/w3c/p3p.xml"
Transfer-Encoding: chunked
X-Nginx-Cache-Status: MISS
Content-Type: text/html; charset=UTF-8
X-Server-Powered-By: Engintron
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: ec9e17f6c0ea2988127914a8e0803a77
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
Server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-request-id: 03f79deae300000eafe2b9d200000001
CF-RAY: 5b39328b0b570eaf-FRA
expires: 0

POST
H/1.1 200
OK frontendEvents.do Show response
financessecure.com/ 0
931 B 243ms
243ms XHR
text/plain 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/frontendEvents.do

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: */*
Referer: http://financessecure.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OUR DELi IND PHY ONL UNI COM NAV INT DEM CNT STA PRE", policyref="/w3c/p3p.xml"
X-Server-Powered-By: Engintron
Connection: keep-alive
request-id: e4004a19d7dee2de177eaefd077276f1
Content-Length: 0
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
Server: cloudflare
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET
Content-Type: text/plain; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-request-id: 03f79deae40000dfcb9f968200000001
CF-RAY: 5b39328b0dd7dfcb-FRA
expires: 0

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F
https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F

174 KB
51 KB

25ms
24ms

Script
application/javascript

2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ca638a60483c546f6d032dd04ab65eb0ca956ed4f72701352f5a9799d3c4876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:03 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52365
x-xss-protection: 0
last-modified: Thu, 16 Jul 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Jul 2020 05:07:03 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F
Date: Thu, 16 Jul 2020 05:07:03 GMT
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 datadog-logs-us.js Show response
www.datadoghq-browser-agent.com/ 29 KB
11 KB 82ms
21ms Script
application/javascript 13.225.81.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Requested by: Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.81.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-81-108.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4cae152cc0803cb58809ac9ade7ea5ec5fef7eb680befba39927ef8a3952db60

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 09:03:43 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 09:03:37 GMT
server: AmazonS3
age: 72201
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=900
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 599zL3E7PexMOlJjQAf8m7OUeVFVI-zC8LaY4C65--zxD7jgaQedNw==
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)

POST
H/1.1 200
OK i Show response
events.engager.ecbsn.com/v1/ 2 B
615 B 253ms
181ms XHR
application/json 104.111.224.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.engager.ecbsn.com/v1/i
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vLFussC4XChxcOvzEXgApiBtItELHGtW/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.224.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://financessecure.com
Date: Thu, 16 Jul 2020 05:07:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H2

200

11298023376.js Show response
cdn.optimizely.com/js/
Redirect Chain

http://cdn.optimizely.com/js/11298023376.js
https://cdn.optimizely.com/js/11298023376.js

316 KB
95 KB

33ms
22ms

Script
text/javascript

2a02:26f0:6c00:19b::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/11298023376.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:19b::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9610fcc1857ae6a7373f1339f177fd540c034749e51728fed0130aa028ad0362

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: UY5fYt1DGQo6gZFEIYn1izglnOPyIcA2
content-encoding: gzip
etag: "b056a2a59201708beda899ade7a5b47d"
x-amz-request-id: AG0ZEYBQ4S7S4S6W
status: 200
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:19b::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 96159
x-amz-id-2: JLHw40d/3pjZvmDpoC+4belJ8JPH6bt95qbrq6yjO0EAJNkVeunANs3SfBqBE3qKb9cOtwfLI28=
last-modified: Tue, 14 Jul 2020 22:53:15 GMT
server: AmazonS3
date: Thu, 16 Jul 2020 05:07:03 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age%3D120
x-amz-meta-revision: 9634
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Server: AkamaiGHost
Location: https://cdn.optimizely.com/js/11298023376.js
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amz-meta-revision
Server-Timing: cdn;desc="AkamaiION";dur=0,rtt;desc="4";dur=0,cdnip;desc="2a02:26f0:6c00:19b::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="";dur=0
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK eb-mod-a538c1ee26.js Show response
financessecure.com/dist/static/rev/global/plugins/modal/ 3 KB
2 KB 531ms
531ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/plugins/modal/eb-mod-a538c1ee26.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

954649a55764a02d3b0574106872dce0e917be7660e757ba1181dda8a28dc428

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 4ee34fc5bb3879238b1261364eb1bd4e
cf-request-id: 03f79deb2f000016f23a32d200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"d57-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328b7c6f16f2-FRA
Expires: Fri, 14 Aug 2020 04:23:42 GMT

POST index.php
comev.ecbsn.com/ 0
0

POST
H/1.1 200
OK t Show response
events.engager.ecbsn.com/v1/ 2 B
615 B 245ms
181ms XHR
application/json 104.111.224.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.engager.ecbsn.com/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vLFussC4XChxcOvzEXgApiBtItELHGtW/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.224.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://financessecure.com
Date: Thu, 16 Jul 2020 05:07:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK p Show response
events.engager.ecbsn.com/v1/ 2 B
615 B 242ms
181ms XHR
application/json 104.111.224.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.engager.ecbsn.com/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vLFussC4XChxcOvzEXgApiBtItELHGtW/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.224.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://financessecure.com
Date: Thu, 16 Jul 2020 05:07:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK t Show response
events.engager.ecbsn.com/v1/ 2 B
615 B 522ms
462ms XHR
application/json 104.111.224.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.engager.ecbsn.com/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vLFussC4XChxcOvzEXgApiBtItELHGtW/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.224.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://financessecure.com
Date: Thu, 16 Jul 2020 05:07:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK t Show response
events.engager.ecbsn.com/v1/ 2 B
615 B 522ms
464ms XHR
application/json 104.111.224.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.engager.ecbsn.com/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vLFussC4XChxcOvzEXgApiBtItELHGtW/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.224.80 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://financessecure.com
Date: Thu, 16 Jul 2020 05:07:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

GET
H/1.1 200
OK datasharingstatus.do Show response
financessecure.com/member/ 55 B
1 KB 268ms
267ms Fetch
application/json 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/member/datasharingstatus.do

Requested by

Host: financessecure.com
URL: http://financessecure.com/static/js/attestation/attestation-sdk.1.1.0.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

351256b96e678c5e9e977e71c24c90dad7a519eb395c0eae4bba0c73ece5b7b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
X-Nginx-Cache-Status: EXPIRED
Transfer-Encoding: chunked
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OUR DELi IND PHY ONL UNI COM NAV INT DEM CNT STA PRE", policyref="/w3c/p3p.xml"
X-Server-Powered-By: Engintron
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: adc2e7cadf39f620c01563609f86a14e
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
Server: cloudflare
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/json; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-request-id: 03f79deb4d000097cc440e4200000001
CF-RAY: 5b39328baad297cc-FRA
expires: 0

GET
H2 200 gap_hpphd_092519.jpg
static.ebates.com/img/campaign_entity/23024271/ 8 KB
8 KB 38ms
35ms Image
image/jpeg 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/campaign_entity/23024271/gap_hpphd_092519.jpg

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

b732ed56abd9f79bb77f659827e8e082821e5aeba026ac789580198513345011

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: bZ7CG4l0AY62szAZVKY20NHbyodjw4Q5
etag: "c6ffd7140e59a9c153158187462e56e9"
x-amz-request-id: 0F34756E1FFA4687
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 7840
x-amz-id-2: ga0lTcIORhdpy+P1t44i56loR9UepP/k5p315b+5e09t+6axARH31hOb53sVadTreVH3hTg1UsA=
last-modified: Thu, 09 Jul 2020 22:13:39 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 americantourister_icon_100x27.gif
static.ebates.com/img/merchant_logo/16246/ 713 B
1 KB 39ms
37ms Image
image/gif 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/merchant_logo/16246/americantourister_icon_100x27.gif

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

5bdfce739dcab1145df83bd730710d29b58c45575b18e6f85a9c41e5e045723c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 0XK0L.fC1kMLD0htIa2egejStnjVRVAE
etag: "04d01764fe28b16d06fe01d4565c6f07"
x-amz-request-id: E5F8C3D160B3F4AC
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 713
x-amz-id-2: pAgUwNlKiHCMx6QvkMY1U252Q279dtK+lykbKfERcZHhD2eNMAYgsqwuBiMgvwDbic/vrXydCdw=
last-modified: Wed, 15 May 2019 20:07:16 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 containerstore_hdpd_070620.jpg
static.ebates.com/img/campaign_entity/23023407/ 29 KB
29 KB 43ms
40ms Image
image/jpeg 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/campaign_entity/23023407/containerstore_hdpd_070620.jpg

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

cd8b9604595263f54b51f62429474722ae83245bcbe7a517333ff88d325af742

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Dw3KUqdPmP2Fs_Zr49lrF988f31.HKpC
etag: "3d0f73e11077973708528c97b29b9a42"
x-amz-request-id: 0CA0F311B7D00D0D
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 29625
x-amz-id-2: PYlexY66snUhmoL+gPc4E37k4r0y07cRnX/g94PpzNYFQz/eUJGmBMc7BxbI1ctStvwVvvMT0tg=
last-modified: Thu, 02 Jul 2020 21:24:13 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 small_icon_thecontainerstore.gif
static.ebates.com/img/merchant_logo/5586/ 2 KB
2 KB 52ms
49ms Image
image/gif 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/merchant_logo/5586/small_icon_thecontainerstore.gif

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

209575ed50fedc202b881628357d49b03c9ddf93a28adbba9fadc38d42779669

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: xjf2qj8Y.BB7JvxP0dEBUKfez7jaxEZL
etag: "da7e2cfae19e8de3135254b01db51b84"
x-amz-request-id: C70E136075911146
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 1816
x-amz-id-2: o3O1insCNaxB/PtPK/0ruZOfF/iWRb/NuCjc7SIUoVf8AAav5Rl9lIL+pqGlnnXtnJ9uIOBc7Qs=
last-modified: Wed, 15 May 2019 20:07:21 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 elfcosmetics_hdpd_071320.jpg
static.ebates.com/img/campaign_entity/23024265/ 7 KB
7 KB 54ms
52ms Image
image/jpeg 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/campaign_entity/23024265/elfcosmetics_hdpd_071320.jpg

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

7a11037a73044911a21fa7df2ebdd9150866bfa586dcee3c108984b964bce936

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: uJm0FG2GlR0Zv1SVWJpL3fHO9sXvcuq6
etag: "1ede253d3112ecec7cd6fa0c1bcf9a77"
x-amz-request-id: AAEC9EBC81994BA0
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: PENDING
content-length: 6932
x-amz-id-2: MtYZrfNR/5M25GdBwNlM0M2BONtoqzAepvq9s2esfetlXWjPHvjeU/g2l0ub+WerjeQYWzID0i0=
last-modified: Fri, 10 Jul 2020 23:49:06 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 elf_icon_100x27.gif
static.ebates.com/img/merchant_logo/9243/ 419 B
826 B 56ms
54ms Image
image/gif 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/merchant_logo/9243/elf_icon_100x27.gif

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

4c5df39beb3641712e87e7bc06d1fb71d14cf2ac7cb0ad8a7d00af52e58be30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: sTjHtqR3zFUd0qZA.ZmWlkUFQGbyA0dr
etag: "1c637c105011f0355a55652bd39d075c"
x-amz-request-id: 68E084B43B8B5B16
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 419
x-amz-id-2: lpyFfWXaKXRW//Ruo+AqGt4B8PFy6HnGZB3hVYv+R9ExXvavHUOdqh64gZb3k/3gW1oydwdMQPE=
last-modified: Wed, 15 May 2019 20:07:29 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 boxed_hpphd_091619.jpg
static.ebates.com/img/campaign_entity/23024272/ 9 KB
9 KB 58ms
56ms Image
image/jpeg 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/campaign_entity/23024272/boxed_hpphd_091619.jpg

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

e11d2bb8defea8a72a0ad384014e5651edd32b11291f45b999570c5c5b101955

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: K0XVxRexEGk6BYntWXjZ7HIg9Iol2z3_
etag: "66b01cfbd1b67c1b9fb18f6eaae05d96"
x-amz-request-id: CBAF07EDE68CF24F
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 9023
x-amz-id-2: iw7woFn7uUK+X9MozPOY6hzXYg67lDYd5jq/KoagoWmxxYCFdVAXi7P5VTCTE/EWLYoCZ0OSWSc=
last-modified: Thu, 09 Jul 2020 22:14:13 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 icon-100x27.gif
static.ebates.com/image/store/icon/11230/ 703 B
1 KB 61ms
59ms Image
image/gif 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/image/store/icon/11230/icon-100x27.gif

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

81d722eadc527c0050cc2e4fd1078566fcae2be1c20c08871b1caf17f75ebbf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: I5Gad7sHX6YVhGrJF9DjfWFLIWeeCCVi
etag: "ec2f0c517310fb15a596bcbb1e13fcc9"
x-amz-request-id: 8A10BF60E628C852
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 703
x-amz-id-2: dmm1BG90jz4TLGJfVGmPeQyfuO63R3zhXaR2Q4qwIAySi68P+0u+rptbCIS11MskBsSXt43U0pY=
last-modified: Wed, 15 May 2019 19:55:17 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 lenovo_hpphd_112819.jpg
static.ebates.com/img/campaign_entity/23024268/ 7 KB
8 KB 62ms
60ms Image
image/jpeg 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/campaign_entity/23024268/lenovo_hpphd_112819.jpg

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

254ee00144ce903276a790e26bd71485e8a3ed60ea9d726886400f3229c9c907

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kQh8fvrMnBSQsVdWcgQ5qo4IlE6a.d0d
etag: "39c4be47a3389c97e7c1a26c068a042b"
x-amz-request-id: 721A944F9DCC1C0C
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 7512
x-amz-id-2: STNNmGytyum2qeVl9XO0LHXb7Q2LmgV1Zc9qcfPZaxPdsYPzdoJeFKviTGRGKHVUf8rG2djOe6E=
last-modified: Thu, 09 Jul 2020 22:12:59 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 ylighting_icon_100x27.gif
static.ebates.com/img/merchant_logo/12736/ 630 B
1 KB 64ms
62ms Image
image/gif 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/merchant_logo/12736/ylighting_icon_100x27.gif

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

5b5ed4e63e2b37d93d959db53f6cb04fddd76667cfc5cc1bb048d5246a93f279

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wrdDkbzkaRIN5cRWd5HpAvUbAbT02SaQ
etag: "8c46cb725ed95a9afc0f42228aad1f68"
x-amz-request-id: 82E7455A7E80360C
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 630
x-amz-id-2: r1TCFhUmpfIo5w/UCaEjIHYCuyL4cxJkB/pn+Wiv6FDtJvUqBxcSwYDWwVz9vW8mqtHWURr3vs8=
last-modified: Wed, 15 May 2019 20:06:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 icon_puma.gif
static.ebates.com/img/merchant_logo/8722/ 2 KB
2 KB 64ms
62ms Image
image/gif 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/merchant_logo/8722/icon_puma.gif

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

bd7225e631712db09928cf0220d6e0d7c6d24f0a8840624ea6bc7ef9c9f2187a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: vxRSl.C5zPOtx2nRrwW8qhZa4_k2DMyS
etag: "fcf0a7107f3daefa1197d17e495d3e8f"
x-amz-request-id: C385C1AF0DCEEB91
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 2018
x-amz-id-2: mgFnSTA3oIgIn7rMIYEuJMy2fxGHajuHZjFHVTqBYkkZpSx45x0h1xO+5T42UHGEzREoKyI9Svk=
last-modified: Wed, 15 May 2019 20:07:27 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2 200 imgus_300x250-1589482161810.jpg
static.ebates.com/img/campaign_entity/23025531/ 85 KB
86 KB 65ms
63ms Image
image/jpeg 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/img/campaign_entity/23025531/imgus_300x250-1589482161810.jpg

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

9c3118017dc62e6e8ab2719ed2003ad96f85601e28f6590b3c7385a7b89b7054

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 6hBgehKiXg2VZk0luBVa._lsY8AhVmrv
etag: "3501fee36345f5c5679f318a9fc598cd"
x-amz-request-id: D570E9A3D34ABA94
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 87053
x-amz-id-2: Cq28Rvd7W2+A5Qp2+0Rpv5bnYzIzI4PHGCJFM50uFZRGCgF1V8+grQf3jE7LXf/2FuYqC3Qmh8A=
last-modified: Tue, 14 Jul 2020 20:15:33 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:03 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes

GET
H2

200

cs
tags.rd.linksynergy.com/
Redirect Chain

http://tags.rd.linksynergy.com/cs?ns=ebates&uid1=19AC6F18D374B4311B62FB9&uid3=79144782250296517539857877490095295329&gtmcb=942786088
https://tags.rd.linksynergy.com/cs?ns=ebates&uid1=19AC6F18D374B4311B62FB9&uid3=79144782250296517539857877490095295329&gtmcb=942786088

37 B
336 B

64ms
34ms

Image
image/gif

34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.rd.linksynergy.com/cs?ns=ebates&uid1=19AC6F18D374B4311B62FB9&uid3=79144782250296517539857877490095295329&gtmcb=942786088
Requested by: Host: financessecure.com
URL: http://financessecure.com/coupons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 16 Jul 2020 05:07:03 GMT
via: 1.1 google
x-samesite: secure
alt-svc: clear
content-length: 37
content-type: image/gif

Redirect headers

Location: https://tags.rd.linksynergy.com/cs?ns=ebates&uid1=19AC6F18D374B4311B62FB9&uid3=79144782250296517539857877490095295329&gtmcb=942786088
Date: Thu, 16 Jul 2020 05:07:03 GMT
Via: 1.1 google
Content-Length: 180
Content-Type: text/html; charset=utf-8

GET
H2

200

trans-white-grad-60x1.png
static.ebates.com/static/images/ui/expander/
Redirect Chain

http://static.ebates.com/static/images/ui/expander/trans-white-grad-60x1.png
https://static.ebates.com/static/images/ui/expander/trans-white-grad-60x1.png

115 B
521 B

34ms
34ms

Image
image/png

104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/static/images/ui/expander/trans-white-grad-60x1.png

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

4cd99f1d5e7f4596d6eb78d805d939bc14607b870372b84004c5868f8515e580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 7Y0Upsb5dZqum6UfD9NIefVW5F8OJBlr
etag: "81e3fe3b31b37f936601ea0904afd11e"
x-amz-request-id: 76A59A9CA98F96F8
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 115
x-amz-id-2: x9c/MCDEET37icUxfiz1hIrMUxBIyWJdrTrOOAq/CNAPTbeD+UDINENx5sIAg+SLnHxvpKNOnxE=
last-modified: Wed, 15 May 2019 20:16:39 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes

Redirect headers

Location: https://static.ebates.com/static/images/ui/expander/trans-white-grad-60x1.png
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK eb-mod-130cbb60ab.css Show response
financessecure.com/dist/static/rev/global/plugins/modal/ 2 KB
1 KB 11ms
11ms XHR
text/css 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/plugins/modal/eb-mod-130cbb60ab.css

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a552ceb9b46a671529c5e124539aa8ff7edc51e9f69c152a5b9c8755f9aa25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept: */*
Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 3eaf7aacac7d8aade9b5bdd1c5059989
cf-request-id: 03f79ded44000016f23a345200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"8ac-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328ed93016f2-FRA
Expires: Fri, 14 Aug 2020 04:23:42 GMT

GET
H/1.1 200
OK gc-susi-eca7fe8820.css Show response
financessecure.com/dist/static/rev/scss/styles/local/modals/ 8 KB
3 KB 14ms
13ms XHR
text/css 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/scss/styles/local/modals/gc-susi-eca7fe8820.css

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923dc885a7aec91f1134360b453fb00107483f3f926782cf0498e733bf5326b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept: */*
Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 7d3627935600f52ab27b15f9963087c2
cf-request-id: 03f79ded4500000ebbdb3c6200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"2088-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328ede110ebb-FRA
Expires: Fri, 14 Aug 2020 04:23:11 GMT

GET
H/1.1 200
OK sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 11ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

http://connect.facebook.net/en_US/sdk.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b2c816a77b444297cbbb6e95b938545728aa533f49c29e4ab27a5854b8ac079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-MD5: NW6TqNZVwVja2KRhktxfsw==
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 1780
ETag: "cdcf895fbbee5f0de67cf4ff81ea6755"
X-FB-Debug: uj6QuSsFwVX/IQMQVOr/b/pAtFkkkCFipKkIS0vxMt2r3FSXO/bfjO9u3Rx2jDOuRLaXJbupIluI1r20NB6giw==
X-FB-TRIP-ID: 664085054
x-fb-content-md5: 8ab3c2074a924059f524412d13d4a439
X-Frame-Options: DENY
Date: Thu, 16 Jul 2020 05:07:04 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-FB-Content-MD5
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
Expires: Thu, 16 Jul 2020 05:16:42 GMT

GET
H/1.1 200
OK jquery.menu-aim.min.js Show response
financessecure.com/static/js/global/ 1 KB
1 KB 10ms
9ms XHR
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/static/js/global/jquery.menu-aim.min.js

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b57813ede6b50cef6faf0a5528378618e5c031dd37aacb94ec2a153603363ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: http://financessecure.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 04528510a6456810dcccf39b8bd6335e
cf-request-id: 03f79ded4d000097cc440f6200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"5a5-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328eecc697cc-FRA
Expires: Thu, 06 Aug 2020 05:45:00 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
243 B 119ms
118ms XHR
text/plain 34.195.70.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.70.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: http://financessecure.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Type: text/plain

GET
H/1.1 200
OK bat.js Show response
bat.bing.com/ 25 KB
8 KB 34ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F
Protocol: HTTP/1.1
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 19:59:59 GMT
X-MSEdge-Ref: Ref A: 37657FCC82BE4C00ACE57985A7B9A5A6 Ref B: FRAEDGE1307 Ref C: 2020-07-16T05:07:04Z
ETag: "804946b8613fd61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=1800
Accept-Ranges: bytes
Content-Length: 7791

GET
H/1.1 200
OK fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
35 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

http://connect.facebook.net/en_US/fbevents.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/coupons

Protocol

HTTP/1.1

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 34220
X-XSS-Protection: 0
Pragma: public
X-FB-Debug: ts4FRrzh0G6aI0Lp55wKfV1g/B4zpLsOtCVJDkuI4IG/Vr2m3gv5nJNj/cD4a3+Ld0XIm+xA1kD5RA3ufiP2yA==
X-FB-TRIP-ID: 664085054
X-Frame-Options: DENY
Date: Thu, 16 Jul 2020 05:07:04 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
2700447.fls.doubleclick.net/activityi;dc_pre=COu3iJeA0eoCFXjCEQgd_FkEyA;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/ Frame 852C
Redirect Chain

http://2700447.fls.doubleclick.net/activityi;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
http://2700447.fls.doubleclick.net/activityi;dc_pre=COu3iJeA0eoCFXjCEQgd_FkEyA;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_tr...

0
0

33ms
33ms

Document
text/html

172.217.23.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://2700447.fls.doubleclick.net/activityi;dc_pre=COu3iJeA0eoCFXjCEQgd_FkEyA;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F

Protocol

HTTP/1.1

Server

172.217.23.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: 2700447.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://financessecure.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Thu, 16 Jul 2020 05:07:04 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 379
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Thu, 16 Jul 2020 05:07:04 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://2700447.fls.doubleclick.net/activityi;dc_pre=COu3iJeA0eoCFXjCEQgd_FkEyA;src=2700447;type=count;cat=ebate00;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1

200
OK

coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1
2700447.fls.doubleclick.net/activityi;dc_pre=CK6yiJeA0eoCFVeuewoduTACww;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/ Frame 1A26
Redirect Chain

http://2700447.fls.doubleclick.net/activityi;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1?
http://2700447.fls.doubleclick.net/activityi;dc_pre=CK6yiJeA0eoCFVeuewoduTACww;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_t...

0
0

36ms
35ms

Document
text/html

172.217.23.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://2700447.fls.doubleclick.net/activityi;dc_pre=CK6yiJeA0eoCFVeuewoduTACww;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F

Protocol

HTTP/1.1

Server

172.217.23.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: 2700447.fls.doubleclick.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://financessecure.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Thu, 16 Jul 2020 05:07:04 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 381
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Date: Thu, 16 Jul 2020 05:07:04 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://2700447.fls.doubleclick.net/activityi;dc_pre=CK6yiJeA0eoCFVeuewoduTACww;src=2700447;type=count;cat=ebate000;u2=http://financessecure.com/coupons;u3=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=1?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1 200
OK conversion.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 53ms
39ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F

Protocol

HTTP/1.1

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48756568850aecbf41ece4472d14b97b5b0abd83a191bad48ca82455af735799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16584036313655190984
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 11554
X-XSS-Protection: 0
Expires: Thu, 16 Jul 2020 05:07:04 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 39 KB
14 KB 65ms
22ms Script
text/plain 151.101.113.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: financessecure.com
URL: http://financessecure.com/coupons
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding: gzip
etag: "f32ebb1e93a72c0a57add6d07f688510"
age: 6166
x-cache: HIT, HIT
status: 200
content-length: 13681
x-amz-id-2: 3tp1sIStGRbYdcojX0aoQVJXbtjFtjdlE23CGbiw6BZTJUMjPg0NdIzR/ksxEAazgHuVgJG0gHg=
x-served-by: cache-bwi5151-BWI, cache-hhn4074-HHN
last-modified: Fri, 25 Oct 2019 19:28:38 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer: S1594876024.221081,VS0,VE0
date: Thu, 16 Jul 2020 05:07:04 GMT
vary: Accept-Encoding
x-amz-request-id: 0BDAF2AF8247D518
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=7200
accept-ranges: bytes
content-type: text/plain
x-cache-hits: 2, 693

GET
H/1.1 200
OK rat-main.js Show response
r.r10s.jp/com/rat/js/ 51 KB
14 KB 265ms
6ms Script
application/javascript 2a02:26f0:6c00:193::26b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://r.r10s.jp/com/rat/js/rat-main.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDCS3F
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:193::26b2 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 4291303f26295345490f53dcc4a9454a367c672eedc05a13803986a2a5438eca

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jun 2020 02:40:52 GMT
Server: nginx
ETag: "5ef16bb4-cde8"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Connection: keep-alive
X-CDN-Served-From: Akamai
Content-Length: 14112
Expires: Fri, 17 Jul 2020 05:07:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 48 KB
16 KB 75ms
30ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d4362afbe24548dbd0ac137c029b5754f2f4a5e1ab66b985d5abceec1dccd9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "572 / 270 of 1000 / last-modified: 1594851170"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16412
x-xss-protection: 0
expires: Thu, 16 Jul 2020 05:07:04 GMT

GET
H2 200 4cdd5a10-68f3-0136-4bf3-067f653fa718
tag.simpli.fi/sifitag/ 0
791 B 87ms
27ms Image
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tag.simpli.fi/sifitag/4cdd5a10-68f3-0136-4bf3-067f653fa718

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 16 Jul 2020 05:07:04 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: FiIjS0XZ5jgnWzcr57CB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK gc-su-rat.htm Show response
financessecure.com/ajax/ 23 KB
7 KB 248ms
247ms XHR
text/html 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/ajax/gc-su-rat.htm?p=/coupons&split_id=822&oType=Hot-Deals-Walmart-Hero-201510&merchantId=2946

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0cb389de4a6f3a14a139460e2619f3e2dcdf0078db7242aedcd91cb5ee7cca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: */*
Referer: http://financessecure.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
p3p: CP="CAO DSP COR CURa ADMa DEVa TAIi PSAa PSDa IVAi IVDi CONi OUR DELi IND PHY ONL UNI COM NAV INT DEM CNT STA PRE", policyref="/w3c/p3p.xml"
Transfer-Encoding: chunked
X-Nginx-Cache-Status: MISS
Content-Type: text/html; charset=UTF-8
X-Server-Powered-By: Engintron
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 266038df9386f649cecf45a48708d09f
x-xss-protection: 1; mode=block, 1; mode=block
pragma: no-cache
Server: cloudflare
x-frame-options: SAMEORIGIN
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-request-id: 03f79ded6e000097cc440f8200000001
CF-RAY: 5b39328f1cda97cc-FRA
expires: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
60 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0da57023e2421f42f6b90c45fd244f10&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f51b46a01e58054434072d16506958d5413e8e656f0d0c4eada89734c33d34a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/
Origin: http://financessecure.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HSf9d7G6ng0t4fDeOkJqQQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61079
etag: "033ef8507d3deba41bb2faf0c971f0c4"
x-fb-debug: TC/iFxsAciAkbYqfYJyTTS0LXHwhtw89JPAWiDikqPtQngdseEbAH7kK5ZhAEKfwzEjr6ZF/9nPtsOeE40e2Jg==
x-fb-trip-id: 664085054
x-fb-content-md5: dc557f499b20714c796f438304f3e9f1
x-frame-options: DENY
date: Thu, 16 Jul 2020 05:07:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 16 Jul 2021 04:31:24 GMT

GET
H/1.1 200
OK eb-mod-130cbb60ab.css
financessecure.com/dist/static/rev/global/plugins/modal/ 2 KB
1 KB 13ms
13ms Stylesheet
text/css 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/global/plugins/modal/eb-mod-130cbb60ab.css

Requested by

Host: financessecure.com
URL: http://financessecure.com/dist/static/rev/global/js/eba/ebates-main-f002bddc11.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a552ceb9b46a671529c5e124539aa8ff7edc51e9f69c152a5b9c8755f9aa25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 3eaf7aacac7d8aade9b5bdd1c5059989
cf-request-id: 03f79ded7000000ebbdb3cb200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"8ac-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328f1e6b0ebb-FRA
Expires: Fri, 14 Aug 2020 04:23:42 GMT

GET
H/1.1 200
OK gc-susi-eca7fe8820.css
financessecure.com/dist/static/rev/scss/styles/local/modals/ 8 KB
3 KB 10ms
10ms Stylesheet
text/css 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/scss/styles/local/modals/gc-susi-eca7fe8820.css

Requested by

Host: financessecure.com
URL: http://financessecure.com/dist/static/rev/global/js/eba/ebates-main-f002bddc11.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923dc885a7aec91f1134360b453fb00107483f3f926782cf0498e733bf5326b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88170
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 7d3627935600f52ab27b15f9963087c2
cf-request-id: 03f79ded70000016f23a347200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"2088-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: text/css;charset=UTF-8
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39328f199c16f2-FRA
Expires: Fri, 14 Aug 2020 04:23:11 GMT

GET
H2 200 1499900856960507 Show response
connect.facebook.net/signals/config/ 522 KB
132 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1499900856960507?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d04bd2e609f92927386d85ca3c6f25395e280e0d75cb341e5bd51cc4400643ec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134621
x-xss-protection: 0
pragma: public
x-fb-debug: 9Vj1cTqp2+jb38bTMuC0oNxOL9kxCdJy0/oPMiSUnPzpj9zaq0AjIkCDzmSiznlC9Td/tgFjNCIpDpKawKQ4hA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 16 Jul 2020 05:07:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
283 B 40ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4013680&Ver=2&mid=7ce3a94f-86bf-909c-4667-595f1fd2b359&sid=2a0798ca-bc54-9818-e23e-370b96e14437&vid=763415ae-4718-e97d-d55c-d87c97c60267-1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Coupon%20Codes,%20Promo%20Codes%20%26%20Daily%20Deals%20%7C%20FinancesSecure&kw=deals,%20hot%20deals,%20promo%20codes,%20promotional%20codes,%20coupon%20codes,%20coupons&p=http%3A%2F%2Ffinancessecure.com%2Fcoupons&r=&lt=1523&evt=pageLoad&msclkid=N&sv=1&rn=301179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 16 Jul 2020 05:07:03 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 3F0F61D628DE46DFABF75BF5D25DA1A4 Ref B: FRAEDGE1321 Ref C: 2020-07-16T05:07:04Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2ZpbmFuY2Vzc2VjdXJlLmNvbS9jb3Vwb25z Show response
data.schemaapp.com/Ebates/ 0
527 B 401ms
401ms XHR
application/json 2600:9000:21f3:1e00:1f:d9e6:d540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://data.schemaapp.com/Ebates/aHR0cDovL2ZpbmFuY2Vzc2VjdXJlLmNvbS9jb3Vwb25z

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:21f3:1e00:1f:d9e6:d540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-cf-pop: FRA2-C2
x-cache: Error from cloudfront
status: 200
access-control-max-age: 3000
strict-transport-security: max-age=31536000; includeSubDomains;
content-length: 0
last-modified: Mon, 11 Jun 2018 21:03:27 GMT
server: AmazonS3
date: Thu, 16 Jul 2020 05:07:05 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: NmEA4THdoS3FJ-f239FTjpMgt-HcexRSVRqaMB7fe6FPfX4KLByCxg==

GET
H2 200 status Show response
www.facebook.com/x/oauth/ 0
459 B 56ms
43ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=214330088590858&input_token&origin=1&redirect_uri=http%3A%2F%2Ffinancessecure.com%2Fcoupons&sdk=joey&wants_cookie_data=true

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: IAyqYQV6Oxq5hqIQCnZBk2KA6uVH0Kp6OvZqH/lYhECTo00FjcboQ6JY9b3+czdQtZjXgG2uO76bzuVnwIihNQ==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Thu, 16 Jul 2020 05:07:04 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://financessecure.com
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992527088/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992527088/?random=1594876024233&cv=9&fst=1594876024233&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Ffinancessecure.com%2Fcoupons&tiba=Coupon%20Codes%2C%20Promo%20Codes%20%26%20Daily%20Deals%20%7C%20FinancesSecure&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82ec327421072c193acade8d5b90831b24c8cf5f0f0c5e3001184c7dc03a1a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1017
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
310 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1499900856960507&ev=PageView&dl=http%3A%2F%2Ffinancessecure.com%2Fcoupons&rl=&if=false&ts=1594876024309&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1594876024307.928143660&it=1594876024187&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Jul 2020 05:07:04 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/311a4d2dbc2c446fa5e9c8d25b1ab505/ 43 B
423 B 463ms
121ms Image
image/gif 34.238.223.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/311a4d2dbc2c446fa5e9c8d25b1ab505/pixel?j=1&u=http%3A%2F%2Ffinancessecure.com%2Fcoupons&tag=ViewContent&ts=1594876024319

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.238.223.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,1d1afc3a1399d42fa4d6d1f2bf9fa923,10.0.0.200,12176,185.236.201.148,,22307936674,1,1594876024.721,0.007,,.,0,0,0.000,0.008,-,0,0,197,198,99,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
887 B 64ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=financessecure.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
316 B 32ms
31ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=financessecure.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020070801.js Show response
securepubads.g.doubleclick.net/gpt/ 249 KB
89 KB 32ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Jul 2020 15:29:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90527
x-xss-protection: 0
expires: Thu, 16 Jul 2020 05:07:04 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/992527088/ 42 B
320 B 25ms
21ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992527088/?random=1594876024233&cv=9&fst=1594875600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Ffinancessecure.com%2Fcoupons&tiba=Coupon%20Codes%2C%20Promo%20Codes%20%26%20Daily%20Deals%20%7C%20FinancesSecure&fmt=3&is_vtc=1&random=1272852424&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jul 2020 05:07:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/992527088/ 42 B
559 B 37ms
22ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992527088/?random=1594876024233&cv=9&fst=1594875600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Ffinancessecure.com%2Fcoupons&tiba=Coupon%20Codes%2C%20Promo%20Codes%20%26%20Daily%20Deals%20%7C%20FinancesSecure&fmt=3&is_vtc=1&random=1272852424&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jul 2020 05:07:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 138ms
137ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4414411316394382&correlator=900313438834147&output=ldjh&impl=fifs&eid=21066754%2C21066721&vrg=2020070801&guci=2.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200716&iu_parts=109093028%2CFinancesSecureRewards_Home%2CHotDeals_slot4&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=23&abxe=1&lmt=1594876024&dt=1594876024419&dlt=1594876023190&idt=1212&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=962932758&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ffinancessecure.com%2Fcoupons&dssz=64&icsg=4294093808&std=0&vis=1&scr_x=0&scr_y=0&psz=334x1375&msz=332x282&ga_vid=1930561869.1594876023&ga_sid=1594876024&ga_hid=162864858&fws=132&ohw=332

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d04b5398dd4c8a3bbc5b2b82ae91abdcd1779f9ffc60e77c13a94ecca7bfd8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2616
x-xss-protection: 0
google-lineitem-id: 4994027457
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138266530708
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://financessecure.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b9d8f63c1ac12f93500f91b6d6e57da9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 58ms
13ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b9d8f63c1ac12f93500f91b6d6e57da9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 18ms
6ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

join-final-piggy-sprite.1.0.0.gif
static.ebates.com/images/signup/join_overlay/
Redirect Chain

http://static.ebates.com/images/signup/join_overlay/join-final-piggy-sprite.1.0.0.gif
https://static.ebates.com/images/signup/join_overlay/join-final-piggy-sprite.1.0.0.gif

38 KB
38 KB

54ms
54ms

Image
image/gif

104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/images/signup/join_overlay/join-final-piggy-sprite.1.0.0.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

070aa6540a9d5bb12b6d4ca8d06834dd3ac0db8d8c6b725fe6d496052ebc3e1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/dist/static/rev/scss/styles/local/modals/gc-susi-eca7fe8820.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: YDL81cbkQR.41gkUiOSbWXMmNXkOvYft
etag: "aedb7856c3639a28f2d04855d132ff28"
x-amz-request-id: 6FE4E3C71250AAAF
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
content-length: 38418
x-amz-id-2: 5B1JXXGxSzvQc7uCEnKbB0plsvJ3xCeuYuRCie0etDLLMm7hVoeCHW+bZxXg6/BhtpobdwaM7CE=
last-modified: Wed, 15 May 2019 20:00:07 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes

Redirect headers

Location: https://static.ebates.com/images/signup/join_overlay/join-final-piggy-sprite.1.0.0.gif
Non-Authoritative-Reason: HSTS

GET
H2 200 10-dollars-186x120.svg
static.ebates.com/static/images/rakuten/ 91 KB
12 KB 66ms
65ms Image
image/svg+xml 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/static/images/rakuten/10-dollars-186x120.svg

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

f38b757f77d55d8bfee6552229d211fe79e5a6e72c1d25dd48192c736d69ce59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/dist/static/rev/scss/styles/local/modals/gc-susi-eca7fe8820.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: QHmYLvmgKgL.yujsIvf41VoR7O4OXPMA
content-encoding: gzip
etag: "bbbb002c934a2558fd9858dd1627ca7c"
x-amz-request-id: 360B365FAFFB2909
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 12148
x-amz-id-2: OgkLzLNwACcQi9I48mLR3ZkK8rtQpNv9iUElkQn0JkCWTXxVFINjybfiL6+Pmg3NiKkMAUKlTmI=
last-modified: Wed, 15 May 2019 20:16:37 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
access-control-allow-methods: POST, GET
content-type: image/svg+xml
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 google_G_logo.svg
static.ebates.com/static/fonts/svg/google/ 688 B
873 B 65ms
64ms Image
image/svg+xml 104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/static/fonts/svg/google/google_G_logo.svg

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: OPjue_aff4_KQbrKrVrUaFf6td5jM6cT
content-encoding: gzip
etag: "686f8efa6e3e28e96d1c08399e8d353d"
x-amz-request-id: 5713A96C9E46A72C
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 385
x-amz-id-2: PRV+64PH9vCp4FC1UQw7w0f7TZtR7i4dWLWruZ9GiTa/isg4U3ALwHAWKCmhGiKO2+hb1e+gL3A=
last-modified: Wed, 15 May 2019 20:16:32 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
access-control-allow-methods: POST, GET
content-type: image/svg+xml
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes

GET
H/1.1 200
OK Stag-Medium-Web.woff2
financessecure.com/global_files/fonts/stag/ 39 KB
39 KB 11ms
10ms Font
font/woff2 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/global_files/fonts/stag/Stag-Medium-Web.woff2

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0c3d545082584299c3a3b7bcd00a8eb12127eec290a4abf80110edb20453b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/dist/static/rev/scss/ebates-rebrand-67b693f143.css
Origin: http://financessecure.com

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
CF-Cache-Status: HIT
x-check-cacheable: YES
Age: 48
Connection: keep-alive
request-id: c404e705dd1c002bf6425090a1201ec2
Content-Length: 39621
cf-request-id: 03f79dee75000097cc44102200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: "9ac5-5a8ef22f9ce40"
x-serial: 6874
Vary: Accept-Encoding
access-control-allow-methods: POST, GET
Content-Type: font/woff2
Cache-Control: max-age=5184000
access-control-allow-credentials: true
x-akamai-ssl-client-sid: OpxzwDaYwhQntPdI7qgvqA==
Accept-Ranges: bytes
CF-RAY: 5b393290bdb897cc-FRA
Expires: Fri, 11 Sep 2020 14:53:42 GMT

GET
H/1.1 200
OK form-factory-deca84f97a.js Show response
financessecure.com/dist/static/rev/overlays/global/ 25 KB
7 KB 11ms
11ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/overlays/global/form-factory-deca84f97a.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5a55e8498556c81efb13981458d48acb15d4af1bec60a22602c05a8b96a8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88169
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 49a5113489e13c22b97f661ccc51d542
cf-request-id: 03f79dee87000097cc44103200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"6344-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b393290ddc497cc-FRA
Expires: Sun, 09 Aug 2020 21:54:31 GMT

GET
H2

200

rakuten_nav_white.svg
static.ebates.com/static/svg/rakuten/
Redirect Chain

http://static.ebates.com/static/svg/rakuten/rakuten_nav_white.svg
https://static.ebates.com/static/svg/rakuten/rakuten_nav_white.svg

3 KB
2 KB

52ms
52ms

Image
image/svg+xml

104.111.215.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.ebates.com/static/svg/rakuten/rakuten_nav_white.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.232 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-232.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

60dc0a0c34848b8060da81a07e20fd9ded6d941191a3897faa2950fcf937bc48

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qTloDmqqGuI1wqnvCNqh2QDaCQAsCQtW
content-encoding: gzip
etag: "2f394f59c68414c7967957f4055b4ef4"
x-amz-request-id: F97C5FCF6281350D
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 1443
x-amz-id-2: XuUR0oCG1++NK3gtOnxINj379j4Ov5UOW3QWHTr3x80bfGSZmadLGAqH1/Qp8bJldUIPnOAlmm0=
last-modified: Wed, 15 May 2019 20:16:40 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
date: Thu, 16 Jul 2020 05:07:04 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
access-control-allow-methods: POST, GET
content-type: image/svg+xml
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes

Redirect headers

Location: https://static.ebates.com/static/svg/rakuten/rakuten_nav_white.svg
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ral-1.6.2.js Show response
r.r10s.jp/com/rat/js/ 21 KB
8 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:193::26b2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://r.r10s.jp/com/rat/js/ral-1.6.2.js
Requested by: Host: r.r10s.jp
URL: http://r.r10s.jp/com/rat/js/rat-main.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:193::26b2 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 3ffd19747138b4ff0f2a94d676687578879893663cb8185e7708b9664217bb53

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 01:22:46 GMT
Server: nginx
ETag: "5d82d866-54a4"
Vary: Accept-Encoding, Origin
Content-Type: application/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Connection: keep-alive
X-CDN-Served-From: Akamai
Content-Length: 7362
Expires: Fri, 17 Jul 2020 05:07:04 GMT

GET
H/1.1 200
OK form-strings-en-4b3eae83f1.js Show response
financessecure.com/dist/static/rev/overlays/global/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/overlays/global/form-strings-en-4b3eae83f1.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f29d7b2e0b9dd940d00060a033e645568d03900fe5df406b243f66e1405e5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-check-cacheable: YES
Age: 88169
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 998c23a65e2f6f14fe3cd17dd30662e0
cf-request-id: 03f79deec7000097cc44106200000001
Pragma: public
Last-Modified: Fri, 15 May 2020 21:05:07 GMT
Server: cloudflare
etag: W/"5a9-5a5b62af6c6c0"
x-serial: 6874
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b3932913de797cc-FRA
Expires: Sat, 18 Jul 2020 02:16:25 GMT

GET
H/1.1 200
OK google_client-ca326fc5c3.js Show response
financessecure.com/dist/static/rev/overlays/global/ 2 KB
2 KB 12ms
11ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/overlays/global/google_client-ca326fc5c3.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d5c488d0c2efb02555e4b6186b36bcb6a8de0fe1ce609e39afc7a799ed465a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 48
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 08f2512fccdfec9aa474dcccd4be0d84
cf-request-id: 03f79deecb00000ebbdb3d5200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"8c3-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b39329149af0ebb-FRA
Expires: Sat, 08 Aug 2020 13:50:21 GMT

GET
H/1.1 200
OK /
rat.rakuten.co.jp/ 43 B
720 B 566ms
261ms Image
image/gif 23.210.248.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rat.rakuten.co.jp/?cpkg_none=%7B%22acc%22%3A447%2C%22aid%22%3A1%2C%22pgt%22%3A%22top%22%2C%22pgn%22%3A%22deals%22%2C%22pgl%22%3A%22PC%22%2C%22ssc%22%3A%22%2Fcoupons%22%2C%22abtest_target%22%3A%7B%7D%2C%22js_ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22js_devtype%22%3A%22PC%22%2C%22etype%22%3A%22pv%22%2C%22ltm%22%3A%222020-07-16%2007%3A07%3A04%22%2C%22url%22%3A%22http%3A%2F%2Ffinancessecure.com%2Fcoupons%22%2C%22tid%22%3A%22a8bb346b%22%2C%22tzo%22%3A2%2C%22res%22%3A%221600x1200%22%2C%22jav%22%3Afalse%2C%22bln%22%3A%22en-US%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22online%22%3Atrue%2C%22ver%22%3A%221.6.2%22%2C%22rqtime%22%3A555%2C%22ldtime%22%3A322%2C%22astime%22%3A626%2C%22navtype%22%3A0%2C%22ifr%22%3A0%2C%22pgid%22%3A%220613a5dbec383f6e%22%2C%22_ra%22%3A%221594876024531%7C7b28dc89-3360-4cbf-ab9c-f7f6a5d788c4%22%2C%22use_cks%22%3Afalse%2C%22cks2%22%3A%221594876024531%7C7b28dc89-3360-4cbf-ab9c-f7f6a5d788c4%22%7D&t=1594876024535

Protocol

HTTP/1.1

Server

23.210.248.192 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

lighttpd (Rat) /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:05 GMT
X-Content-Type-Options: nosniff
Server: lighttpd (Rat)
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: True-Client-Ip,X-Real-Ip,X-Forwarded-For,Content-Type
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
rat.rakuten.com/ 43 B
423 B 538ms
519ms Image
image/gif 95.101.106.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://rat.rakuten.com/?cpkg_none=%7B%22acc%22%3A447%2C%22aid%22%3A1%2C%22pgt%22%3A%22top%22%2C%22pgn%22%3A%22deals%22%2C%22pgl%22%3A%22PC%22%2C%22ssc%22%3A%22%2Fcoupons%22%2C%22abtest_target%22%3A%7B%7D%2C%22js_ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22js_devtype%22%3A%22PC%22%2C%22etype%22%3A%22pv%22%2C%22ltm%22%3A%222020-07-16%2007%3A07%3A04%22%2C%22url%22%3A%22http%3A%2F%2Ffinancessecure.com%2Fcoupons%22%2C%22tid%22%3A%22a8bb346b%22%2C%22tzo%22%3A2%2C%22res%22%3A%221600x1200%22%2C%22jav%22%3Afalse%2C%22bln%22%3A%22en-US%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22online%22%3Atrue%2C%22ver%22%3A%221.6.2%22%2C%22rqtime%22%3A555%2C%22ldtime%22%3A322%2C%22astime%22%3A626%2C%22navtype%22%3A0%2C%22ifr%22%3A0%2C%22pgid%22%3A%220613a5dbec383f6e%22%2C%22_ra%22%3A%221594876024531%7C7b28dc89-3360-4cbf-ab9c-f7f6a5d788c4%22%2C%22use_cks%22%3Afalse%2C%22cks2%22%3A%221594876024531%7C7b28dc89-3360-4cbf-ab9c-f7f6a5d788c4%22%7D&t=1594876024535

Protocol

HTTP/1.1

Server

95.101.106.24 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

lighttpd (Rat) /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:05 GMT
X-Content-Type-Options: nosniff
Server: lighttpd (Rat)
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: True-Client-Ip,X-Real-Ip,X-Forwarded-For,Content-Type
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK password_strongth_validation-084620551a.js Show response
financessecure.com/dist/static/rev/overlays/global/ 5 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3031::ac43:a6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://financessecure.com/dist/static/rev/overlays/global/password_strongth_validation-084620551a.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:a6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789a928dec5962b004df48880a7ab3f0c4577d3998aed5a60a39189eacfeb356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 05:07:04 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 88169
Transfer-Encoding: chunked
access-control-allow-methods: POST, GET
Connection: keep-alive
request-id: 90363b7650c591c019dd826f336a9662
cf-request-id: 03f79deed6000097cc44107200000001
Pragma: public
Last-Modified: Thu, 25 Jun 2020 21:18:41 GMT
Server: cloudflare
etag: W/"13d8-5a8ef22f9ce40"
Vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
Content-Type: application/javascript
Cache-Control: max-age=2592000
access-control-allow-credentials: true
CF-RAY: 5b3932915def97cc-FRA
Expires: Sun, 09 Aug 2020 04:01:29 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 13 KB
6 KB 38ms
26ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: financessecure.com
URL: http://financessecure.com/global_files/js/jquery/jquery-1.10.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f24a309fc1c02fc9e80809586add3d5e0dcd8c055ce9c4d2e48ece64ae7ee4df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ap7x0pgfKBO+TSyyxmo2rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "4338429277d3503ceffcab4feee12582"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ap7x0pgfKBO+TSyyxmo2rg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 16 Jul 2020 05:07:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame BA06 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://financessecure.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 16 Jul 2020 01:49:13 GMT
expires: Fri, 16 Jul 2021 01:49:13 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 11871
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 25ms
13ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66cfa27b0485df92c636ba2b32e9b5e77f349fc126f19b5390f75c74f1653f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594680790280003"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27220
x-xss-protection: 0
expires: Thu, 16 Jul 2020 05:07:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 30ms
18ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020070801&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f20fc5ca92794393789961ea313d5a7f2db679cc22412d166e92f0f9340a7174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5662
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.tdKmdx4hEKY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNzu8du8SXFGdrQ3hHBmqUkmRBYPg/ 106 KB
36 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.tdKmdx4hEKY.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCNzu8du8SXFGdrQ3hHBmqUkmRBYPg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32a1d8ba79b65adb040b682f334b0c18a469dfe6e087c591e8be197de1f0db7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Jun 2020 19:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 17:56:22 GMT
server: sffe
age: 2366994
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36269
x-xss-protection: 0
expires: Fri, 18 Jun 2021 19:37:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020070801.js?21066754

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 05:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 16 Jul 2020 05:07:04 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame C1CB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://financessecure.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://financessecure.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 16 Jul 2020 01:48:54 GMT
expires: Fri, 16 Jul 2021 01:48:54 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11890
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
233 B 14ms
14ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020070801&jk=4414411316394382&bg=!fH-lf2dYFuohPnbx6yYCAAAAR1IAAAAMmQGCUfGlP1jG_CWlJL6Kr8kCnhTv2C1Iv6Dj19prnULEklGadczIF5MmItRYzFQYu21hfx6yqEdr7gM0kNAHZgsk_GEc24pkGY1jPupN2HfOLdjGeDv34H27MtZOM97x1j2juvFjFs8aAOtdXV6CACv2xhNcRmpRScc4n47blSgqovEZUm0y1lI8dSDLSc1ejCGjG0PeiMk6kkfUabpsoHdGCeSyhTmOSMFMI84JWA85P_p3UnnwP8XEMVvVkFuU5-ZNMXJZhhkppfTgdLLvPut3vYS9SD8uJYyHz6Lk1OS0-fHYz2Rxv8XrQo-zLp-Z34tvFqFBxK3_u2KIQhJdTOpg-0VpY7YszpD_dqSFpc_fie9tZGaufajs_NEOiCiTAgxkXspm_A5sREkyEjHvr1uvCF3gZGq3h6qu8rS0ZX0Q6gDtCtjlf5_CsMGGwJBZssLfcJ0NTzlB3SlNCwm4fy7ZJzaeDA51sENVgP2rhFuQQV3MmslQL_pNLGR0epkXKv1fH0A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jul 2020 05:07:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
38 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://financessecure.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarylQ06HWYveO8BH1Fq

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 16 Jul 2020 05:07:04 GMT
status: 200
content-type: text/plain
access-control-allow-origin: http://financessecure.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: comev.ecbsn.com
URL: https://comev.ecbsn.com/index.php

Domain: comev.ecbsn.com
URL: https://comev.ecbsn.com/index.php

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.financessecure.com/	1970-01-19 19:46:52	Name: ajs_anonymous_id Value: %22b52bbd38-2a8d-4324-829f-ced0d940f4a2%22
.financessecure.com/	1970-01-19 11:02:42	Name: _gid Value: GA1.2.396279146.1594876023
financessecure.com/	1970-01-19 11:01:16	Name: _dd_s Value: logs=1&id=75e87aee-45d7-4e39-a20b-37fe90bb6318&created=1594876023644&expire=1594876923644
.financessecure.com/	1970-01-20 04:32:28	Name: _ga Value: GA1.2.1930561869.1594876023
financessecure.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: aaaboaKWEAZvxdZ5E-1mx
.financessecure.com/	1970-01-19 11:01:19	Name: AMP_TOKEN Value: %24NOT_FOUND
.financessecure.com/	1970-01-19 13:10:52	Name: _gcl_au Value: 1.1.1665587374.1594876024
.financessecure.com/	1970-01-19 11:44:28	Name: __cfduid Value: d6698e9d7ab18a5faa0d7311f6c7912701594876022

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.datadoghq-browser-agent.com/datadog-logs-us.js(Line 1) Message: The method FB.getLoginStatus can no longer be called from http pages. https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2700447.fls.doubleclick.net
a.quora.com
adservice.google.ch
adservice.google.com
ampcid.google.com
ampcid.google.de
apis.google.com
b9d8f63c1ac12f93500f91b6d6e57da9.safeframe.googlesyndication.com
bat.bing.com
cdn.optimizely.com
cdn.schemaapp.com
cdn.segment.com
comev.ecbsn.com
connect.facebook.net
data.schemaapp.com
errors.client.optimizely.com
events.engager.ecbsn.com
financessecure.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
q.quora.com
r.r10s.jp
rat.rakuten.co.jp
rat.rakuten.com
securepubads.g.doubleclick.net
static.ebates.com
tag.simpli.fi
tags.rd.linksynergy.com
tpc.googlesyndication.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
comev.ecbsn.com
104.111.215.232
104.111.224.80
13.225.81.108
143.204.99.83
151.101.113.2
169.50.137.176
172.217.21.226
172.217.23.162
172.217.23.166
23.210.248.192
2600:9000:21f3:1e00:1f:d9e6:d540:93a1
2600:9000:21f3:b600:a:6e64:b280:93a1
2606:4700:3031::ac43:a6c1
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:814::2001
2a00:1450:4001:816::2001
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a02:26f0:6c00:193::26b2
2a02:26f0:6c00:19b::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.195.70.92
34.238.223.59
34.98.67.3
95.101.106.24
02aaa18184d594ae1dbeb86cc202ff7c0c02f233bc223c9c6a3e35c883d98a6a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
070aa6540a9d5bb12b6d4ca8d06834dd3ac0db8d8c6b725fe6d496052ebc3e1c
07c6c8c42052f422b2a54926c2781ee4c49dee2c9fae0397f4563faa24ee317f
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0cf576a5dab9315daac7ffe29d29ed585e0ff9850e59408d0f25f38dc1da037b
0d4362afbe24548dbd0ac137c029b5754f2f4a5e1ab66b985d5abceec1dccd9f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
209575ed50fedc202b881628357d49b03c9ddf93a28adbba9fadc38d42779669
250c6e3f0502f8fcdef9876d8694dbfc316d1548b4186fe0f6c0efb07e496ba7
254ee00144ce903276a790e26bd71485e8a3ed60ea9d726886400f3229c9c907
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2f51b46a01e58054434072d16506958d5413e8e656f0d0c4eada89734c33d34a
2f65432f3b3c4761e1aab77c6689753439473e3d3a8304d15f7f58deccd3e724
32a1d8ba79b65adb040b682f334b0c18a469dfe6e087c591e8be197de1f0db7e
351256b96e678c5e9e977e71c24c90dad7a519eb395c0eae4bba0c73ece5b7b3
3b2c816a77b444297cbbb6e95b938545728aa533f49c29e4ab27a5854b8ac079
3ffd19747138b4ff0f2a94d676687578879893663cb8185e7708b9664217bb53
41d5c488d0c2efb02555e4b6186b36bcb6a8de0fe1ce609e39afc7a799ed465a
4291303f26295345490f53dcc4a9454a367c672eedc05a13803986a2a5438eca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
484f9d4b564683b5f6bfba815719f6e2a11d5eb237a9c412cab5b2d8613bf6cf
48756568850aecbf41ece4472d14b97b5b0abd83a191bad48ca82455af735799
4c5df39beb3641712e87e7bc06d1fb71d14cf2ac7cb0ad8a7d00af52e58be30f
4cae152cc0803cb58809ac9ade7ea5ec5fef7eb680befba39927ef8a3952db60
4cd99f1d5e7f4596d6eb78d805d939bc14607b870372b84004c5868f8515e580
4f29d7b2e0b9dd940d00060a033e645568d03900fe5df406b243f66e1405e5ae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5962f0d0d4c9ab53c579cefad60d451954b21988d87bd31048df30637cacd4f5
5b5ed4e63e2b37d93d959db53f6cb04fddd76667cfc5cc1bb048d5246a93f279
5bdfce739dcab1145df83bd730710d29b58c45575b18e6f85a9c41e5e045723c
5c4a27db0499dfc0f98646145c9ed8ff4c0b2b1021909f5e95cdb44f2801666a
60dc0a0c34848b8060da81a07e20fd9ded6d941191a3897faa2950fcf937bc48
66cfa27b0485df92c636ba2b32e9b5e77f349fc126f19b5390f75c74f1653f29
67bba3b3eb8782491156087c3842c11018e204549b0d944d9e41760b163dd59f
6a3cf5192354f71615ac51034b3e97c20eda99643fcaf5bbe6d41ad59bd12167
6b226f5de1df7661a50769adbac5c54e396b347ebb5cf2beb3bdb8481608a1b2
700374919b6ff85414c94daa6f8a85e5b6c044a539a861d9f0e29d06b003d806
739106827a3feb38afd1a20fb7a24f5a27da2ee98618a5b9209c75cb4e88c354
7654b8a06a98292108c96904d8a70283c1463e6a03607aba5f4e26c9ee998dc8
789a928dec5962b004df48880a7ab3f0c4577d3998aed5a60a39189eacfeb356
7a11037a73044911a21fa7df2ebdd9150866bfa586dcee3c108984b964bce936
7ca638a60483c546f6d032dd04ab65eb0ca956ed4f72701352f5a9799d3c4876
7e5ae918e7c7fc0e47a2150c3b7ea62043314f4798502881b8a9053086a4bff6
80236f9a0c54850b99645385c4c89af4b22da6400281813fa9d26b27e9bf5de0
81d722eadc527c0050cc2e4fd1078566fcae2be1c20c08871b1caf17f75ebbf9
82ec327421072c193acade8d5b90831b24c8cf5f0f0c5e3001184c7dc03a1a91
9182f154dde041ef16e80ec7daedbe988cb5cf9477afa3bca84951a8012b54cd
923dc885a7aec91f1134360b453fb00107483f3f926782cf0498e733bf5326b2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
954649a55764a02d3b0574106872dce0e917be7660e757ba1181dda8a28dc428
9610fcc1857ae6a7373f1339f177fd540c034749e51728fed0130aa028ad0362
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c3118017dc62e6e8ab2719ed2003ad96f85601e28f6590b3c7385a7b89b7054
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b57813ede6b50cef6faf0a5528378618e5c031dd37aacb94ec2a153603363ed4
b6f7b31210a709daca9760b215660b2cbe719757df3059364beeda005fca2dbe
b732ed56abd9f79bb77f659827e8e082821e5aeba026ac789580198513345011
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd7225e631712db09928cf0220d6e0d7c6d24f0a8840624ea6bc7ef9c9f2187a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb9ddbe7a0649f9f79004ff1594bd3bd0ee435c875caebb09f13dda2e6c1f6ff
cd8b9604595263f54b51f62429474722ae83245bcbe7a517333ff88d325af742
d04b5398dd4c8a3bbc5b2b82ae91abdcd1779f9ffc60e77c13a94ecca7bfd8c1
d04bd2e609f92927386d85ca3c6f25395e280e0d75cb341e5bd51cc4400643ec
d0cb389de4a6f3a14a139460e2619f3e2dcdf0078db7242aedcd91cb5ee7cca7
d1a552ceb9b46a671529c5e124539aa8ff7edc51e9f69c152a5b9c8755f9aa25
d63216e5d13fc954cb6c7b363301bd70807933d997fe08d8963b5012f19ba105
d80adb91c03478a6718f095dcb1c4c31e9f9452cc70ed69f7f8a0438626a8acd
d873e9100b5a58124c1957cd2d89e1a2a181c6e34fbac33e0d739be9589ad0bd
de029c13cf0dc7134b0ce7e033246aa938a09eafb9bdaf77ad38f66c84a917fe
e11d2bb8defea8a72a0ad384014e5651edd32b11291f45b999570c5c5b101955
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91acd98bdce940ae3ee6284946b90b41927153b97c28c48ddcf54842c01b8a3
ea71e2a952821b155724a25370bd09916ef5b7e1af83cda573e2fb434391d22a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f0c3d545082584299c3a3b7bcd00a8eb12127eec290a4abf80110edb20453b2b
f20fc5ca92794393789961ea313d5a7f2db679cc22412d166e92f0f9340a7174
f24a309fc1c02fc9e80809586add3d5e0dcd8c055ce9c4d2e48ece64ae7ee4df
f313913b1c34c10a5280506bdb90134150da459e73d44f1aa536320d018f2f9f
f38b757f77d55d8bfee6552229d211fe79e5a6e72c1d25dd48192c736d69ce59
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd5a55e8498556c81efb13981458d48acb15d4af1bec60a22602c05a8b96a8bc
ffca4a7b24266a992f0381d1bbf770c5a442d9c7032126a7186061769eab09b6

financessecure.com Open in urlscan Pro 2606:4700:3031::ac43:a6c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

114 Requests

56 %HTTPS

59 %IPv6

25 Domains

37 Subdomains

35 IPs

5 Countries

1407 kBTransfer

4004 kBSize

8 Cookies

21 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

financessecure.com Open in urlscan Pro
2606:4700:3031::ac43:a6c1 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

56 %
HTTPS

59 %
IPv6

25
Domains

37
Subdomains

35
IPs

5
Countries

1407 kB
Transfer

4004 kB
Size

8
Cookies

114 HTTP transactions
0 data transactions