urlscan.io logo urlscan.io
SecurityTrails logo

myplacestayrewarded.com Open in urlscan Pro
198.91.42.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u18979635.ct.sendgrid.net/ls/click?upn=Btulbo0RHSbWpmWHegh-2BPSlw5Ybmzh9SWTKfx3ewBa1BiiaXr-2BrizIeXyXq86dxYGY7tiSuGHMqiNCr...
Effective URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Submission: On November 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 70 HTTP transactions. The main IP is 198.91.42.43, located in Boca Raton, United States and belongs to CDC-01, US. The main domain is myplacestayrewarded.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 3rd 2022. Valid for: a year.
This is the only time myplacestayrewarded.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.115.121 (Herndon, United States)

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net
u18979635.ct.sendgrid.net
44    198.91.42.43 (Boca Raton, United States)

ASN393362 (CDC-01, US)
myplacestayrewarded.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    18.66.122.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-78.fra60.r.cloudfront.net
consent.trustarc.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
44 myplacestayrewarded.com
myplacestayrewarded.com
993 KB
7 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3058
236 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
249 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
3 KB
4 gstatic.com
fonts.gstatic.com
122 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
196 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5922
656 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
656 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 201
16 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
79 KB
1 sendgrid.net
u18979635.ct.sendgrid.net
263 B
70 13
Domain Requested by
44 myplacestayrewarded.com 8 redirects myplacestayrewarded.com
7 consent.trustarc.com myplacestayrewarded.com
consent.trustarc.com
4 www.facebook.com myplacestayrewarded.com
4 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net myplacestayrewarded.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.g.doubleclick.net www.google-analytics.com
2 www.google.de myplacestayrewarded.com
2 www.google.com myplacestayrewarded.com
2 googleads.g.doubleclick.net www.googletagmanager.com
2 fonts.googleapis.com myplacestayrewarded.com
2 cdnjs.cloudflare.com myplacestayrewarded.com
1 www.googletagmanager.com myplacestayrewarded.com
1 u18979635.ct.sendgrid.net 1 redirects
70 14
Subject Issuer Validity Valid
myplacestayrewarded.com
Go Daddy Secure Certificate Authority - G2		 2022-05-03 -
2023-05-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2022-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Frame ID: 09834947B0DDB83162B604DAA05464E7
Requests: 70 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign Up For My Place - My Place

Page URL History Show full URLs

  1. https://u18979635.ct.sendgrid.net/ls/click?upn=Btulbo0RHSbWpmWHegh-2BPSlw5Ybmzh9SWTKfx3ewBa1BiiaXr-2BrizIeXyXq... HTTP 302
    https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

90 %
HTTPS

79 %
IPv6

13
Domains

14
Subdomains

13
IPs

3
Countries

1661 kB
Transfer

3434 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u18979635.ct.sendgrid.net/ls/click?upn=Btulbo0RHSbWpmWHegh-2BPSlw5Ybmzh9SWTKfx3ewBa1BiiaXr-2BrizIeXyXq86dxYGY7tiSuGHMqiNCrjfTD60M0seZKf0yznoh5bKTgvR10-3DEqo7_3DfVgr8N8SfNcBx16l4sMOmrRRndOKoa09MkK9cAczbzOWjRrq1XDPuocugHnhiV965nng1q8Fl45GX8vDlNYqDAu3-2Frah4ILvN8-2FtFKK-2BNZ9LLSbZF3dos2viJyCo4jA1Uwivl-2B8gKh9opoBNwa-2FbOOQeZJCVFD5v7t5dGo4RpDGXi22CGGwgV966GzKhQpyIlkfZiqTwTCg2CEqvLqWvIWi1qeNDtssNDEk9kjLdBya1Y09qsyMCv9emuYaTMTU3tSN6SAXHgzxWxsE1od5ua5gbc6nmgNiAR7bf1EeVSfpYMchuIRXzbLhchUe4Lrt45VQp8v9gSKEmJdAtis1umVPqE1d2oZyijXQO-2FXhVBxfUW27NTYMD4-2BJgJTB5WoaRwaJ5vHn7nQ9Lj4j7Bx2deXFzQ-2BD3jLCOWycdhA6XSbax6Q3xsIiyovSyyCRvpLLz7GyTe9D2H5547y0sY3rIMBZnULBryiOKuQ7At0WksGLV3-2FuGX4c-2BViZl5nIj4ghd4ETIYSI1xEzSNg7PSrQxHdh4DJ7Jk7DTcYKWOLEz9CjGKCFy7pLotX9sNxMlEMRmawCdilBpxnWuHfjm4uqoDF7mdcMjzyMDmugMchVOw-3D HTTP 302
    https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://myplacestayrewarded.com/common/renderjavascriptsettings HTTP 302
  • https://myplacestayrewarded.com/en-US/common/renderjavascriptsettings
Request Chain 6
  • https://myplacestayrewarded.com/Directory/MP/_images/logo.svg HTTP 302
  • https://myplacestayrewarded.com/Error/NotFound?aspxerrorpath=/Directory/MP/_images/logo.svg HTTP 302
  • https://myplacestayrewarded.com/en-US/Error/NotFound?aspxerrorpath=%2FDirectory%2FMP%2F_images%2Flogo.svg
Request Chain 49
  • https://myplacestayrewarded.com/Overview/GetDefaultDate?_=1668451270111 HTTP 302
  • https://myplacestayrewarded.com/en-US/Overview/GetDefaultDate?_=1668451270111
Request Chain 50
  • https://myplacestayrewarded.com/CommonTable/GetSalutation HTTP 302
  • https://myplacestayrewarded.com/en-US/CommonTable/GetSalutation
Request Chain 51
  • https://myplacestayrewarded.com/Language/GetLanguages HTTP 302
  • https://myplacestayrewarded.com/en-US/Language/GetLanguages
Request Chain 52
  • https://myplacestayrewarded.com/GetScript/RegisterEmailRegexPattern?_=1668451270112 HTTP 302
  • https://myplacestayrewarded.com/en-US/GetScript/RegisterEmailRegexPattern?_=1668451270112
Request Chain 54
  • https://myplacestayrewarded.com/Language/GetLanguages HTTP 302
  • https://myplacestayrewarded.com/en-US/Language/GetLanguages

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SignUpKiosk
myplacestayrewarded.com/
Redirect Chain
  • https://u18979635.ct.sendgrid.net/ls/click?upn=Btulbo0RHSbWpmWHegh-2BPSlw5Ybmzh9SWTKfx3ewBa1BiiaXr-2BrizIeXyXq86dxYGY7tiSuGHMqiNCrjfTD60M0seZKf0yznoh5bKTgvR10-3DEqo7_3DfVgr8N8SfNcBx16l4sMOmrRRndOKo...
  • https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
51 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
840b7ba9a043a6f5218b7a32d398acc2009fa38428d82cd214f98e6f32d01d76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
10864
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Nov 2022 18:41:08 GMT
Expires
-1
Pragma
no-cache
ntCoent-Length
52498

Redirect headers

Connection
keep-alive
Content-Length
83
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Nov 2022 18:41:08 GMT
Location
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Server
nginx
X-Robots-Tag
noindex, nofollow
site.min.css
myplacestayrewarded.com/Directory/MP/_css/scss/ 		413 KB
77 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
1f0916bb0d19c2a3d6491780773e83e223a49a85d81d7ee1c9ad7c6bc34bb397

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jul 2020 19:12:03 GMT
ETag
"1d665dc244f3660"
ntCoent-Length
423392
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Headers
Content-Type
selectize.bootstrap3.min.css
cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.4/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.4/css/selectize.bootstrap3.min.css
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a1c1d794d96cb85ec3cd80d8dcd8f2bbc20a9fd111c380fe44a95963bb4e51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13731838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1491
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-1ee6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqHImIl90OunIjygoF5aOZmbf7sVp88mhXdyLG6ug4UP0iJ8dBc10mV97pKz1YF0EMOUgVEOdNNni25NVgHTLXwjzd2NnTFO4Ul01wdADpZjmc9CEfD7vVYpg5FWxKxhSVMzeTsEn993Uy1ak7MHM837"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76a1e131ba989b88-FRA
expires
Sat, 04 Nov 2023 18:41:09 GMT
renderjavascriptsettings
myplacestayrewarded.com/en-US/common/
Redirect Chain
  • https://myplacestayrewarded.com/common/renderjavascriptsettings
  • https://myplacestayrewarded.com/en-US/common/renderjavascriptsettings
1 KB
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/common/renderjavascriptsettings
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
37fc10aa66b547ca4489a654571d1b6a39bc2212aeda8a1bad7350a3c58304e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:09 GMT
Content-Encoding
gzip
Cteonnt-Length
1097
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
397
Expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:09 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Location
/en-US/common/renderjavascriptsettings
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
155
Expires
-1
modernizr
myplacestayrewarded.com/bundles/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:09 GMT
Content-Encoding
gzip
ntCoent-Length
10999
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
4552
Expires
-1
logo.png
myplacestayrewarded.com/Directory/MP/_images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/Directory/MP/_images/logo.png
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
e73a5ea6d942030aa3552bdfcc9e61793d28ce22769d24f7e4bde4cdb33cdccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:10 GMT
Last-Modified
Wed, 29 Jul 2020 19:12:03 GMT
ETag
"1d665dc2449097c"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
19196
Logo.png
myplacestayrewarded.com/Directory/MP/_images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/Directory/MP/_images/Logo.png
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
e73a5ea6d942030aa3552bdfcc9e61793d28ce22769d24f7e4bde4cdb33cdccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:10 GMT
Last-Modified
Wed, 29 Jul 2020 19:12:03 GMT
ETag
"1d665dc2449097c"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
19196
NotFound
myplacestayrewarded.com/en-US/Error/
Redirect Chain
  • https://myplacestayrewarded.com/Directory/MP/_images/logo.svg
  • https://myplacestayrewarded.com/Error/NotFound?aspxerrorpath=/Directory/MP/_images/logo.svg
  • https://myplacestayrewarded.com/en-US/Error/NotFound?aspxerrorpath=%2FDirectory%2FMP%2F_images%2Flogo.svg
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/en-US/Error/NotFound?aspxerrorpath=%2FDirectory%2FMP%2F_images%2Flogo.svg
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Content-Encoding
gzip
ntCoent-Length
2293
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
1204
Expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Location
/en-US/Error/NotFound?aspxerrorpath=%2FDirectory%2FMP%2F_images%2Flogo.svg
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
191
Expires
-1
logo_kiosk.png
myplacestayrewarded.com/Directory/MP/_images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/Directory/MP/_images/logo_kiosk.png
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
e73a5ea6d942030aa3552bdfcc9e61793d28ce22769d24f7e4bde4cdb33cdccb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:09 GMT
Last-Modified
Wed, 29 Jul 2020 19:12:03 GMT
ETag
"1d665dc2449097c"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
19196
selectize.min.js
cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.4/js/standalone/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.4/js/standalone/selectize.min.js
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f206264524032fc4e859a1639ce4b58859a37581c162f0b8d2ef905917869f8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:41:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3622037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13296
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-b053"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3J0eJ91lfsHbp5KKn0jcUJbvqqbqI4O5UhBP6LX%2F9iv2ovd3kG8FB7PgON%2F7PfGT%2FYfdDsDVoevg7fvitOzB4cUnVtAZqz3e5NYJCttbfSxkjTiLcoObRncCRM2AeeTZ9MJmPAptLWDhFV6pr9%2FhtvfN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
76a1e13429289b88-FRA
expires
Sat, 04 Nov 2023 18:41:09 GMT
notice
consent.trustarc.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=cendyn.com&c=teconsent&js=nj&noticeType=bb
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-78.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
bc1b396009fc8e271f477cfa26c7462f39b8bee3a7a0ac7336c6bf0aaa34d6c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myplacestayrewarded.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
content-length
5189
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
Hyu9F05ywuB67DTr_5mMa0C3vGrh7TypnAg5OJbZlZA1fCaRJbjiZw==
expires
Mon, 14 Nov 2022 19:41:10 GMT
jquery
myplacestayrewarded.com/bundles/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/jquery?v=gkWyJthHPtwkFjvHuNinBjchIfwLwc_KbE-H26J2kAI1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
21fbbd6d8977efd96b0b22b85d6c6e393cf6b5841e817118f4ea7814ba0f1c4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:09 GMT
Content-Encoding
gzip
Cteonnt-Length
84291
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Expires
-1
jqueryui
myplacestayrewarded.com/bundles/ 		234 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/jqueryui?v=nmuMA-O4C0zphhL2ApoyudBi4v4VCXr0cCFlFmBK2eU1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:09 GMT
Content-Encoding
gzip
ntCoent-Length
239752
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Expires
-1
jqueryval
myplacestayrewarded.com/bundles/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/jqueryval?v=5akSNe53LGWjFTLqo4Sp8LaEKsiZ7p8Uggu4uD-M4SM1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
4b31a6d0275e27113d054f2eb6b1e930bdfb668e854ae5dfdd1849fc131c6ea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Content-Encoding
gzip
Cteonnt-Length
28827
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
9756
Expires
-1
layoutjs
myplacestayrewarded.com/bundles/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/layoutjs?v=K6MR7hqHWowEsvoSBF1TT52wYlTYI_jirQx1FGiB3B81
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
3b20dfaf100267b9a25193ca9d4cb837e42b32a4725f399766a01ef75499d150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Content-Encoding
gzip
Cteonnt-Length
46989
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
15632
Expires
-1
SignUpBackDoor_Index.js
myplacestayrewarded.com/Scripts/views/MP/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/Scripts/views/MP/SignUpBackDoor_Index.js
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
71459675d2ee0bed41d8189e2c2669520938d31ef226ef9c9274ce4bb71360e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:10 GMT
Last-Modified
Tue, 04 Aug 2020 14:19:32 GMT
ETag
"1d66a8bcc9f1638"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
17464
datepicker-language.js
myplacestayrewarded.com/Scripts/widgets/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/Scripts/widgets/datepicker-language.js
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
f75688ed8daab6e41b211c51997216c2f9ae3ba9a40cdfdebcaa280c5de02ba7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:10 GMT
Last-Modified
Wed, 29 Apr 2020 14:54:26 GMT
ETag
"1d61e579aac859d"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
6301
termsconditions.js
myplacestayrewarded.com/Scripts/widgets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/Scripts/widgets/termsconditions.js
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
c44b5917c6d8f9044f73a9986637f2ada0824deaea19418a71d2ba694b9730c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:10 GMT
Last-Modified
Fri, 02 Jul 2021 01:13:40 GMT
ETag
"1d76f0104fc1ce2"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
1762
faq.js
myplacestayrewarded.com/Scripts/widgets/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/Scripts/widgets/faq.js
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
3573193130c4e891ee9813d9be69f9439955eb5d8da8299b4a353bde700fdc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:10 GMT
Last-Modified
Fri, 02 Jul 2021 01:13:40 GMT
ETag
"1d76f0104fc084c"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
4684
iconcaptcha
myplacestayrewarded.com/bundles/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/iconcaptcha?v=sMRK1ZUmndJ-Mva4X8hiwf2dvQzkS81vP70TT63A-4c1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
8d667ce63839ad4bfe62fca6af48ce946dccdf01a5bb6478174f10b3078b5e23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Content-Encoding
gzip
Cteonnt-Length
6368
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
2126
Expires
-1
js
myplacestayrewarded.com/bundles/MP/ 		202 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/MP/js?v=sSMumuxqMSs5xvo3_SXNM7PN7hfE1WFDfRXNpxEGHNs1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
c158042b25213af48ae52eab2af5780a3babcf8c569883ab8bd4401741b3e222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Content-Encoding
gzip
ntCoent-Length
206963
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Expires
-1
layoutjsbottom
myplacestayrewarded.com/bundles/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/bundles/layoutjsbottom?v=s3PZOiIm1w0hvVOM22I_7MJabGbbXnAMe5g1NOfLLec1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
f4189c54ba723da238d7b46eb3f14e788c6419eaa06a1e94449e8b55635a5b7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Content-Encoding
gzip
Cteonnt-Length
48878
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
14461
Expires
-1
css
fonts.googleapis.com/ 		2 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 18:41:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 17:38:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Nov 2022 18:41:09 GMT
login_background.jpg
myplacestayrewarded.com/Directory/MP/_images/ 		282 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/Directory/MP/_images/login_background.jpg
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
1a3eddf51bb5ee398a8855069400c2d52c49c4f594eb2421422c1421819db42b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:09 GMT
Last-Modified
Fri, 11 Dec 2020 14:59:35 GMT
ETag
"1d6cfce3d204daa"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
288810
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 19:26:32 GMT
x-content-type-options
nosniff
age
429278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 19:26:32 GMT
gtm.js
www.googletagmanager.com/ 		420 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WKBVMC
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11d68ec4b41dbb25ebffcf49337d8a2ad59fe14ecb7b8b9e286b811b41a53108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:41:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79978
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Nov 2022 18:41:10 GMT
ring.gif
myplacestayrewarded.com/Directory/MP/_images/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/Directory/MP/_images/ring.gif
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
5ab2e5967c5fcdb23ab13475ae8152a87e91c51695c5c18550504eea209e3d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:09 GMT
Last-Modified
Wed, 29 Jul 2020 19:12:03 GMT
ETag
"1d665dc2449d14d"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
37581
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 19:26:54 GMT
x-content-type-options
nosniff
age
429256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Nov 2023 19:26:54 GMT
fontawesome-webfont.woff2
myplacestayrewarded.com/Lib/Fonts/Font-Awsome/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/Lib/Fonts/Font-Awsome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:09 GMT
Last-Modified
Wed, 29 Jul 2020 19:12:18 GMT
ETag
"1d665dc2d3b0dd8"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
71896
fa-regular-400.woff2
myplacestayrewarded.com/Lib/Fonts/webfonts/ 		142 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/Lib/Fonts/webfonts/fa-regular-400.woff2
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
be7a090de1fe98f279b7e89c8731422c9b45bddba7a232e3753375a3d14c0876

Request headers

Referer
https://myplacestayrewarded.com/Directory/MP/_css/scss/site.min.css
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Mon, 14 Nov 2022 18:41:09 GMT
Last-Modified
Wed, 29 Jul 2020 19:12:19 GMT
ETag
"1d665dc2dd09d34"
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
public,must-revalidate,max-age=1800
Access-Control-Allow-Headers
Content-Type
Content-Length
145076
v1.7-9931
consent.trustarc.com/asset/notice.js/v/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-9931
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=cendyn.com&c=teconsent&js=nj&noticeType=bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-78.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
a2287bb22f8ed8285baec2e9b8cfd84ea46d0a142884bea029c7c396fa3a0d9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://myplacestayrewarded.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:10:31 GMT
content-encoding
gzip
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
age
1839
x-cache
Hit from cloudfront
pragma
public
last-modified
Thu, 20 Oct 2022 05:43:25 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
FENwXib8HuT8YYpEJLKBTOH00kw9df6W1ilooReDAMlq39IkJ6rdCA==
expires
Wed, 14 Dec 2022 18:10:31 GMT
log
consent.trustarc.com/ 		43 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=cendyn.com&country=de&state=&behavior=implied&c=6ef1
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-78.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA60-P2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
KqP_v-houIIqagpvTzKWvuNVDD517RS6CW2X6UDoLRNIH4cNuOvHeQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
de-trustarc_cookiepreferences.png
consent.trustarc.com/asset/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/asset/de-trustarc_cookiepreferences.png
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-78.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
47ef9fd5de4b7eed06338c961d13f12072ca9c9526c20f9dc357535b79468ee5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 17:59:02 GMT
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
age
2528
x-cache
Hit from cloudfront
content-length
5087
pragma
public
last-modified
Thu, 24 May 2018 00:46:39 GMT
server
nginx
vary
Origin
content-type
image/png
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
qG2umDc1srE18Q_5Y6QMTeseJBGY0SqoeIngz1_ob8pEvd2Fv76dug==
expires
Wed, 14 Dec 2022 17:59:02 GMT
notice
consent.trustarc.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=cendyn.com&country=de&js=nj2&c=teconsent&noticeType=bb
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=cendyn.com&c=teconsent&js=nj&noticeType=bb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-78.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
0127cb769af26a65bed3787dce52551c46db63261f479288a72ad29ab631265a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://myplacestayrewarded.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
cloudfront-viewer-country
DE
content-length
4999
x-xss-protection
1; mode=block
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
tCiSUtLwsTe6r8T6no3pg7HhCeG45siMqb4ZWooDsIHRKyTeDP7e8A==
expires
Mon, 14 Nov 2022 19:41:10 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WKBVMC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 14 Nov 2022 17:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5116
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 14 Nov 2022 19:15:54 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/803755989/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803755989/?random=1668451270212&cv=11&fst=1668451270212&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=PVcJCLTR-IMBENWvof8C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&tiba=Sign%20Up%20For%20My%20Place%20-%20My%20Place&auid=1711551592.1668451270&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WKBVMC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83d1197af6746d518b68f2cb7ca8b6d17084db051349ce027133db33c4c34a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
948
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/803786063/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803786063/?random=1668451270215&cv=11&fst=1668451270215&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=803786063&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&tiba=Sign%20Up%20For%20My%20Place%20-%20My%20Place&auid=1711551592.1668451270&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WKBVMC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89bcd6638eaf3ffa81d769b7e4723a1b23184647e424e7be2858a34d47a46849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
916
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 18:41:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27337
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
H8uKG3KqY7zd6kIYIDBccgM6tcZOm2FFBzV/h/l9aWp/Y2ab8cp95YIHqV6OfL+rTaoX+KTEpORZj+JC0nBSwA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=544145787&t=pageview&_s=1&dl=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&dp=0%2Fhotel_vic_on_the_harbour%2FSignUpKiosk&ul=en-us&de=UTF-8&dt=Sign%20Up%20For%20My%20Place%20-%20My%20Place&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=595574932&gjid=1492307895&cid=1478402253.1668451270&tid=UA-91100088-3&_gid=1159538650.1668451270&_r=1&gtm=2wgb905WKBVMC&cd1=hotel_vic_on_the_harbour&cd2=tc_web_builder-concierge&cd3=dark_theme-not_defined&cd4=hong_kong&cd5=aspac&cd6=sun_hung_kai_properties&cd7=not_applicable&cd8=0&cd9=en&cd10=not_applicable&cd11=not_applicable&cd13=no&cd14=synxis.com&cd15=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&cd16=north_asia&cd17=not_applicable&cd18=hong_kong&z=583113079
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myplacestayrewarded.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myplacestayrewarded.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=544145787&t=pageview&_s=1&dl=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&dp=%2FSignUpKiosk&ul=en-us&de=UTF-8&dt=Sign%20Up%20For%20My%20Place%20-%20My%20Place&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=1615148486&gjid=433173161&cid=1478402253.1668451270&tid=UA-101831531-1&_gid=1159538650.1668451270&_r=1&gtm=2wgb905WKBVMC&cd1=hotel_vic_on_the_harbour&cd2=tc_web_builder-concierge&cd3=dark_theme-not_defined&cd4=hong_kong&cd5=aspac&cd6=sun_hung_kai_properties&cd7=not_applicable&cd8=0&cd9=en&cd10=not_applicable&cd11=not_applicable&cd13=no&cd14=synxis.com&cd15=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&cd16=north_asia&cd17=not_applicable&cd18=hong_kong&z=382091814
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://myplacestayrewarded.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myplacestayrewarded.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1402719256524696
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1402719256524696?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e69732b2798f7731d8edde6dbfd7516c820d172f5b0a96fd1bab4737dc199f50
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 18:41:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86067
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
a2F/KHhJln+YiOjTif+dbpcqUqaNBqWe9kryTKNYpf16D14e9GeCGfFebBz0Ut4WEdsd4zaG+pvIb7lIgd5vlA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/803786063/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/803786063/?random=1668451270215&cv=11&fst=1668448800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=803786063&frm=0&url=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&tiba=Sign%20Up%20For%20My%20Place%20-%20My%20Place&fmt=3&is_vtc=1&random=3866058715&rmt_tld=0&ipr=y
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/803786063/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/803786063/?random=1668451270215&cv=11&fst=1668448800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=803786063&frm=0&url=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&tiba=Sign%20Up%20For%20My%20Place%20-%20My%20Place&fmt=3&is_vtc=1&random=3866058715&rmt_tld=1&ipr=y
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/803755989/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/803755989/?random=1668451270212&cv=11&fst=1668448800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=PVcJCLTR-IMBENWvof8C&frm=0&url=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&tiba=Sign%20Up%20For%20My%20Place%20-%20My%20Place&fmt=3&is_vtc=1&random=4010033034&rmt_tld=0&ipr=y
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/803755989/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/803755989/?random=1668451270212&cv=11&fst=1668448800000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&label=PVcJCLTR-IMBENWvof8C&frm=0&url=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&tiba=Sign%20Up%20For%20My%20Place%20-%20My%20Place&fmt=3&is_vtc=1&random=4010033034&rmt_tld=1&ipr=y
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Nov 2022 18:41:10 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-91100088-3&cid=1478402253.1668451270&jid=595574932&gjid=1492307895&_gid=1159538650.1668451270&_u=YGBACEAABAAAACAAI~&z=779754668
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://myplacestayrewarded.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 14 Nov 2022 18:41:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myplacestayrewarded.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-101831531-1&cid=1478402253.1668451270&jid=1615148486&gjid=433173161&_gid=1159538650.1668451270&_u=YGDACEABBAAAACAAI~&z=1782139943
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://myplacestayrewarded.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 14 Nov 2022 18:41:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://myplacestayrewarded.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
674868219374695
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/674868219374695?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72e449f9a6a8fdf4802e42d26379e737017a43e44b1d8cfda6395dec739d53ef
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 14 Nov 2022 18:41:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86004
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
HcvUoTfrWRd6y6DOoFi8dqs1+HFdpYYZ8eRygTYFyj6GA4nO9GTLqzYe494g60Xu08Yvc+IVkFIoEpdcfqzJVQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1402719256524696&ev=PageView&dl=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&rl=&if=false&ts=1668451270554&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1668451270552.800205148&it=1668451270373&coo=false&rqm=GET
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Nov 2022 18:41:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=674868219374695&ev=PageView&dl=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&rl=&if=false&ts=1668451270610&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1668451270552.800205148&it=1668451270373&coo=false&rqm=GET
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Nov 2022 18:41:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
GetDefaultDate
myplacestayrewarded.com/en-US/Overview/
Redirect Chain
  • https://myplacestayrewarded.com/Overview/GetDefaultDate?_=1668451270111
  • https://myplacestayrewarded.com/en-US/Overview/GetDefaultDate?_=1668451270111
37 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/Overview/GetDefaultDate?_=1668451270111
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
abc45b250bb1a8cbcd93049c1b8ac8962b836e36db38ee3ab43776ab9d995571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
37
Expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
ADRUM_0
g:5ce5c72d-80c8-4148-aa58-f9ac19445b7e
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
text/html; charset=utf-8
Location
/en-US/Overview/GetDefaultDate?_=1668451270111
ADRUM_2
i:2475108
Cache-Control
no-cache, no-store
ADRUM_3
e:43
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers
Content-Type
Content-Length
163
Expires
-1
GetSalutation
myplacestayrewarded.com/en-US/CommonTable/
Redirect Chain
  • https://myplacestayrewarded.com/CommonTable/GetSalutation
  • https://myplacestayrewarded.com/en-US/CommonTable/GetSalutation
215 B
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/CommonTable/GetSalutation
Protocol
HTTP/1.1
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
b0fa8594926acab6db386c41881ebdbb191327ff547dea52470e89cdd8815161

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:11 GMT
ADRUM_0
g:3f7fa4fc-f660-4040-be16-545dfdda85f6
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
application/json; charset=utf-8
ADRUM_2
i:2475106
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Cache-Control
no-cache, no-store
ADRUM_3
e:5
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
215
Expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:12 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Location
/en-US/CommonTable/GetSalutation
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
149
Expires
-1
GetLanguages
myplacestayrewarded.com/en-US/Language/
Redirect Chain
  • https://myplacestayrewarded.com/Language/GetLanguages
  • https://myplacestayrewarded.com/en-US/Language/GetLanguages
110 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/Language/GetLanguages
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
HTTP/1.1
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
63a468554d1ae65f1da70a19f7929d062a8e233f88b74ee63b4b4e0c9af5b530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
ADRUM_0
g:9ca88f4e-18ee-4aed-b134-549d16764220
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
application/json; charset=utf-8
ADRUM_2
i:2475107
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Cache-Control
no-cache, no-store
ADRUM_3
e:6
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
110
Expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
ADRUM_0
g:1601c0a7-b8ca-4878-975c-f33ae82a2e20
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
text/html; charset=utf-8
Location
/en-US/Language/GetLanguages
ADRUM_2
i:2475103
Cache-Control
no-cache, no-store
ADRUM_3
e:3
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers
Content-Type
Content-Length
145
Expires
-1
RegisterEmailRegexPattern
myplacestayrewarded.com/en-US/GetScript/
Redirect Chain
  • https://myplacestayrewarded.com/GetScript/RegisterEmailRegexPattern?_=1668451270112
  • https://myplacestayrewarded.com/en-US/GetScript/RegisterEmailRegexPattern?_=1668451270112
110 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/GetScript/RegisterEmailRegexPattern?_=1668451270112
Protocol
HTTP/1.1
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
0ff73637977c4c2524b682891cd160d65ff2c23f3f09335284eeadec631e4373

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:11 GMT
ADRUM_0
g:8ebd45d1-723d-439d-acc3-a63775c2e89b
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
application/x-javascript; charset=utf-8
ADRUM_2
i:2475110
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Cache-Control
no-cache, no-store
ADRUM_3
e:31
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
110
Expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:11 GMT
ADRUM_0
g:f86cbce8-504a-4ff7-a23e-a16043202327
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
text/html; charset=utf-8
Location
/en-US/GetScript/RegisterEmailRegexPattern?_=1668451270112
ADRUM_2
i:2475104
Cache-Control
no-cache, no-store
ADRUM_3
e:28
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers
Content-Type
Content-Length
175
Expires
-1
css
fonts.googleapis.com/ 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/bundles/jquery?v=gkWyJthHPtwkFjvHuNinBjchIfwLwc_KbE-H26J2kAI1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 14 Nov 2022 18:41:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 18:21:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Nov 2022 18:41:10 GMT
GetLanguages
myplacestayrewarded.com/en-US/Language/
Redirect Chain
  • https://myplacestayrewarded.com/Language/GetLanguages
  • https://myplacestayrewarded.com/en-US/Language/GetLanguages
110 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/Language/GetLanguages
Protocol
HTTP/1.1
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
63a468554d1ae65f1da70a19f7929d062a8e233f88b74ee63b4b4e0c9af5b530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:13 GMT
ADRUM_0
g:fe27d849-31e4-4319-8019-964f9955033d
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
application/json; charset=utf-8
ADRUM_2
i:2475107
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Cache-Control
no-cache, no-store
ADRUM_3
e:6
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
110
Expires
-1

Redirect headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:12 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
text/html; charset=utf-8
Location
/en-US/Language/GetLanguages
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
145
Expires
-1
get
consent.trustarc.com/ 		193 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=Montserrat-Regular.ttf
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-78.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
dcfe8df29e553fbd655212f94300cb1e704c6cd147fa7a98cb4bcd9eb92c6707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://myplacestayrewarded.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:25:21 GMT
via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
age
949
x-cache
Hit from cloudfront
content-length
197976
pragma
public
server
nginx
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
S72KKlQ0ZwkKANo4RgW11Kc2kbSg0a1kvooB26Qff-yccWIf6BR3tQ==
expires
Wed, 14 Dec 2022 18:25:21 GMT
bannermsg
consent.trustarc.com/ 		43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=cendyn.com&behavior=implied&country=de&language=de&rand=0.2456190922985233
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-78.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:41:10 GMT
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
eTe0or6j3hfi66b1fg9pAuleh542Wfzm6drqcbpp9-g0-mkCmPZuag==
expires
Mon, 14 Nov 2022 18:41:09 GMT
GetTermsConditions
myplacestayrewarded.com/en-US/Common/ 		28 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/Common/GetTermsConditions
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/bundles/jquery?v=gkWyJthHPtwkFjvHuNinBjchIfwLwc_KbE-H26J2kAI1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
7e3a9918feda56c5a3196bfbf0cf1e1b11ef13f544ef210b69a1e0f389909266

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
29059
Expires
-1
GetFaq
myplacestayrewarded.com/en-US/Login/ 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/Login/GetFaq
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/bundles/jquery?v=gkWyJthHPtwkFjvHuNinBjchIfwLwc_KbE-H26J2kAI1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
bfcd5d6ec8827e73b449cfa660ef8e448ce5a5589e08257366d49bbbc78f1448

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:10 GMT
ADRUM_0
g:d55f6b94-4ea8-4a7c-8f1f-98220d1fca91
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
application/json; charset=utf-8
ADRUM_2
i:2475097
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Cache-Control
no-cache, no-store
ADRUM_3
e:51
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
17830
Expires
-1
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
369691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 11:59:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://myplacestayrewarded.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options
nosniff
age
341936
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 19:42:15 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1402719256524696&ev=Microdata&dl=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&rl=&if=false&ts=1668451272057&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20Up%20For%20My%20Place%20-%20My%20Place%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1668451270552.800205148&it=1668451270373&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Nov 2022 18:41:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=674868219374695&ev=Microdata&dl=https%3A%2F%2Fmyplacestayrewarded.com%2FSignUpKiosk%3Fkioskcode%3DNTLSLS&rl=&if=false&ts=1668451272112&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20Up%20For%20My%20Place%20-%20My%20Place%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1668451270552.800205148&it=1668451270373&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 14 Nov 2022 18:41:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
myplacestayrewarded.com/en-US/Captcha/GetCaptcha/ 		256 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://myplacestayrewarded.com/en-US/Captcha/GetCaptcha/
Requested by
Host: myplacestayrewarded.com
URL: https://myplacestayrewarded.com/bundles/jquery?v=gkWyJthHPtwkFjvHuNinBjchIfwLwc_KbE-H26J2kAI1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
0bbcab8abc6b5bbfa010c95075841187b310788523c170f4e81804152d64589f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:11 GMT
ADRUM_0
g:f81e42f6-c1ef-480b-abdd-a763e412e021
ADRUM_1
n:cendyn_841c1a85-95a3-42f7-b4f3-6e279acc746c
Content-Type
application/json; charset=utf-8
ADRUM_2
i:2475094
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Cache-Control
no-cache, no-store
ADRUM_3
e:11
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
Content-Length
256
Expires
-1
/
myplacestayrewarded.com/en-US/Captcha/GetCaptcha/ 		358 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/en-US/Captcha/GetCaptcha/?cid=0&hash=2A7107CC65870AE36BD58B2AE4F34DC3B17D3EC97E372A68
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
46a4eca7f333566a8758a48aafb6e9a13ba2813a5f3c989a0dd271acb1fdcde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:11 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
358
Expires
-1
/
myplacestayrewarded.com/en-US/Captcha/GetCaptcha/ 		358 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/en-US/Captcha/GetCaptcha/?cid=0&hash=559BFEC01F6ABDBF6FB6ABA67A0781FB0E67840515E8ACDF
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
46a4eca7f333566a8758a48aafb6e9a13ba2813a5f3c989a0dd271acb1fdcde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:13 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
358
Expires
-1
/
myplacestayrewarded.com/en-US/Captcha/GetCaptcha/ 		419 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/en-US/Captcha/GetCaptcha/?cid=0&hash=6850675831F4D6FB1302CE14DCE51B74982D7D32FBA6F715
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
462409298846508e04bb7e67aeb7a9c360410d5661938d1e6da3e5fcdfbeaa71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:13 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
419
Expires
-1
/
myplacestayrewarded.com/en-US/Captcha/GetCaptcha/ 		358 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/en-US/Captcha/GetCaptcha/?cid=0&hash=2665DBFE5F36FDAC3534FAC742BA4B107133BC66C23FC5A9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
46a4eca7f333566a8758a48aafb6e9a13ba2813a5f3c989a0dd271acb1fdcde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:13 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
358
Expires
-1
/
myplacestayrewarded.com/en-US/Captcha/GetCaptcha/ 		358 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://myplacestayrewarded.com/en-US/Captcha/GetCaptcha/?cid=0&hash=1A338845FAB55AFDB5A850074E4C12A8E2041FC140939BB9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.91.42.43 Boca Raton, United States, ASN393362 (CDC-01, US),
Reverse DNS
Software
/
Resource Hash
46a4eca7f333566a8758a48aafb6e9a13ba2813a5f3c989a0dd271acb1fdcde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://myplacestayrewarded.com/SignUpKiosk?kioskcode=NTLSLS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Nov 2022 18:41:11 GMT
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Headers
Content-Type
Content-Length
358
Expires
-1

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| LOYALTY object| html5 object| Modernizr object| dataLayer string| CaptchaMessage string| CaptchaSuccess string| CaptchaFail function| isValidIconCaptcha function| initIconCaptcha function| Sifter object| MicroPlugin function| initSpecificSignUpKioskScript object| truste function| shouldRepop function| shouldResolveConsent object| $temp_box_overlay object| $temp_inner_iframe function| $ function| jQuery function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| Spinner function| Cookies function| initLoginLayoutScript object| SignUpBackDoorBag string| isRequired string| email string| signerCodeRequired string| joinSucces string| pleaseWait string| emailExists string| termsAccept string| joinNow string| invalidName string| invalidLastName string| invalidAssociateCode string| age string| emailempty string| NoSpecialCharactersAllowed string| AssociatedWithSocial string| errorMessage_AnErrorOccured function| FormatDatePickerDate function| setDatePickerRegional function| initTermsConditonjs function| faqInit function| initCaptcha function| getCookie function| loadLanguages function| setUserLanguage function| bindEvents function| animateElement function| adjustWidth function| animateElement2 function| adjustWidth2 object| defaultDay number| bwcur number| bwprv function| DP_jQuery_1668451270867 object| ES6Promise function| html2canvas function| disableOther object| activePanels undefined| aPanels object| menuLeft object| body object| showLeft object| classie object| bowser function| showTabFromUrl number| hh number| wh object| RegisterEmailRegexPattern

9 Cookies

Domain/Path Name / Value
myplacestayrewarded.com/ Name: ASP.NET_SessionId
Value: 23jb11ysqqj332zlew2oug5w
myplacestayrewarded.com/ Name: ShaunXu.MvcLocalization.CurrentUICulture
Value: en-US
.myplacestayrewarded.com/ Name: _gcl_au
Value: 1.1.1711551592.1668451270
.myplacestayrewarded.com/ Name: _ga
Value: GA1.2.1478402253.1668451270
.myplacestayrewarded.com/ Name: _gid
Value: GA1.2.1159538650.1668451270
.myplacestayrewarded.com/ Name: _gat_UA-91100088-3
Value: 1
.myplacestayrewarded.com/ Name: _gat_UA-101831531-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.myplacestayrewarded.com/ Name: _fbp
Value: fb.1.1668451270552.800205148

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
myplacestayrewarded.com
stats.g.doubleclick.net
u18979635.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
167.89.115.121
18.66.122.78
198.91.42.43
2606:4700::6811:190e
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
0127cb769af26a65bed3787dce52551c46db63261f479288a72ad29ab631265a
0bbcab8abc6b5bbfa010c95075841187b310788523c170f4e81804152d64589f
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
0ff73637977c4c2524b682891cd160d65ff2c23f3f09335284eeadec631e4373
11d68ec4b41dbb25ebffcf49337d8a2ad59fe14ecb7b8b9e286b811b41a53108
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1a3eddf51bb5ee398a8855069400c2d52c49c4f594eb2421422c1421819db42b
1f0916bb0d19c2a3d6491780773e83e223a49a85d81d7ee1c9ad7c6bc34bb397
1f206264524032fc4e859a1639ce4b58859a37581c162f0b8d2ef905917869f8
21fbbd6d8977efd96b0b22b85d6c6e393cf6b5841e817118f4ea7814ba0f1c4b
2cc46ed8073ff216887fc6ac0d808625a7527cf63f4ef9806d7ea6abb7277f8a
3573193130c4e891ee9813d9be69f9439955eb5d8da8299b4a353bde700fdc13
37fc10aa66b547ca4489a654571d1b6a39bc2212aeda8a1bad7350a3c58304e2
3b20dfaf100267b9a25193ca9d4cb837e42b32a4725f399766a01ef75499d150
462409298846508e04bb7e67aeb7a9c360410d5661938d1e6da3e5fcdfbeaa71
46a4eca7f333566a8758a48aafb6e9a13ba2813a5f3c989a0dd271acb1fdcde3
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47ef9fd5de4b7eed06338c961d13f12072ca9c9526c20f9dc357535b79468ee5
4b31a6d0275e27113d054f2eb6b1e930bdfb668e854ae5dfdd1849fc131c6ea3
5ab2e5967c5fcdb23ab13475ae8152a87e91c51695c5c18550504eea209e3d23
63a468554d1ae65f1da70a19f7929d062a8e233f88b74ee63b4b4e0c9af5b530
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71459675d2ee0bed41d8189e2c2669520938d31ef226ef9c9274ce4bb71360e1
72e449f9a6a8fdf4802e42d26379e737017a43e44b1d8cfda6395dec739d53ef
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e3a9918feda56c5a3196bfbf0cf1e1b11ef13f544ef210b69a1e0f389909266
83d1197af6746d518b68f2cb7ca8b6d17084db051349ce027133db33c4c34a10
840b7ba9a043a6f5218b7a32d398acc2009fa38428d82cd214f98e6f32d01d76
89bcd6638eaf3ffa81d769b7e4723a1b23184647e424e7be2858a34d47a46849
8d667ce63839ad4bfe62fca6af48ce946dccdf01a5bb6478174f10b3078b5e23
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a2287bb22f8ed8285baec2e9b8cfd84ea46d0a142884bea029c7c396fa3a0d9f
abc45b250bb1a8cbcd93049c1b8ac8962b836e36db38ee3ab43776ab9d995571
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0fa8594926acab6db386c41881ebdbb191327ff547dea52470e89cdd8815161
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bc1b396009fc8e271f477cfa26c7462f39b8bee3a7a0ac7336c6bf0aaa34d6c0
be7a090de1fe98f279b7e89c8731422c9b45bddba7a232e3753375a3d14c0876
bfcd5d6ec8827e73b449cfa660ef8e448ce5a5589e08257366d49bbbc78f1448
c158042b25213af48ae52eab2af5780a3babcf8c569883ab8bd4401741b3e222
c44b5917c6d8f9044f73a9986637f2ada0824deaea19418a71d2ba694b9730c6
c5a1c1d794d96cb85ec3cd80d8dcd8f2bbc20a9fd111c380fe44a95963bb4e51
dcfe8df29e553fbd655212f94300cb1e704c6cd147fa7a98cb4bcd9eb92c6707
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e2464f998b38ae5f4a6f68dd19faea6939ccb6db5388ce17a0621c3fe186f859
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69732b2798f7731d8edde6dbfd7516c820d172f5b0a96fd1bab4737dc199f50
e73a5ea6d942030aa3552bdfcc9e61793d28ce22769d24f7e4bde4cdb33cdccb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4189c54ba723da238d7b46eb3f14e788c6419eaa06a1e94449e8b55635a5b7f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75688ed8daab6e41b211c51997216c2f9ae3ba9a40cdfdebcaa280c5de02ba7
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143