rewards-14.plunderdesign.com Open in urlscan Pro
2606:4700:10::6816:3cea  Public Scan

URL: https://rewards-14.plunderdesign.com/
Submission: On September 28 via api from US — Scanned from US

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 58 HTTP transactions. The main IP is 2606:4700:10::6816:3cea, located in United States and belongs to CLOUDFLARENET, US. The main domain is rewards-14.plunderdesign.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 18th 2023. Valid for: a year.
This is the only time rewards-14.plunderdesign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
43 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 13.33.4.48 16509 (AMAZON-02)
1 18.244.200.216 16509 (AMAZON-02)
1 52.85.132.38 16509 (AMAZON-02)
1 3.163.101.2 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2620:1ec:48:1... 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 20.69.148.90 8075 (MICROSOFT...)
1 54.77.242.228 16509 (AMAZON-02)
2 52.179.73.34 8075 (MICROSOFT...)
58 13
Apex Domain
Subdomains
Transfer
43 plunderdesign.com
rewards-14.plunderdesign.com
cdn.plunderdesign.com
3 MB
4 queue-it.net
static.queue-it.net — Cisco Umbrella Rank: 11215
assets.queue-it.net — Cisco Umbrella Rank: 16892
plunderdesign.queue-it.net
12 KB
3 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 3564
eastus-8.in.applicationinsights.azure.com — Cisco Umbrella Rank: 10435
46 KB
2 browser-intake-us3-datadoghq.com
rum.browser-intake-us3-datadoghq.com — Cisco Umbrella Rank: 61276
591 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
317 B
1 gstatic.com
fonts.gstatic.com
31 KB
1 go2sdk.com
js.go2sdk.com — Cisco Umbrella Rank: 52783
18 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2469
48 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
87 KB
58 9
Domain Requested by
30 cdn.plunderdesign.com rewards-14.plunderdesign.com
13 rewards-14.plunderdesign.com rewards-14.plunderdesign.com
2 eastus-8.in.applicationinsights.azure.com js.monitor.azure.com
2 rum.browser-intake-us3-datadoghq.com static.queue-it.net
2 www.google-analytics.com www.googletagmanager.com
2 static.queue-it.net rewards-14.plunderdesign.com
1 plunderdesign.queue-it.net static.queue-it.net
1 fonts.gstatic.com rewards-14.plunderdesign.com
1 js.monitor.azure.com rewards-14.plunderdesign.com
1 assets.queue-it.net static.queue-it.net
1 js.go2sdk.com rewards-14.plunderdesign.com
1 www.datadoghq-browser-agent.com rewards-14.plunderdesign.com
1 www.googletagmanager.com rewards-14.plunderdesign.com
58 13

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.pinterest.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
plunderdesign.com
Cloudflare Inc ECC CA-3
2023-09-18 -
2024-09-16
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.queue-it.net
Amazon RSA 2048 M03
2023-08-22 -
2024-09-19
a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-14 -
2024-01-16
a year crt.sh
js.go2sdk.com
Amazon RSA 2048 M01
2023-08-06 -
2024-09-02
a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 07
2023-09-20 -
2024-09-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.browser-intake-us3-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-18 -
2024-07-18
a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03
2023-09-04 -
2024-08-29
a year crt.sh

This page contains 1 frames:

Primary Page: https://rewards-14.plunderdesign.com/
Frame ID: C7A56CB5D992B4006667D7F54A81D604
Requests: 58 HTTP requests in this frame

Screenshot

Page Title

Shop Your Style | Plunder Design

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

58
Requests

100 %
HTTPS

42 %
IPv6

9
Domains

13
Subdomains

13
IPs

2
Countries

3736 kB
Transfer

4903 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rewards-14.plunderdesign.com/
44 KB
12 KB
Document
General
Full URL
https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1961018be2f7fd4e93fced7abf9bdeb5ef368204692c09b661384bf901def189
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
80df1d6c2d384bcd-BUF
content-encoding
br
content-language
en-US
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Thu, 28 Sep 2023 21:35:13 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
pragma
no-cache
referrer-policy
same-origin
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-miniprofiler-ids
["c469d67b-2b2e-44c9-8cc6-35873cf699a5"]
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
257 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6XK7G3F6WN
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b9503613fa193ff1916b081ffbd337f99d996fc093ea64b1d20be30487f6344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88908
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Sep 2023 21:35:13 GMT
queueclient.min.js
static.queue-it.net/script/
13 KB
4 KB
Script
General
Full URL
https://static.queue-it.net/script/queueclient.min.js
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.4.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-4-48.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
944ab414abd7379509535f0f7422544deaf2a4d19b9fbee4ef9bd1b6b02b3dcd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
4yQ2rNl7SZrweE0tCIPgmTcwWoJbW7lz
content-encoding
gzip
via
1.1 c33ccd454bf1796b79f9f9af880e2882.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 19:47:47 GMT
last-modified
Wed, 23 Feb 2022 18:43:15 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P1
age
6447
etag
W/"58074f881862f661a074ef91b00cf15f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=7200
x-amz-cf-id
pkR7kOSrHrSBmMpRxBXamKQD6oVAuG9WnaPDXjNT_lX1-bdlv7KOcw==
queueconfigloader.min.js
static.queue-it.net/script/
24 KB
6 KB
Script
General
Full URL
https://static.queue-it.net/script/queueconfigloader.min.js
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.4.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-4-48.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7157deb8ebe872e9ad11477112493ef6d3175123c43073bbbc81954295049f08

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
hmKaoMDmDo5jDZ4nyowQbHuhS.wPsIca
content-encoding
gzip
via
1.1 c33ccd454bf1796b79f9f9af880e2882.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 20:32:23 GMT
last-modified
Wed, 23 Feb 2022 18:43:15 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P1
age
3771
etag
W/"eee5cc1b5a9d83bc08cac904c6172a69"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public,max-age=7200
x-amz-cf-id
A366JgUNCX86NZZPgiGhbdMT8saJ3BSpNEYWFBQRYRqartb9iNNVRg==
knzblmoxpjpccuylnyqzga.styles.css
rewards-14.plunderdesign.com/css/
474 KB
82 KB
Stylesheet
General
Full URL
https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12272e872f4ee25b97d455557abec8be8e3cec73773b981d8b9c9b81bebc0014
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:24 GMT
server
cloudflare
etag
W/"-4T3Ae08UX333lTCIAx76WQvKEU"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
max-age=31536000, immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
cf-ray
80df1d6e3d484bcd-BUF
us.png
rewards-14.plunderdesign.com/images/flags/
609 B
1 KB
Image
General
Full URL
https://rewards-14.plunderdesign.com/images/flags/us.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
609
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:22 GMT
server
cloudflare
etag
"1d9f209c8b3e161"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
cf-ray
80df1d6fdd934bcd-BUF
0000003_Plunder-black-Logo-275.png
cdn.plunderdesign.com/prod/images/thumbs/
2 KB
2 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0000003_Plunder-black-Logo-275.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6222d100c6368fb6bb5b27e6b197170323f4d559f1abf6931c377cca6ea5608b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
REVALIDATED
content-md5
fr3UmAXw1x1s9exWtW7Ylw==
cf-polished
origFmt=png, origSize=2814
content-disposition
inline; filename="0000003_Plunder-black-Logo-275.webp"
content-length
1730
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 15 Sep 2023 09:08:36 GMT
server
cloudflare
etag
0x8DBB5CB585327DC
vary
Accept
content-type
image/webp
x-ms-request-id
042822c0-501e-004c-74cf-ec3c0d000000
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d6fed994bcd-BUF
0003066_2N2A0137%20copy%202.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
193 KB
193 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0003066_2N2A0137%20copy%202.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02008ce675451c9b9c046791597dde277714c52fcd454b407ca52a5e75d0defc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
REVALIDATED
content-md5
EJ3nG9y9S68d8ZmA8Vt9xQ==
cf-polished
origSize=197241
content-length
197233
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 15 Sep 2023 09:21:17 GMT
server
cloudflare
etag
0x8DBB5CD1DC16FBF
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
4439ebab-c01e-005e-4acf-ec47dd000000
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d6fed9b4bcd-BUF
0005871_2.png
cdn.plunderdesign.com/prod/images/thumbs/
705 KB
706 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005871_2.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3a984b51aea2520101dc7c9088fe3201a813c9b838171efc95c07a4fc6a0cf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
cnG7njejlmVCDh/2xb+c+g==
age
606207
cf-polished
origFmt=png, origSize=1159549
content-disposition
inline; filename="0005871_2.webp"
content-length
722152
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 15 Sep 2023 09:02:21 GMT
server
cloudflare
etag
0x8DBB5CA786D4854
vary
Accept
content-type
image/webp
x-ms-request-id
20075766-001e-001c-23d0-ecfe5d000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d6fed9a4bcd-BUF
0005771_newly-added_520.png
cdn.plunderdesign.com/prod/images/thumbs/
213 KB
214 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005771_newly-added_520.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f71495837225d5a5c72c6857f8be0b12cbb731d61d6df5de59b534ed74d8667

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
kFegCjviZ3gvgDQbABtB2A==
age
596674
cf-polished
origFmt=png, origSize=357419
content-disposition
inline; filename="0005771_newly-added_520.webp"
content-length
218192
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Sep 2023 22:20:14 GMT
server
cloudflare
etag
0x8DBBAF0EDEB4F9D
vary
Accept
content-type
image/webp
x-ms-request-id
c421e048-001e-0041-7ce6-ecf4d9000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d6fed974bcd-BUF
0005941_spell-bracelet_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
19 KB
19 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005941_spell-bracelet_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd6d2c8801f9ca1457653bea2796f67f38c91eddbf425cc0d81822c21ff4e44

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
xssTNJm37LrWgO2vSOPJ5w==
age
7280
cf-polished
origSize=20577
content-length
19362
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 22 Sep 2023 13:06:37 GMT
server
cloudflare
etag
0x8DBBB6CC10917F0
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
8bd27f88-e01e-0059-1142-f22bbe000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d700d9c4bcd-BUF
0005942_spell-bracelet_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
20 KB
21 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005942_spell-bracelet_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd73184ee2876a9f6c6620cd30c6208b27e975582c98d20a5f66be72bd07d2d5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
grOyUH05JE6cOZLBHcGBjg==
age
7280
cf-polished
origSize=21830
content-length
20877
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 22 Sep 2023 13:06:37 GMT
server
cloudflare
etag
0x8DBBB6CC123126E
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
a1207f5a-301e-005a-3c42-f2cada000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d6fed984bcd-BUF
0005927_hank-necklace_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
13 KB
13 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005927_hank-necklace_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de77c9c4430d58981aa49bf2774059da853ca9a701c763155f44cf21585900c2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
1p1j3lJuz1bb9lEYMxekDA==
age
7280
cf-polished
origSize=13912
content-length
12800
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Mon, 25 Sep 2023 13:35:37 GMT
server
cloudflare
etag
0x8DBBDCC4DB331E4
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
793cf038-d01e-0030-0442-f212f2000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d701da34bcd-BUF
0005926_hank-necklace_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
16 KB
16 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005926_hank-necklace_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c6640390530bdab697e49b24cb460db1a9218581d1eb75b796f8ff904e4e3c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
+N/4Ejg4geOFAL8+3X7jNA==
age
7280
cf-polished
origSize=16953
content-length
16102
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Mon, 25 Sep 2023 13:35:37 GMT
server
cloudflare
etag
0x8DBBDCC4DC48380
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
be398313-601e-001a-0842-f2cde2000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d701da64bcd-BUF
0005939_bone-jangles-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
30 KB
30 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005939_bone-jangles-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b31d4b222f9bed30c014e34c61dd5576daf9134c29413213b7f3ff7f70cf3e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
wlXtNLTItbiEug8VaFuiGg==
age
7280
cf-polished
origSize=31754
content-length
30530
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Sep 2023 16:08:38 GMT
server
cloudflare
etag
0x8DBC03D2CE92194
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
27abe91b-701e-0006-0e42-f29f82000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d701da24bcd-BUF
0005940_bone-jangles-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
43 KB
43 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005940_bone-jangles-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1124d683793902608ab3d9952a30cf13d5a36cdf705ad128e4fe6947da272b74

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:13 GMT
cf-cache-status
HIT
content-md5
fiLkI9DarZWkksmwoALQlg==
age
7280
cf-polished
origSize=45351
content-length
44211
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Sep 2023 16:08:38 GMT
server
cloudflare
etag
0x8DBC03D2CF596BB
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
7d09eb76-201e-0069-8042-f29571000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d701da44bcd-BUF
0005925_youve-yeed-your-last-haw-necklace_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
22 KB
22 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005925_youve-yeed-your-last-haw-necklace_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48052f4f35f17e5830a0d0559270c14655a17ce76a40fdd9ed7b4f0cbdf7d11

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
KE1Fdc/FQeXT0cdo9p1d+w==
age
7280
cf-polished
origSize=24317
content-length
22283
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Tue, 26 Sep 2023 15:14:58 GMT
server
cloudflare
etag
0x8DBBEA35943921F
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
b75e71fc-501e-0011-1a42-f23689000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d70bdaa4bcd-BUF
0005924_youve-yeed-your-last-haw-necklace_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
31 KB
31 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005924_youve-yeed-your-last-haw-necklace_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdf7df0e5857bbde270d0998a89f3506f434bb401130ef8f5c6b5bf706c5e096

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
/OaCMpK/DLNd+5RT4JdkWw==
age
7281
cf-polished
origSize=34040
content-length
31675
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Tue, 26 Sep 2023 15:14:59 GMT
server
cloudflare
etag
0x8DBBEA3595495ED
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
a1207fa5-301e-005a-7d42-f2cada000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d70bdab4bcd-BUF
0005369_247-wear_520.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
31 KB
31 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005369_247-wear_520.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95388af53a8cd7629e89507947f9d777661e608638b271a8f573a8a3e4e61a6a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
dSLnpA8Bd7DoQtXUu/PK/w==
age
606208
cf-polished
origSize=32756
content-length
31793
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 21 Sep 2023 17:41:09 GMT
server
cloudflare
etag
0x8DBBAC9F1241F6D
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
856140ae-401e-0040-3dd0-ecab05000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d70bdac4bcd-BUF
0000590_quinlee-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
14 KB
14 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0000590_quinlee-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afe133e939dc92605d4cbd8c610db6c05b0c2a0bc794f3cfc414088995220a8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
lGXXcxvbz/3GxcdGqjIWTA==
age
606208
cf-polished
origSize=14404
content-length
13878
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Tue, 19 Sep 2023 22:00:20 GMT
server
cloudflare
etag
0x8DBB95BD133EF84
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
8bae0f53-d01e-001f-39d0-ec1f39000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d70cdad4bcd-BUF
0005536_quinlee-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
51 KB
51 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005536_quinlee-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8693f2b577cc8be746ee3c70abb0c6395bfff85134616ef261ef96be0cd7183d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
YXkEd77NTpWm/iRR59yaFA==
age
7280
cf-polished
origSize=53990
content-length
52057
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 22 Sep 2023 16:58:42 GMT
server
cloudflare
etag
0x8DBBB8D2D562323
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
e2fd9fa7-501e-0001-4442-f2f3e1000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d70fdb04bcd-BUF
0001544_cove-ring_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
29 KB
29 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0001544_cove-ring_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
371cc43cf55ded455ff077a943f412f57bab1ece429c9293cfa72d063eb03b40

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
Le4Z4PRWw605gWMcRmn9KQ==
age
606208
cf-polished
origSize=31751
content-length
29937
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Sep 2023 17:27:55 GMT
server
cloudflare
etag
0x8DBB9FEED20B400
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
042bc618-501e-004c-02d0-ec3c0d000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d70fdb14bcd-BUF
0001545_cove-ring_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
25 KB
25 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0001545_cove-ring_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2923371848d91b17ae7b0d71c5108560577799c05a62b8fb905474a71af174c2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
B2zdtNi5rOQ7pB4h+nhPTg==
age
606208
cf-polished
origSize=27343
content-length
25406
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Sep 2023 17:27:55 GMT
server
cloudflare
etag
0x8DBB9FEED344D0B
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
eaa87388-a01e-0048-48d0-ecb10a000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d70fdb24bcd-BUF
0001496_tigris-necklace_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
16 KB
16 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0001496_tigris-necklace_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0be528563146935e312c8e3caf88d4d32905552e8a969430897f668deaf3954f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
q+pkPT8I+FEKyiZe9onWFg==
age
606208
cf-polished
origSize=17134
content-length
16181
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Sep 2023 19:53:41 GMT
server
cloudflare
etag
0x8DBBA1349F10DBA
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
5bc62ef9-701e-004b-33d0-ec506e000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d710db34bcd-BUF
0001491_tigris-necklace_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
21 KB
21 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0001491_tigris-necklace_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
148186678325c7bc3c882cc1ad2a66e1572a6ebbf4163062a88644f6bba0de72

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
P0w08XxtEAGYv1hGcq4Gsg==
age
7280
cf-polished
origSize=22458
content-length
21366
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Sep 2023 19:53:41 GMT
server
cloudflare
etag
0x8DBBA134A2B163C
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
7d09ec3f-201e-0069-3c42-f29571000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d711db44bcd-BUF
0005361_trending-now_520.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
29 KB
30 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005361_trending-now_520.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cd8f5515891a4407ba09f34fe45e7e9c3d199aa710c4b211606c027456aa8a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
FYvTwhUSZJ3aPXXOwgObHA==
age
606208
cf-polished
origSize=30929
content-length
30026
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Mon, 18 Sep 2023 19:35:15 GMT
server
cloudflare
etag
0x8DBB87E61EEDB2D
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
204c87be-901e-0043-7bd0-ec4a61000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d712db54bcd-BUF
0000182_angela-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
36 KB
36 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0000182_angela-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce94a068550eb346f1ea1fd9d6d67add42300094d0f9b93e647256a153b710f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
MVFlzbNqugXpK5CQOtjXfg==
age
606208
cf-polished
origSize=38608
content-length
36672
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Tue, 19 Sep 2023 21:35:24 GMT
server
cloudflare
etag
0x8DBB958558B8219
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
e0e12e0f-101e-004d-40d0-ec63d1000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d714db64bcd-BUF
0000179_angela-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
64 KB
64 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0000179_angela-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
043508bec9a80b8b372c8b18a642664e88587444b585207644c255f82620e507

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
97/vwjJPo6voAkR1TkOK9A==
age
7280
cf-polished
origSize=68109
content-length
65439
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Tue, 19 Sep 2023 21:35:25 GMT
server
cloudflare
etag
0x8DBB95855D0EF8F
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
bada06c1-a01e-0015-6542-f2bb8e000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d714db74bcd-BUF
0000231_arden-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
44 KB
44 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0000231_arden-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf020e51f66cc423fa3fb3c9486a4945ee5de62d349afe2c305837d50a5cfd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
ptKzU6Vi0iNjp6SzhmJYOQ==
age
606208
cf-polished
origSize=48182
content-length
44626
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Sep 2023 18:52:20 GMT
server
cloudflare
etag
0x8DBBA0AB80B1315
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
8bae0f56-d01e-001f-3cd0-ec1f39000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d714db84bcd-BUF
0000230_arden-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
50 KB
50 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0000230_arden-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
780d80b6970b775789f72098f87fdb4dd01f9e0f442d1150de9fc138fd3527ef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
34zPlIBqNeX9jAWK9sIm9Q==
age
606208
cf-polished
origSize=52501
content-length
50927
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Sep 2023 18:52:20 GMT
server
cloudflare
etag
0x8DBBA0AB81C3DD6
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
d14f33b2-f01e-0027-72d0-ecbbf9000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d715db94bcd-BUF
0005310_melina-earrings_600.png
cdn.plunderdesign.com/prod/images/thumbs/
367 KB
368 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005310_melina-earrings_600.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717d9b24a483ee70e01aefc2209bcb1fc130bf43d03e8b23e69ba106e56a5e18

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
SQTHye5v2znmlW7Q/jP8OA==
age
606208
cf-polished
origFmt=png, origSize=619182
content-disposition
inline; filename="0005310_melina-earrings_600.webp"
content-length
375636
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 20 Sep 2023 19:49:47 GMT
server
cloudflare
etag
0x8DBBA12BEE66062
vary
Accept
content-type
image/webp
x-ms-request-id
a13cc9f1-d01e-0052-7fd0-ecd0d5000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d715dba4bcd-BUF
0000004_melina-earrings_600.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
35 KB
36 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0000004_melina-earrings_600.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
440cd137cd29003378e43e44c9d200b414cd60601096e5e1ca06aeb90490d6d9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
oUn+P6NjjdBFItlR1v0ccw==
age
7280
cf-polished
origSize=38610
content-length
36351
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 22 Sep 2023 15:55:07 GMT
server
cloudflare
etag
0x8DBBB844B6DF1F0
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
930972d2-601e-0068-5342-f2caad000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d716dbb4bcd-BUF
0005161_Add%20a%20little%20bit%20of%20body%20text.png
cdn.plunderdesign.com/prod/images/thumbs/
212 KB
213 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005161_Add%20a%20little%20bit%20of%20body%20text.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21238ae2cc481683caa3983e0825270639f0f6718311d0e7d5a577e6c6bb44ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
REVALIDATED
content-md5
zzfGmJsNVWd0b62NaJkcxQ==
cf-polished
status=not_needed
content-length
217523
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Wed, 27 Sep 2023 09:09:33 GMT
server
cloudflare
etag
0x8DBBF39772DCB7F
vary
Accept-Encoding
content-type
image/png
x-ms-request-id
b4a6d970-401e-000d-1542-f264e9000000
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d718dbd4bcd-BUF
0006029_POP%20UP%20(9).png
cdn.plunderdesign.com/prod/images/thumbs/
278 KB
278 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0006029_POP%20UP%20(9).png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f40c489255ec6bedefb7e7199cd5d5149a65f1d3dffe9dfa2a1026e1bab102e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
uK9q5ZX5u0hGfl6YUuYBng==
age
7280
cf-polished
origFmt=png, origSize=432887
content-disposition
inline; filename="0006029_POP%20UP%20(9).webp"
content-length
284272
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Thu, 28 Sep 2023 16:40:18 GMT
server
cloudflare
etag
0x8DBC0419951EE89
vary
Accept
content-type
image/webp
x-ms-request-id
072e1c4b-501e-002e-6c42-f2fe2a000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d718dbe4bcd-BUF
0005832_2N2A7651.jpeg
cdn.plunderdesign.com/prod/images/thumbs/
240 KB
241 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005832_2N2A7651.jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6cbb703485649bcd62f56324f9a9e72e8755cc0bed45bb2daed58e5f125190

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
y0LaHGEDlDhehmrVZcVcvw==
age
606208
cf-polished
origSize=259513
content-length
246081
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Fri, 08 Sep 2023 09:03:33 GMT
server
cloudflare
etag
0x8DBB04A7A86FE83
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
8bae0ee8-d01e-001f-5bd0-ec1f39000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d719dbf4bcd-BUF
0005842_BK5A7781-retouched%20(1).jpeg
cdn.plunderdesign.com/prod/images/thumbs/
286 KB
287 KB
Image
General
Full URL
https://cdn.plunderdesign.com/prod/images/thumbs/0005842_BK5A7781-retouched%20(1).jpeg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3007819048135c7f71fb58bcecd1877a858011db9e28ce84262aeef8242a5c0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Sep 2023 21:35:14 GMT
cf-cache-status
HIT
content-md5
9buOQxB2LBSa8qbDEKb1MA==
age
606208
cf-polished
origSize=305589
content-length
293220
x-ms-lease-status
unlocked
cf-bgj
imgq:100,h2pri
last-modified
Tue, 12 Sep 2023 09:02:16 GMT
server
cloudflare
etag
0x8DBB36EF664FFAB
vary
Accept-Encoding
content-type
image/jpeg
x-ms-request-id
06378254-601e-0068-34d0-eccaad000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80df1d719dc04bcd-BUF
logo-white.png
rewards-14.plunderdesign.com/themes/customvoyage/content/img/
3 KB
3 KB
Image
General
Full URL
https://rewards-14.plunderdesign.com/themes/customvoyage/content/img/logo-white.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f10c4e55bdf35723edbc94a8b80eea22a9223c391a06850994ecdf866b2b3bd5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
3142
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
"1d9f209c782ba46"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
cf-ray
80df1d6fed944bcd-BUF
tik-tok.svg
rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/img/
922 B
659 B
Image
General
Full URL
https://rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/img/tik-tok.svg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a37263988ae29da575603c41ff62768457293ef76c2fac746d9e1581b82ba63
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
W/"1d9f209c782b59a"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
cf-ray
80df1d6fed954bcd-BUF
payment-sprite.png
rewards-14.plunderdesign.com/Themes/Voyage/Content/img/
2 KB
2 KB
Image
General
Full URL
https://rewards-14.plunderdesign.com/Themes/Voyage/Content/img/payment-sprite.png
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4ee08dc63dcf876c9c3c8e25aeb6218c44fc158e08baf8991ab613ca6302ee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
2451
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
"1d9f209c782bf93"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
cf-ray
80df1d6fed964bcd-BUF
email-decode.min.js
rewards-14.plunderdesign.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
817 B
Script
General
Full URL
https://rewards-14.plunderdesign.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Sep 2023 11:52:30 GMT
server
cloudflare
etag
W/"6514177e-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
80df1d6f7d6d4bcd-BUF
expires
Sat, 30 Sep 2023 21:35:13 GMT
zmysctpp5dfuktoagrpgbg.scripts.js
rewards-14.plunderdesign.com/js/
534 KB
157 KB
Script
General
Full URL
https://rewards-14.plunderdesign.com/js/zmysctpp5dfuktoagrpgbg.scripts.js?v=dKdG5olUdt8Y0yKy21z7rPv_Y4Y
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4fe8e81e5e3f4f1f882db5644ac96c305f269201c35fb1f17fccc2c1e2e49aa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:24 GMT
server
cloudflare
etag
W/"dKdG5olUdt8Y0yKy21z7rPv_Y4Y"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
max-age=31536000, immutable
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
cf-ray
80df1d6fcd724bcd-BUF
datadog-rum.js
www.datadoghq-browser-agent.com/us3/v4/
149 KB
48 KB
Script
General
Full URL
https://www.datadoghq-browser-agent.com/us3/v4/datadog-rum.js
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.200.216 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-200-216.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16016117ff3d4d1f52cbced8021ebb01826a4be04b7cf0fe63c6eef19c398df2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:34:28 GMT
content-encoding
br
via
1.1 fec9907eafdab85a382cff2ca4b8a836.cloudfront.net (CloudFront)
last-modified
Tue, 26 Sep 2023 13:27:10 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P4
age
47
x-amz-server-side-encryption
AES256
etag
W/"61035e00fb2197c9f0f41d26dec50a3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
JuOE0KkKuB0NIOfxDA3e1R5yAWP68UMxfh0pXZWniUDyYLu9oT4wOw==
tune.js
js.go2sdk.com/v2/
18 KB
18 KB
Script
General
Full URL
https://js.go2sdk.com/v2/tune.js
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.132.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-38.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cca8ce472cbf8c44acf7ac24067c2d6075acd1e0cd4c9003de6055289ac5c68a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 28 Sep 2023 16:45:29 GMT
via
1.1 4a21175361a1e842a337986b5f7399aa.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jan 2021 18:55:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
17386
x-amz-server-side-encryption
AES256
etag
"074c9e70b17ef9db8aced963fef4e2d9"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
17921
x-amz-cf-id
GkQSEwKwYSW9bDuX99wpSWwkQOcDtqO-L7ZtlheAaALXc3dzSsrVRw==
queueclientConfig.js
assets.queue-it.net/plunderdesign/integrationconfig/javascript/
1 KB
940 B
Script
General
Full URL
https://assets.queue-it.net/plunderdesign/integrationconfig/javascript/queueclientConfig.js?versionTimestamp=20230928111107
Requested by
Host: static.queue-it.net
URL: https://static.queue-it.net/script/queueconfigloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.163.101.2 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-101-2.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c2f0d51412c28aec3e98c0e0feb20efb25c95bc6904ac28fa76e06701017e05

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
8_4ZHOGcO1E_LqxD2JAwLGYxJuio7S6f
content-encoding
gzip
via
1.1 d8f1b96a3a4d1e4850d03b663b204af4.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 21:35:15 GMT
last-modified
Thu, 21 Sep 2023 16:54:32 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P8
x-amz-server-side-encryption
AES256
etag
W/"025f28f87045200ea13f14ffa9aeba8a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-replication-status
COMPLETED
x-amz-cf-id
FT4We99RfSFbX6We3LESkDexVk1O6gaIAMA8KQKa3dTu4qukI-5hUQ==
collect
www.google-analytics.com/g/
0
263 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6XK7G3F6WN&gtm=45je39r0&_p=94626252&cid=80153178.1695936914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695936913&sct=1&seg=0&dl=https%3A%2F%2Frewards-14.plunderdesign.com%2F&dt=Shop%20Your%20Style%20%7C%20Plunder%20Design&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6XK7G3F6WN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 21:35:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rewards-14.plunderdesign.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.2.min.js
js.monitor.azure.com/scripts/b/
120 KB
46 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:48:1::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

Referer
Origin
https://rewards-14.plunderdesign.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:13 GMT
content-encoding
br
x-azure-ref-originshield
0i+8VZQAAAAA59eY5ohFcQbqZfsRoFcj4TU5aMjIxMDYwNjEyMDM3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
OTYl0s1WUyP5rZ8mTmvbyA==
x-cache
TCP_HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.16.min.js
last-modified
Wed, 20 Sep 2023 16:12:29 GMT
x-ms-meta-aijssdkver
2.8.16
etag
0x8DBB9F46341BD96
x-azure-ref
0kvEVZQAAAACqhCl7SFRzSJLOgkZaSnFfTU5aMjIxMDYwNjE0MDE5AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
924c0e30-f01e-0025-4052-f28eb2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
arrow-select2.svg
rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/img/
426 B
366 B
Image
General
Full URL
https://rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/img/arrow-select2.svg
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efd854d2ef56e1353cf3e59f27a97733825ec7135e3cdbfbe84e115051f22b5b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
W/"1d9f209c782b7aa"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
cf-ray
80df1d700d9d4bcd-BUF
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://rewards-14.plunderdesign.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 01:16:45 GMT
x-content-type-options
nosniff
age
245908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 01:16:45 GMT
truncated
/
273 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
voyage.woff
rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/
13 KB
9 KB
Font
General
Full URL
https://rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/voyage.woff
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
994f78e7f3d4681ecff4cf8ac7ec38238097fd8e3d2bbe8cb95dc11ca6901422
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Origin
https://rewards-14.plunderdesign.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
W/"1d9f209c7828398"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
cf-ray
80df1d700d9e4bcd-BUF
ITCGaramondStd-LtCond.woff2
rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/
23 KB
23 KB
Font
General
Full URL
https://rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/ITCGaramondStd-LtCond.woff2
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e6e76b497a84ca5b03725b62e0e604eb5a4b3de1d1638c1d58d188f3fdecff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Origin
https://rewards-14.plunderdesign.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
23512
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
"1d9f209c782edd8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
cf-ray
80df1d700d9f4bcd-BUF
MaisonNeueExtended-Light.woff2
rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/
41 KB
41 KB
Font
General
Full URL
https://rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/MaisonNeueExtended-Light.woff2
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a26b5bc2221b0de4789654e30dedb23febac234ce94b77a6152c78241ffdc44
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Origin
https://rewards-14.plunderdesign.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
42012
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
"1d9f209c782121c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
cf-ray
80df1d700da04bcd-BUF
PaalalabasDisplay-Condens.woff2
rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/
18 KB
18 KB
Font
General
Full URL
https://rewards-14.plunderdesign.com/Themes/CustomVoyage/Content/fonts/PaalalabasDisplay-Condens.woff2
Requested by
Host: rewards-14.plunderdesign.com
URL: https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3cea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a893ad37d0f7a5b13054416e66b63ca1d84c62b67d4cc963e372908f306e7c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rewards-14.plunderdesign.com/css/knzblmoxpjpccuylnyqzga.styles.css?v=-4T3Ae08UX333lTCIAx76WQvKEU
Origin
https://rewards-14.plunderdesign.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
18764
x-xss-protection
1; mode=block
request-context
appId=cid-v1:3b59ddf7-4d4e-4b8e-adbf-8018c44b4b0e
referrer-policy
same-origin
last-modified
Thu, 28 Sep 2023 12:46:20 GMT
server
cloudflare
etag
"1d9f209c782ff4c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=*, usb=()
accept-ranges
bytes
cf-ray
80df1d700da14bcd-BUF
rum
rum.browser-intake-us3-datadoghq.com/api/v2/
53 B
296 B
Fetch
General
Full URL
https://rum.browser-intake-us3-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.0%2Capi%3Afetch%2Cenv%3Aprod-1%2Cservice%3Aplunder-chloe&dd-api-key=pub24bcf428b90fe310467c8151a19f007c&dd-evp-origin-version=4.50.0&dd-evp-origin=browser&dd-request-id=c970da05-06c1-4e62-84d9-456d3cc0a45c&batch_time=1695936914315
Requested by
Host: static.queue-it.net
URL: https://static.queue-it.net/script/queueconfigloader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.148.90 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
28eeb964161df6fa5173a3e9d0b823c421bf683b911a618a1e3fc11ddde477a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
rum
rum.browser-intake-us3-datadoghq.com/api/v2/
53 B
295 B
Fetch
General
Full URL
https://rum.browser-intake-us3-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.0%2Capi%3Afetch%2Cenv%3Aprod-1%2Cservice%3Aplunder-chloe&dd-api-key=pub24bcf428b90fe310467c8151a19f007c&dd-evp-origin-version=4.50.0&dd-evp-origin=browser&dd-request-id=e5fa8ca8-32af-46c9-91aa-2871a3ae987f&batch_time=1695936914319
Requested by
Host: static.queue-it.net
URL: https://static.queue-it.net/script/queueconfigloader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.69.148.90 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
25ca4ac1728dc9d06479eda066f93ff760a58eb3799982deecda762080b1481e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 28 Sep 2023 21:35:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
1695936914371
plunderdesign.queue-it.net/javascriptqueue/plunderdesign/plunderdesignlive/
411 B
722 B
Script
General
Full URL
https://plunderdesign.queue-it.net/javascriptqueue/plunderdesign/plunderdesignlive/1695936914371?t=https%3A%2F%2Frewards-14.plunderdesign.com%2F&ver=js2.0.48&l=Default%20layout%20by%20Queue-it
Requested by
Host: static.queue-it.net
URL: https://static.queue-it.net/script/queueclient.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-242-228.eu-west-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
c359b1141bf5ff2a25d2004947ce1a7b99f4b32ff79afdf5824223065a206e1f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 21:35:14 GMT
server
Kestrel
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
content-type
application/javascript
cache-control
no-store, no-cache
x-robots-tag
noindex
content-length
411
track
eastus-8.in.applicationinsights.azure.com//v2/
49 B
158 B
XHR
General
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Thu, 28 Sep 2023 21:35:14 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
x-request-id
c2d24de2-22b2-481c-aec2-5424192d3c94
content-type
application/json; charset=utf-8
track
eastus-8.in.applicationinsights.azure.com//v2/
0
0
Preflight
General
Full URL
https://eastus-8.in.applicationinsights.azure.com//v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://rewards-14.plunderdesign.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Thu, 28 Sep 2023 21:35:14 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-request-id
a8478716-1a24-4cae-b121-d13874d282c4
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-6XK7G3F6WN&gtm=45je39r0&_p=94626252&cid=80153178.1695936914&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1695936913&sct=1&seg=0&dl=https%3A%2F%2Frewards-14.plunderdesign.com%2F&dt=Shop%20Your%20Style%20%7C%20Plunder%20Design&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6XK7G3F6WN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::8b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 21:35:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://rewards-14.plunderdesign.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| DD_RUM function| gtag object| dataLayer object| tdl object| QueueIt function| queueClient function| __extends object| en object| google_tag_manager object| google_tag_data object| gaGlobal object| appInsights object| regeneratorRuntime function| parcelRequire function| setLocation function| warningValidation function| OpenWindow function| displayAjaxLoading function| displayPopupNotification function| displayJoinedPopupNotifications function| displayPopupContentFromUrl function| displayBarNotification function| htmlEncode function| htmlDecode function| addAntiForgeryToken object| AjaxCart function| copyTextToClipboard function| smoothScrollTop function| plunderdisplayPopupNotification object| os object| match function| $ function| jQuery object| footable object| sevenSpikesCore object| CatalogProducts object| sevenSpikesThemeModules function| sevenSpikesTheme number| uidEvent object| bootstrap object| localized_data object| Microsoft object| __dynProto$Gbl object| queueit_clientside_config object| queueit object| myQueueClient

12 Cookies

Domain/Path Name / Value
rewards-14.plunderdesign.com/ Name: .Web1.Customer
Value: 5976fc98-8d4e-49e8-83ec-97fd728adee6
rewards-14.plunderdesign.com/ Name: .Web1.Culture
Value: c%3Den-US%7Cuic%3Den-US
rewards-14.plunderdesign.com/ Name: .Web1.Antiforgery
Value: CfDJ8GVhwOKZBqZNghl4HOydDi4_sOQ_-NmXPW1qT9htFkG48ijs9V9ttqzcsiVeOkwnCP8gi3w3l5rIUyHwWYy0QtDfGS56lfbZ3wBYfVnBmCE0z3i0IjmBmrEgTqHUBVPUynbjUl1sb4bscBSZMvCRVqE
.rewards-14.plunderdesign.com/ Name: ARRAffinity
Value: d7c21028a67cb8a98885063c735ec575a76568f42edf9dee6d2e766fc1904996
.rewards-14.plunderdesign.com/ Name: ARRAffinitySameSite
Value: d7c21028a67cb8a98885063c735ec575a76568f42edf9dee6d2e766fc1904996
.plunderdesign.com/ Name: _ga
Value: GA1.1.80153178.1695936914
.plunderdesign.com/ Name: _ga_6XK7G3F6WN
Value: GS1.1.1695936913.1.0.1695936913.0.0.0
rewards-14.plunderdesign.com/ Name: ai_user
Value: xCI8vMn/aAkwC1lWxXAzpp|2023-09-28T21:35:14.232Z
.queue-it.net/ Name: Queue-it
Value: u=f1d9a542-f9e9-4b13-842b-5751bc8cde80
rewards-14.plunderdesign.com/ Name: QueueITAccepted-SDFrts345E-V3_plunderdesignlive
Value: EventId%3Dplunderdesignlive%26QueueId%3D00000000-0000-0000-0000-000000000000%26RedirectType%3Ddisabled%26IssueTime%3D1695936914%26Hash%3D31708563c60c502c46d7829bc01f70ad097f49e7495547090e744b4d780391d7
rewards-14.plunderdesign.com/ Name: ai_session
Value: 5MIUtdtCDyhh74ZGktkzyO|1695936914807|1695936914807
rewards-14.plunderdesign.com/ Name: _dd_s
Value: rum=2&id=26cfc454-7627-48fd-b1ed-19caeb10ad6e&created=1695936914243&expire=1695937814243

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.queue-it.net
cdn.plunderdesign.com
eastus-8.in.applicationinsights.azure.com
fonts.gstatic.com
js.go2sdk.com
js.monitor.azure.com
plunderdesign.queue-it.net
rewards-14.plunderdesign.com
rum.browser-intake-us3-datadoghq.com
static.queue-it.net
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
13.33.4.48
18.244.200.216
20.69.148.90
2606:4700:10::6816:3cea
2607:f8b0:4004:c08::61
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c17::8b
2620:1ec:48:1::38
3.163.101.2
52.179.73.34
52.85.132.38
54.77.242.228
02008ce675451c9b9c046791597dde277714c52fcd454b407ca52a5e75d0defc
043508bec9a80b8b372c8b18a642664e88587444b585207644c255f82620e507
0a37263988ae29da575603c41ff62768457293ef76c2fac746d9e1581b82ba63
0be528563146935e312c8e3caf88d4d32905552e8a969430897f668deaf3954f
0cf020e51f66cc423fa3fb3c9486a4945ee5de62d349afe2c305837d50a5cfd7
0f40c489255ec6bedefb7e7199cd5d5149a65f1d3dffe9dfa2a1026e1bab102e
1124d683793902608ab3d9952a30cf13d5a36cdf705ad128e4fe6947da272b74
12272e872f4ee25b97d455557abec8be8e3cec73773b981d8b9c9b81bebc0014
148186678325c7bc3c882cc1ad2a66e1572a6ebbf4163062a88644f6bba0de72
16016117ff3d4d1f52cbced8021ebb01826a4be04b7cf0fe63c6eef19c398df2
16b31d4b222f9bed30c014e34c61dd5576daf9134c29413213b7f3ff7f70cf3e
1961018be2f7fd4e93fced7abf9bdeb5ef368204692c09b661384bf901def189
20cd8f5515891a4407ba09f34fe45e7e9c3d199aa710c4b211606c027456aa8a
21238ae2cc481683caa3983e0825270639f0f6718311d0e7d5a577e6c6bb44ad
23c6640390530bdab697e49b24cb460db1a9218581d1eb75b796f8ff904e4e3c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25ca4ac1728dc9d06479eda066f93ff760a58eb3799982deecda762080b1481e
28eeb964161df6fa5173a3e9d0b823c421bf683b911a618a1e3fc11ddde477a6
2923371848d91b17ae7b0d71c5108560577799c05a62b8fb905474a71af174c2
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
371cc43cf55ded455ff077a943f412f57bab1ece429c9293cfa72d063eb03b40
3afe133e939dc92605d4cbd8c610db6c05b0c2a0bc794f3cfc414088995220a8
3ce94a068550eb346f1ea1fd9d6d67add42300094d0f9b93e647256a153b710f
440cd137cd29003378e43e44c9d200b414cd60601096e5e1ca06aeb90490d6d9
4a26b5bc2221b0de4789654e30dedb23febac234ce94b77a6152c78241ffdc44
5c4ee08dc63dcf876c9c3c8e25aeb6218c44fc158e08baf8991ab613ca6302ee
6222d100c6368fb6bb5b27e6b197170323f4d559f1abf6931c377cca6ea5608b
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
6c6cbb703485649bcd62f56324f9a9e72e8755cc0bed45bb2daed58e5f125190
6dd6d2c8801f9ca1457653bea2796f67f38c91eddbf425cc0d81822c21ff4e44
7157deb8ebe872e9ad11477112493ef6d3175123c43073bbbc81954295049f08
717d9b24a483ee70e01aefc2209bcb1fc130bf43d03e8b23e69ba106e56a5e18
780d80b6970b775789f72098f87fdb4dd01f9e0f442d1150de9fc138fd3527ef
7b9503613fa193ff1916b081ffbd337f99d996fc093ea64b1d20be30487f6344
7f71495837225d5a5c72c6857f8be0b12cbb731d61d6df5de59b534ed74d8667
83e6e76b497a84ca5b03725b62e0e604eb5a4b3de1d1638c1d58d188f3fdecff
8693f2b577cc8be746ee3c70abb0c6395bfff85134616ef261ef96be0cd7183d
944ab414abd7379509535f0f7422544deaf2a4d19b9fbee4ef9bd1b6b02b3dcd
95388af53a8cd7629e89507947f9d777661e608638b271a8f573a8a3e4e61a6a
953c39b93c46656e2d25a28dd13379498f98e991a78f682c4a42c951bc87a0f2
994f78e7f3d4681ecff4cf8ac7ec38238097fd8e3d2bbe8cb95dc11ca6901422
9c2f0d51412c28aec3e98c0e0feb20efb25c95bc6904ac28fa76e06701017e05
a0371d4fc59a21c844b13e45055c533e2410c7238808a8378e5f57d13f1db958
a4fe8e81e5e3f4f1f882db5644ac96c305f269201c35fb1f17fccc2c1e2e49aa
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b48052f4f35f17e5830a0d0559270c14655a17ce76a40fdd9ed7b4f0cbdf7d11
b5a893ad37d0f7a5b13054416e66b63ca1d84c62b67d4cc963e372908f306e7c
bd73184ee2876a9f6c6620cd30c6208b27e975582c98d20a5f66be72bd07d2d5
c359b1141bf5ff2a25d2004947ce1a7b99f4b32ff79afdf5824223065a206e1f
cca8ce472cbf8c44acf7ac24067c2d6075acd1e0cd4c9003de6055289ac5c68a
cdf7df0e5857bbde270d0998a89f3506f434bb401130ef8f5c6b5bf706c5e096
de77c9c4430d58981aa49bf2774059da853ca9a701c763155f44cf21585900c2
df3a984b51aea2520101dc7c9088fe3201a813c9b838171efc95c07a4fc6a0cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efd854d2ef56e1353cf3e59f27a97733825ec7135e3cdbfbe84e115051f22b5b
f10c4e55bdf35723edbc94a8b80eea22a9223c391a06850994ecdf866b2b3bd5
f3007819048135c7f71fb58bcecd1877a858011db9e28ce84262aeef8242a5c0